Aller au contenu

roleb

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    42

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par roleb

  1. roleb
    sa ne marche pas
  2. roleb
    je vais essayèe. 2 OU 3 FOIS...............J'ai essayé f5 f8 et derniere bonne utilisation connue mais tjr la meme chose,; apres le mot de passe, ecran noir un long moment puis deconnection
  3. roleb
    OUI j'ai essayé de redemarrer..............meme probleme
  4. roleb
    oui je suis sur un autre pc. a l'allumage de l'ordi, j'ai 4 utilisateurs; je clique sur mon nom, saisie mon mot de passe puis normalement mon bureau s'ouvre....... MAIS pas la impossible d'ouvrir n'importe quels utilisateurs....deconnexion automatique... AVEC COMME Message "enregistrement de vos parametres"............... Dc voila la grosse GALEREEEEEEEEEEEEEEEEEEEEEEEEEEE
  5. roleb
    HELPPPPPPPPPPPPPPPPPP !!!!! suite a combofix, mon ordi s'est redemarré mais je n'ai plus rien du tout !!!!!!!!!!!!!!!!!!!!!!!!!!!! il me demande mon mot de passe, je valide....ecran noir puis se deconnecte tout seul. dc impossible de me servir de mon pc
  6. roleb
    Logfile of random's system information tool 1.06 (written by random/random) Run by carole at 2009-04-05 15:45:51 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 5 GB (25%) free of 19 GB Total RAM: 375 MB (10% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:47:48, on 05/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system32\spoolsv.exe C:\windows\system32\drivers\KodakCCS.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\WgaTray.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\windows\Explorer.EXE C:\windows\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\QuickTime\qttask.exe C:\windows\System32\drivers\rsvp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\windows\system32\wuauclt.exe C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\3KD7MA4S\RSIT[1].exe C:\Documents and Settings\carole\Bureau\carole.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F3 - REG:win.ini: load=C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\MICROS~1\rsvp.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [spool] C:\DOCUME~1\carole\LOCALS~1\Temp\spoolsv.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [rsvp] C:\windows\System32\drivers\rsvp.exe /waitservice O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Mstsc] C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\mstsc.exe /waitservice (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [DllHst] C:\windows\System\dllhst3g.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Mstsc] C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\mstsc.exe /waitservice (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe -- End of file - 4271 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-06-28 155648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Spool"=C:\DOCUME~1\carole\LOCALS~1\Temp\spoolsv.exe [2009-03-31 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-06-02 1660952] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "rsvp"=C:\windows\System32\drivers\rsvp.exe [2009-03-31 86016] C:\Documents and Settings\carole\Menu Démarrer\Programmes\Démarrage Outil de notification Live Search.lnk - C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\windows\system32\WgaLogon.dll [2008-09-06 267304] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus" "C:\Documents and Settings\carole\Local Settings\Temp\~temp\mdnk52\mdm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~temp\mdnk52\mdm.exe:*:Disabled:mdm" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" ======List of files/folders created in the last 1 months====== 2009-04-05 14:14:47 ----A---- C:\cleannavi.txt 2009-04-05 14:11:14 ----A---- C:\TB.txt 2009-04-04 22:22:10 ----AD---- C:\Program Files\Furnish Pro 2009-04-04 22:03:30 ----A---- C:\windows\logman.exe 2009-04-04 22:00:03 ----A---- C:\Documents and Settings\carole\Application Data\dllhst3g.exe 2009-04-04 21:40:47 ----D---- C:\ToolBar SD 2009-04-04 21:20:34 ----D---- C:\_OTMoveIt 2009-04-04 21:09:54 ----A---- C:\fixnavi.txt 2009-04-04 21:08:29 ----D---- C:\Program Files\Navilog1 2009-04-04 19:59:03 ----D---- C:\Documents and Settings\All Users\Application Data\HipSoft 2009-04-04 19:53:37 ----D---- C:\Program Files\Oberon Media 2009-04-04 19:53:35 ----D---- C:\Program Files\M6 Jeux 2009-04-04 17:51:46 ----D---- C:\Documents and Settings\carole\Application Data\Malwarebytes 2009-04-04 17:51:27 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-04-04 17:51:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-04 16:55:03 ----D---- C:\rsit 2009-03-30 20:00:39 ----D---- C:\Program Files\LUXYA WC-1300 Corporation 2009-03-30 20:00:11 ----A---- C:\windows\system32\VMSnap23.exe 2009-03-30 20:00:10 ----A---- C:\windows\system32\VMCap323.exe 2009-03-30 20:00:05 ----A---- C:\windows\system32\Domino.exe 2009-03-30 20:00:01 ----D---- C:\windows\CatRoot 2009-03-30 19:59:58 ----D---- C:\Program Files\STV 2009-03-30 18:53:30 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia 2009-03-29 12:24:41 ----D---- C:\Documents and Settings\carole\Application Data\Yahoo! 2009-03-29 12:24:41 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2009-03-29 12:24:31 ----D---- C:\Program Files\Yahoo! 2009-03-29 12:24:17 ----D---- C:\Program Files\CCleaner 2009-03-23 14:43:32 ----D---- C:\Program Files\Panda Security 2009-03-22 17:18:58 ----RHD---- C:\Documents and Settings\carole\Application Data\SecuROM 2009-03-21 09:39:09 ----A---- C:\windows\system32\aswBoot.exe 2009-03-20 19:17:02 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-03-20 12:50:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-03-11 14:05:24 ----HDC---- C:\windows\$NtUninstallKB960225$ 2009-03-11 14:04:42 ----HDC---- C:\windows\$NtUninstallKB938464-v2$ 2009-03-11 14:03:56 ----HDC---- C:\windows\$NtUninstallKB958690$ ======List of files/folders modified in the last 1 months====== 2009-04-05 14:55:06 ----D---- C:\WINDOWS 2009-04-05 14:25:19 ----D---- C:\windows\Temp 2009-04-05 14:22:07 ----D---- C:\windows\system32 2009-04-05 14:20:01 ----D---- C:\windows\Prefetch 2009-04-05 14:16:34 ----N---- C:\windows\SchedLgU.Txt 2009-04-05 14:08:23 ----D---- C:\windows\system32\drivers 2009-04-05 14:01:41 ----SD---- C:\Documents and Settings\carole\Application Data\Microsoft 2009-04-05 14:01:41 ----D---- C:\windows\system 2009-04-05 10:53:59 ----RD---- C:\Program Files 2009-04-04 23:56:25 ----D---- C:\windows\system32\CatRoot2 2009-04-04 20:39:30 ----D---- C:\Program Files\BarreConfCMCIC 2009-04-04 20:30:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-04-02 12:44:13 ----SHD---- C:\windows\Installer 2009-03-31 19:51:14 ----A---- C:\Documents and Settings\carole\Application Data\rsvp.exe 2009-03-30 20:43:32 ----A---- C:\windows\win.ini 2009-03-30 20:30:28 ----HD---- C:\windows\inf 2009-03-30 20:08:14 ----RSHDC---- C:\windows\system32\dllcache 2009-03-30 20:00:57 ----HD---- C:\Program Files\InstallShield Installation Information 2009-03-30 19:59:58 ----SD---- C:\windows\Downloaded Program Files 2009-03-30 19:59:56 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-03-29 12:44:11 ----D---- C:\windows\Debug 2009-03-29 12:44:03 ----D---- C:\windows\Minidump 2009-03-29 12:18:06 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-29 12:18:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-29 10:15:59 ----A---- C:\windows\system32\PerfStringBackup.INI 2009-03-24 20:53:13 ----D---- C:\windows\system32\CatRoot 2009-03-23 16:06:26 ----D---- C:\Documents and Settings\carole\Application Data\HPAppData 2009-03-22 11:37:26 ----D---- C:\windows\system32\inetsrv 2009-03-20 13:26:33 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-03-20 13:25:49 ----D---- C:\Program Files\Adobe 2009-03-15 00:22:18 ----D---- C:\Program Files\Microsoft Picture It! PhotoPub 2009-03-13 22:45:27 ----D---- C:\Program Files\Vuze 2009-03-13 22:44:56 ----D---- C:\Documents and Settings\carole\Application Data\Azureus 2009-03-11 14:04:45 ----D---- C:\windows\WinSxS 2009-03-11 10:40:18 ----HD---- C:\windows\$hf_mig$ 2009-03-10 12:36:14 ----D---- C:\Program Files\eMule ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2009-02-05 26944] R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 DcCam;Kodak Camera Proxy; C:\windows\System32\DRIVERS\DcCam.sys [2003-06-18 36826] R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2009-02-05 94032] R2 DCFS2K;Kodak DCFS2K Driver; C:\windows\system32\drivers\dcfs2k.sys [2003-06-18 38997] R2 Fallback;Fallback; C:\windows\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887] R2 Fsks;Fsks; C:\windows\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807] R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 K56;K56; C:\windows\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199] R2 SoftFax;SoftFax; C:\windows\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711] R2 Tones;Tones; C:\windows\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751] R2 V124;V124; C:\windows\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383] R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-02-05 23152] R3 basic2;basic2; C:\windows\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167] R3 hsf_msft;hsf_msft; C:\windows\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879] R3 Rksample;Rksample; C:\windows\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-08-28 5888] R3 S3SavageNB;S3SavageNB; C:\windows\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912] R3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\windows\System32\DRIVERS\usb8023.sys [2008-04-13 12800] R3 usbhub;Concentrateur USB2; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VIAudio;Contrôleur audio VIA AC'97 (WDM); C:\windows\system32\drivers\ac97via.sys [2004-08-03 84480] S1 Exportit;Exportit; C:\windows\System32\DRIVERS\exportit.sys [2003-06-18 138485] S3 catchme;catchme; \??\C:\DOCUME~1\carole\LOCALS~1\Temp\catchme.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cdiskdun;cdiskdun; \??\C:\DOCUME~1\benoit\LOCALS~1\Temp\cdiskdun.sys [] S3 DcFpoint;DcFpoint; C:\windows\System32\DRIVERS\DcFpoint.sys [2003-06-18 61568] S3 DcLps;Legacy Polling Service; C:\windows\System32\DRIVERS\DcLps.sys [2003-06-18 8058] S3 DcPTP;dcptp; C:\windows\System32\DRIVERS\DcPTP.sys [2003-06-18 63002] S3 hidusb;Pilote de classe HID Microsoft; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [2007-10-30 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [2007-10-30 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [2007-10-30 21568] S3 mouhid;Pilote HID de souris; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-28 12288] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\windows\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\windows\system32\DRIVERS\s117bus.sys [2007-06-25 82984] S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888] S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s117mdm.sys [2007-06-25 108456] S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264] S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\windows\system32\DRIVERS\s117nd5.sys [2007-06-25 22952] S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s117obex.sys [2007-06-25 98344] S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\windows\system32\DRIVERS\s117unic.sys [2007-06-25 98856] S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur; C:\windows\System32\Drivers\StMp3Rec.sys [2006-01-20 71358] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbbus;LGE Mobile Composite USB Device; C:\windows\System32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\System32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\windows\System32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\System32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\windows\System32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 vmfilter323;323 filter service, Normal; C:\windows\system32\drivers\vmfilter323.sys [2007-09-19 476672] S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC326;LUXYA WC-1300 USB2.0 PC Camera; C:\windows\System32\Drivers\usbvm323.sys [2006-12-26 259968] S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 KodakCCS;Kodak Camera Connection Software; C:\windows\system32\drivers\KodakCCS.exe [2003-06-18 294972] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2009-01-19 69120] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-05 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S4 ScsiAccess;ScsiAccess; C:\WINDOWS\System32\ScsiAccess.EXE [2003-02-04 181312] -----------------EOF-----------------
  7. roleb
    -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : PhoenixBIOS 4.0 Release 6.0.1 USER : carole ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090405-0] 4.8.1335 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go) D:\ (Local Disk) - NTFS - Total:27 Go (Free:21 Go) E:\ (CD or DVD) F:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 05/04/2009|14:23 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (carole) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.aliceadsl.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 04/04/2009|21:44 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 05/04/2009|14:13 - Option : [2] 3 - "C:\ToolBar SD\TB_3.txt" - 05/04/2009|14:30 - Option : [2] -----------\\ Fin du rapport a 14:30:37,63 Clean Navipromo version 3.7.6 commencé le 05/04/2009 à 14:14:47,81 Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : PhoenixBIOS 4.0 Release 6.0.1 USER : carole ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090405-0] 4.8.1335 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go) D:\ (Local Disk) - NTFS - Total:27 Go (Free:21 Go) E:\ (CD or DVD) F:\ (CD or DVD) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\windows\System32" * * Suppression dans "C:\Documents and Settings\carole\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\audrey\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\papa\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\thomas\locals~1\applic~1" * *** Suppression dossiers dans "C:\windows" *** *** Suppression dossiers dans "C:\Program Files" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\carole\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\audrey\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\papa\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\thomas\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\carole\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\audrey\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\papa\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\thomas\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\carole\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\audrey\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\papa\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\DOCUME~1\thomas\menudm~1\progra~1" *** *** Suppression fichiers *** *** Suppression fichiers temporaires *** Nettoyage contenu C:\windows\Temp effectué ! Nettoyage contenu C:\Documents and Settings\carole\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\windows\system32" * * Dans "C:\Documents and Settings\carole\locals~1\applic~1" * * Dans "C:\DOCUME~1\audrey\locals~1\applic~1" * * Dans "C:\DOCUME~1\papa\locals~1\applic~1" * * Dans "C:\DOCUME~1\thomas\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 05/04/2009 à 14:22:07,75 ***
  8. roleb
    Malwarebytes' Anti-Malware 1.35 Version de la base de données: 1939 Windows 5.1.2600 Service Pack 3 05/04/2009 14:01:42 mbam-log-2009-04-05 (14-01-42).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 129219 Temps écoulé: 2 hour(s), 25 minute(s), 19 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 15 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239} (Adware.Gamesbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6f282b65-56bf-4bd1-a8b2-a4449a05863d} (Adware.Gamesbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\IEudinit (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\mstinit (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\carole\Local Settings\Application Data\acycg_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\acycg_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\acycg.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\ocyki_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\ocyki_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\ocyki.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. D:\System Volume Information\_restore{9B0E07FC-353A-40D7-9B9B-E0850E4ACAF6}\RP288\A0079419.exe (Adware.Navipromo) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Application Data\Microsoft\ieudinit.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\comrepl.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\mstinit.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\comrepl.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Application Data\Microsoft\mstinit.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\carole\Local Settings\Application Data\Microsoft\spoolsv.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\EoRezo (Rogue.Eorezo) -> Delete on reboot. C:\WINDOWS\system\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
  9. roleb
    OK OK
  10. roleb
    oui mais il fallait vous envoyé les rapports avant de passer à l'option 2...j'avais peur de faire une betise dc...je le relance en etape 2 ou pas ?
  11. roleb
    bonjour Gof desolée pour le désordre des manipulations, mais navilog ne voulais pas se lancer au départ...donc j'ai effectué l'étape suivante, puis suis revenue a navilog , qui a fonctionné normalement... je ne pensais pas qu'il y aurait peut etre des conséquences..dsl Le scan malwaresbytes est en cours mais trés long... je vous envoie sa dès que possible
  12. roleb
    earch Navipromo version 3.7.6 commencé le 05/04/2009 à 9:22:26,46 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : PhoenixBIOS 4.0 Release 6.0.1 USER : carole ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090405-0] 4.8.1335 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:19 Go (Free:4 Go) D:\ (Local Disk) - NTFS - Total:27 Go (Free:21 Go) E:\ (CD or DVD) F:\ (CD or DVD) Recherche executé en mode normal *** Recherche dossiers dans "C:\windows" *** *** Recherche dossiers dans "C:\Program Files" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\carole\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\audrey\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\papa\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\thomas\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\carole\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\audrey\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\papa\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\thomas\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\carole\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\audrey\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\papa\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\DOCUME~1\thomas\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\windows\system32" * * Recherche dans "C:\Documents and Settings\carole\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\audrey\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\papa\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\thomas\locals~1\applic~1" * *** Recherche fichiers *** *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! HKEY_CURRENT_USER\Software\Lanconfig *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\windows\system32" : * Dans "C:\Documents and Settings\carole\locals~1\applic~1" : acycg.dat trouvé ! acycg_nav.dat trouvé ! acycg_navps.dat trouvé ! ocyki.dat trouvé ! ocyki_nav.dat trouvé ! ocyki_navps.dat trouvé ! * Dans "C:\DOCUME~1\audrey\locals~1\applic~1" : * Dans "C:\DOCUME~1\papa\locals~1\applic~1" : * Dans "C:\DOCUME~1\thomas\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup trouvé ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 05/04/2009 à 10:02:42,65 ***
  13. roleb
    Error: Unable to interpret <deb> in the current context! ========== PROCESSES ========== Unable to kill process: mqtgsvc.exe ========== SERVICES/DRIVERS ========== Service\Driver ASKService not found. Service\Driver ASKService not found. Service\Driver ASKUpgrade not found. Service\Driver ASKUpgrade not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk33\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk35\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk36\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk37\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk42\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk44\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk45\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk46\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk47\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk48\mdmm.exe not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk50\mdmm.exe not found. ========== FILES ========== File/Folder C:\Documents and Settings\carole\Application Data\mqtgsvc.exe not found. File/Folder C:\Documents and Settings\carole\Application Data\dllhst3g.exe not found. File/Folder C:\Documents and Settings\carole\Application Data\EoRezo not found. File/Folder C:\Documents and Settings\carole\Application Data\Microsoft\spoolsv.exe not found. File/Folder C:\Documents and Settings\carole\Application Data\Microsoft\cisvc.exe not found. File/Folder C:\Documents and Settings\carole\Local Settings\Application Data\clipsrv.exe not found. File/Folder C:\Documents and Settings\carole\Local Settings\Temp\ieudinit.exe not found. File/Folder c:\documents and settings\carole\local settings\application data\acycg.exe not found. File/Folder C:\windows\dllhst3g.exe not found. File/Folder C:\windows\cisvc.exe not found. File/Folder C:\windows\System32\drivers\rsvp.exe not found. File/Folder C:\Program Files\AskBarDis not found. File/Folder C:\Program Files\Platrium not found. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\carole\LOCALS~1\Temp\~DF21AF.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\ads[3].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\AP_ADV_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\ban_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\hp[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\iframe[2].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\rectangle_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\ONXSGZVO\AP_ADV_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\ONXSGZVO\AP_CPL_300x250[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\ONXSGZVO\rapport-hidjack-t161446[2].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\NZ7A0CCO\AP_CPL_728x90[1].htm scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. Network Service Temporary Internet Files folder emptied. File delete failed. C:\windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot. File delete failed. C:\windows\temp\Perflib_Perfdata_5a0.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04042009_212532 Files moved on Reboot... File C:\DOCUME~1\carole\LOCALS~1\Temp\catchme.dll not found! C:\DOCUME~1\carole\LOCALS~1\Temp\~DF21AF.tmp moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\ads[3].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\AP_ADV_300x250[1].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\ban_728x90[1].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\hp[1].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\iframe[2].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\Z07232R0\rectangle_300x250[1].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\ONXSGZVO\AP_ADV_728x90[1].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\ONXSGZVO\AP_CPL_300x250[1].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\ONXSGZVO\rapport-hidjack-t161446[2].htm moved successfully. C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\NZ7A0CCO\AP_CPL_728x90[1].htm moved successfully. File C:\Documents and Settings\carole\Local Settings\Temporary Internet Files\Content.IE5\NZ7A0CCO\OTMoveIt3[1].exe not found!
  14. roleb
    MERCI POUT VOTRE AIDE...EN TOUT CAS.. JE CONTINUE AVEC LES AUTRES RAPPORTS -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : PhoenixBIOS 4.0 Release 6.0.1 USER : carole ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1335 [VPS 090404-0] 4.8.1335 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:19 Go (Free:5 Go) D:\ (Local Disk) - NTFS - Total:27 Go (Free:21 Go) E:\ (CD or DVD) F:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [1] ( 04/04/2009|21:41 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\windows\Prefetch\BUILDALOT3.EXE-1F15D2B4.pf C:\DOCUME~1\carole\APPLIC~1\Platrium C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherStartup.xml C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\Weather_XML C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA\Links C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA\WeatherPreferences C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML\Display C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML\Loading C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML\screen2 C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\Weather_XML\Default C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\Weather_XML\Genera1 C:\DOCUME~1\carole\APPLIC~1\Platrium\Weather\Weather_XML\General C:\DOCUME~1\thomas\APPLIC~1\Platrium C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherStartup.xml C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\Weather_XML C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA\Links C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA\WeatherPreferences C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML\Display C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML\Loading C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\WeatherDPA\Weather_XML\screen2 C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\Weather_XML\Default C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\Weather_XML\Genera1 C:\DOCUME~1\thomas\APPLIC~1\Platrium\Weather\Weather_XML\General C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Platrium C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlatriumSA C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlatriumSA\PlatriumSA.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlatriumSA\PlatriumSAAbout.mht C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlatriumSA\PlatriumSAau.dat C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlatriumSA\PlatriumSAEula.mht C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlatriumSA\PlatriumSA_kyf_update.dat -----------\\ Extensions (carole) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.aliceadsl.fr/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "SearchMigratedDefaultURL"="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\acycg.dat C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\acycg_nav.dat C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\acycg_navps.dat C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\ocyki.dat C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\ocyki_nav.dat C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\ocyki_navps.dat ==> EGDACCESS <== 1 - "C:\ToolBar SD\TB_1.txt" - 04/04/2009|21:44 - Option : [1] -----------\\ Fin du rapport a 21:44:18,21
  15. roleb
    voici les deux rapports de RSIT Logfile of random's system information tool 1.06 (written by random/random) Run by carole at 2009-04-04 16:55:03 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 5 GB (27%) free of 19 GB Total RAM: 375 MB (17% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:56:14, on 04/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system32\spoolsv.exe C:\windows\system32\drivers\KodakCCS.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\windows\System32\svchost.exe C:\windows\system32\WgaTray.exe C:\windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\QuickTime\qttask.exe C:\DOCUME~1\carole\APPLIC~1\mqtgsvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\carole\Bureau\HiJackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\carole\Bureau\RSIT.exe C:\Documents and Settings\carole\Bureau\carole.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F3 - REG:win.ini: load=C:\DOCUME~1\carole\APPLIC~1\mqtgsvc.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [spool] C:\DOCUME~1\carole\APPLIC~1\MICROS~1\spoolsv.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [DllHst] C:\DOCUME~1\carole\APPLIC~1\dllhst3g.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [ClipSrv] C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [DllHst] C:\windows\dllhst3g.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [Cisvc] C:\DOCUME~1\carole\APPLIC~1\MICROS~1\cisvc.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [iEudinit] C:\DOCUME~1\carole\LOCALS~1\Temp\ieudinit.exe /waitservice O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [Cisvc] C:\windows\cisvc.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [Cisvc] C:\windows\cisvc.exe /waitservice (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe -- End of file - 4416 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-06-28 155648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Spool"=C:\DOCUME~1\carole\APPLIC~1\MICROS~1\spoolsv.exe [2009-03-31 86016] "DllHst"=C:\DOCUME~1\carole\APPLIC~1\dllhst3g.exe [2009-03-31 86016] "ClipSrv"=C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\clipsrv.exe [2009-03-31 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-06-02 1660952] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "DllHst"=C:\windows\dllhst3g.exe [2009-03-31 86016] "Cisvc"=C:\DOCUME~1\carole\APPLIC~1\MICROS~1\cisvc.exe [2009-03-31 86016] "IEudinit"=C:\DOCUME~1\carole\LOCALS~1\Temp\ieudinit.exe [2009-03-31 86016] C:\Documents and Settings\carole\Menu Démarrer\Programmes\Démarrage Outil de notification Live Search.lnk - C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\windows\system32\WgaLogon.dll [2008-09-06 267304] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk33\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk33\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk35\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk35\mdmm.exe:*:Disabled:mdmm" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk36\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk36\mdmm.exe:*:Disabled:mdmm" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk37\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk37\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk42\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk42\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk44\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk44\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk45\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk45\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk46\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk46\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk47\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk47\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk48\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk48\mdmm.exe:*:Disabled:mdmm" "C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk50\mdmm.exe"="C:\Documents and Settings\carole\Local Settings\Temp\~tmp\mdnk50\mdmm.exe:*:Disabled:mdmm" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" ======List of files/folders created in the last 1 months====== 2009-04-04 16:55:03 ----D---- C:\rsit 2009-04-04 14:34:29 ----A---- C:\windows\cisvc.exe 2009-04-01 15:41:24 ----A---- C:\Documents and Settings\carole\Application Data\dllhst3g.exe 2009-03-30 20:00:39 ----D---- C:\Program Files\LUXYA WC-1300 Corporation 2009-03-30 20:00:11 ----A---- C:\windows\system32\VMSnap23.exe 2009-03-30 20:00:10 ----A---- C:\windows\system32\VMCap323.exe 2009-03-30 20:00:05 ----A---- C:\windows\system32\Domino.exe 2009-03-30 20:00:01 ----D---- C:\windows\CatRoot 2009-03-30 19:59:58 ----D---- C:\Program Files\STV 2009-03-30 18:53:30 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia 2009-03-29 12:24:41 ----D---- C:\Documents and Settings\carole\Application Data\Yahoo! 2009-03-29 12:24:41 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2009-03-29 12:24:31 ----D---- C:\Program Files\Yahoo! 2009-03-29 12:24:17 ----D---- C:\Program Files\CCleaner 2009-03-23 19:25:28 ----A---- C:\Documents and Settings\carole\Application Data\mqtgsvc.exe 2009-03-23 16:42:31 ----A---- C:\windows\dllhst3g.exe 2009-03-23 14:43:32 ----D---- C:\Program Files\Panda Security 2009-03-22 17:18:58 ----RHD---- C:\Documents and Settings\carole\Application Data\SecuROM 2009-03-21 09:39:09 ----A---- C:\windows\system32\aswBoot.exe 2009-03-20 19:17:02 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-03-20 12:50:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-03-11 14:05:24 ----HDC---- C:\windows\$NtUninstallKB960225$ 2009-03-11 14:04:42 ----HDC---- C:\windows\$NtUninstallKB938464-v2$ 2009-03-11 14:03:56 ----HDC---- C:\windows\$NtUninstallKB958690$ ======List of files/folders modified in the last 1 months====== 2009-04-04 16:55:02 ----D---- C:\windows\Prefetch 2009-04-04 15:56:34 ----D---- C:\WINDOWS 2009-04-04 13:54:17 ----D---- C:\windows\Temp 2009-04-04 13:32:58 ----N---- C:\windows\SchedLgU.Txt 2009-04-04 12:26:58 ----SD---- C:\Documents and Settings\carole\Application Data\Microsoft 2009-04-03 15:50:44 ----D---- C:\windows\system32\CatRoot2 2009-04-02 12:44:13 ----SHD---- C:\windows\Installer 2009-04-02 12:43:15 ----RD---- C:\Program Files 2009-03-30 20:51:53 ----D---- C:\windows\system32 2009-03-30 20:43:32 ----A---- C:\windows\win.ini 2009-03-30 20:30:28 ----HD---- C:\windows\inf 2009-03-30 20:08:14 ----RSHDC---- C:\windows\system32\dllcache 2009-03-30 20:07:46 ----D---- C:\windows\system32\drivers 2009-03-30 20:00:57 ----HD---- C:\Program Files\InstallShield Installation Information 2009-03-30 19:59:58 ----SD---- C:\windows\Downloaded Program Files 2009-03-30 19:59:56 ----D---- C:\Program Files\Fichiers communs\InstallShield 2009-03-30 17:04:42 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-03-29 12:44:11 ----D---- C:\windows\Debug 2009-03-29 12:44:03 ----D---- C:\windows\Minidump 2009-03-29 12:18:06 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-29 12:18:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-29 10:15:59 ----A---- C:\windows\system32\PerfStringBackup.INI 2009-03-24 20:53:13 ----D---- C:\windows\system32\CatRoot 2009-03-23 16:31:05 ----D---- C:\Documents and Settings\carole\Application Data\EoRezo 2009-03-23 16:06:26 ----D---- C:\Documents and Settings\carole\Application Data\HPAppData 2009-03-22 11:37:26 ----D---- C:\windows\system32\inetsrv 2009-03-20 13:26:33 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-03-20 13:25:49 ----D---- C:\Program Files\Adobe 2009-03-15 00:22:18 ----D---- C:\Program Files\Microsoft Picture It! PhotoPub 2009-03-13 22:45:27 ----D---- C:\Program Files\Vuze 2009-03-13 22:44:56 ----D---- C:\Documents and Settings\carole\Application Data\Azureus 2009-03-11 14:04:45 ----D---- C:\windows\WinSxS 2009-03-11 10:40:18 ----HD---- C:\windows\$hf_mig$ 2009-03-10 12:36:14 ----D---- C:\Program Files\eMule ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2009-02-05 26944] R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 DcCam;Kodak Camera Proxy; C:\windows\System32\DRIVERS\DcCam.sys [2003-06-18 36826] R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2009-02-05 94032] R2 DCFS2K;Kodak DCFS2K Driver; C:\windows\system32\drivers\dcfs2k.sys [2003-06-18 38997] R2 Fallback;Fallback; C:\windows\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887] R2 Fsks;Fsks; C:\windows\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807] R2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 K56;K56; C:\windows\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199] R2 SoftFax;SoftFax; C:\windows\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711] R2 Tones;Tones; C:\windows\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751] R2 V124;V124; C:\windows\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383] R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-02-05 23152] R3 basic2;basic2; C:\windows\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167] R3 hsf_msft;hsf_msft; C:\windows\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879] R3 Rksample;Rksample; C:\windows\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-08-28 5888] R3 S3SavageNB;S3SavageNB; C:\windows\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912] R3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\windows\System32\DRIVERS\usb8023.sys [2008-04-13 12800] R3 usbhub;Concentrateur USB2; C:\windows\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\windows\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VIAudio;Contrôleur audio VIA AC'97 (WDM); C:\windows\system32\drivers\ac97via.sys [2004-08-03 84480] S1 Exportit;Exportit; C:\windows\System32\DRIVERS\exportit.sys [2003-06-18 138485] S3 CCDECODE;Décodeur sous-titre fermé; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 cdiskdun;cdiskdun; \??\C:\DOCUME~1\benoit\LOCALS~1\Temp\cdiskdun.sys [] S3 DcFpoint;DcFpoint; C:\windows\System32\DRIVERS\DcFpoint.sys [2003-06-18 61568] S3 DcLps;Legacy Polling Service; C:\windows\System32\DRIVERS\DcLps.sys [2003-06-18 8058] S3 DcPTP;dcptp; C:\windows\System32\DRIVERS\DcPTP.sys [2003-06-18 63002] S3 hidusb;Pilote de classe HID Microsoft; C:\windows\System32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\System32\DRIVERS\HPZid412.sys [2007-10-30 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\System32\DRIVERS\HPZipr12.sys [2007-10-30 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\System32\DRIVERS\HPZius12.sys [2007-10-30 21568] S3 mouhid;Pilote HID de souris; C:\windows\System32\DRIVERS\mouhid.sys [2001-08-28 12288] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\windows\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\windows\system32\DRIVERS\s117bus.sys [2007-06-25 82984] S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888] S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s117mdm.sys [2007-06-25 108456] S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264] S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\windows\system32\DRIVERS\s117nd5.sys [2007-06-25 22952] S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s117obex.sys [2007-06-25 98344] S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\windows\system32\DRIVERS\s117unic.sys [2007-06-25 98856] S3 SLIP;Détrameur décalage BDA; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur; C:\windows\System32\Drivers\StMp3Rec.sys [2006-01-20 71358] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbaudio;Pilote USB audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbbus;LGE Mobile Composite USB Device; C:\windows\System32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 usbccgp;Pilote parent générique USB Microsoft; C:\windows\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\System32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\windows\System32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\windows\System32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\windows\System32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\windows\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 vmfilter323;323 filter service, Normal; C:\windows\system32\drivers\vmfilter323.sys [2007-09-19 476672] S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC326;LUXYA WC-1300 USB2.0 PC Camera; C:\windows\System32\Drivers\usbvm323.sys [2006-12-26 259968] S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 KodakCCS;Kodak Camera Connection Software; C:\windows\system32\drivers\KodakCCS.exe [2003-06-18 294972] R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-05 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S4 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264] S4 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888] S4 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2009-01-19 69120] S4 ScsiAccess;ScsiAccess; C:\WINDOWS\System32\ScsiAccess.EXE [2003-02-04 181312] -----------------EOF----------------- et le second... info.txt logfile of random's system information tool 1.06 2009-04-04 16:56:26 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} 3DVIA Player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} Alice Auto-diagnostic-->C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe Analyseur et SDK XML Microsoft-->MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07} aspi-->MsiExec.exe /I{015E4B8A-29B5-4AE3-BD08-38220FADFF4C} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Atlas mondial Microsoft Encarta 2001-->MsiExec.exe /I{02020202-5D65-445A-B3B4-3DCE72BA0C6C} Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe" avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Barre de confiance CM-CIC-->"C:\Program Files\BarreConfCMCIC\Setup.exe" -u Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0} DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC eoEngine 7.0-->"C:\Program Files\EoRezo\unins000.exe" ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97} ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9} ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6} ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619} ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4} ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A} ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD} ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765} ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5} ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567} ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69} ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1} Favorit-->"c:\documents and settings\carole\local settings\application data\acycg.exe" -uninstall Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall HijackThis 2.0.2-->"C:\Documents and Settings\carole\Bureau\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat Installation de Microsoft Works Suite 2001-->C:\Program Files\Microsoft Works Suite 2001\Setup\Launcher.exe E:\ Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267} L&H TTS3000 British English-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSENG.inf, Uninstall L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall LG USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly Logiciel Kodak EasyShare-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_3c0002_2cc892\Setup.exe /APR-REMOVE LUXYA WC-1300 USB2.0 PC Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{36820BCA-FC55-452E-9085-6E6F1F55508D}\setup.exe" -l0x40c Macro complémentaire Microsoft Word pour Works Suite-->MsiExec.exe /I{075FD178-5DC9-45A3-A64E-43FC90CA7C64} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft AutoRoute 2001-->MsiExec.exe /I{4D719053-5593-11D3-8F25-0060085C1758} Microsoft Excel 2000 SR-1-->MsiExec.exe /I{0011040C-78E1-11D2-B60F-006097C998E7} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft Picture It! Photo 2001-->MsiExec.exe /I{D28FDA7D-15C6-48A2-9868-6BCB28BE6254} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Word 2000 SR-1-->MsiExec.exe /I{0017040C-78E1-11D2-B60F-006097C998E7} Microsoft Works 6.0-->MsiExec.exe /I{75DEB69B-4B6C-11D4-B0CE-00AA00BCC218} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\windows\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\windows\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2} OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Packard Bell Data Secure-->C:\APPS\DataSecure\Uninstall.exe Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D} Platrium-->"C:\Program Files\Platrium\bin\1.2.103.0\PlatriumUninstaller.exe" Web QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} /l1036 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314} SFR2-->MsiExec.exe /I{ABE068DF-8DC4-4947-ABFC-DD2B40850225} SigmaTel MSCN Audio Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}\setup.exe" -l0x9 SigmaTel MSCN Audio Player-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D53F7F05-4F17-4024-88C8-3C012E8555B4}\setup.exe" -l0x40c Sony Ericsson PC Suite-->MsiExec.exe /I{26B5D684-75D6-44B9-BBFF-D4100F43092A} VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Messenger 5.1-->MsiExec.exe /I{6E127288-02BD-4DB8-B46B-D9B2BB3C268C} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE =====HijackThis Backups===== O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2009-03-30] O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe [2009-03-30] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2009-03-30] O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-03-30] O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe [2009-03-30] O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [rsvp] C:\windows\System32\drivers\rsvp.exe /waitservice (User 'Default user') [2009-04-04] ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: avast! antivirus 4.8.1335 [VPS 090403-0] ======System event log====== Computer Name: BEANS-FEZTTX3SD Event Code: 7036 Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution. Record Number: 31513 Source Name: Service Control Manager Time Written: 20090303133927.000000+060 Event Type: Informations User: Computer Name: BEANS-FEZTTX3SD Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP. Record Number: 31512 Source Name: Service Control Manager Time Written: 20090303133924.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: BEANS-FEZTTX3SD Event Code: 7036 Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution. Record Number: 31511 Source Name: Service Control Manager Time Written: 20090303133757.000000+060 Event Type: Informations User: Computer Name: BEANS-FEZTTX3SD Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur. Record Number: 31510 Source Name: Service Control Manager Time Written: 20090303133757.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: BEANS-FEZTTX3SD Event Code: 7011 Message: Délai (30000 millisecondes) d'attente pour une réponse du service WZCSVC à une transaction. Record Number: 31509 Source Name: Service Control Manager Time Written: 20090303133728.000000+060 Event Type: erreur User: =====Application event log===== Computer Name: BEANS-FEZTTX3SD Event Code: 1001 Message: Échec de détection du produit '{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}', fonctionnalité 'MSXML4' lors de la demande du composant '{5617BF49-9195-4C35-B9AD-F8D165DE25BB}' Record Number: 2155 Source Name: MsiInstaller Time Written: 20080926155054.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: BEANS-FEZTTX3SD Event Code: 1001 Message: Échec de détection du produit '{26B5D684-75D6-44B9-BBFF-D4100F43092A}', fonctionnalité 'FE_ApplicationLauncher' lors de la demande du composant '{5617BF49-9195-4C35-B9AD-F8D165DE25BB}' Record Number: 2154 Source Name: MsiInstaller Time Written: 20080926155054.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: BEANS-FEZTTX3SD Event Code: 1001 Message: Échec de détection du produit '{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}', fonctionnalité 'MSXML4' lors de la demande du composant '{5617BF49-9195-4C35-B9AD-F8D165DE25BB}' Record Number: 2153 Source Name: MsiInstaller Time Written: 20080926155049.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: BEANS-FEZTTX3SD Event Code: 1001 Message: Échec de détection du produit '{26B5D684-75D6-44B9-BBFF-D4100F43092A}', fonctionnalité 'FE_ApplicationLauncher' lors de la demande du composant '{5617BF49-9195-4C35-B9AD-F8D165DE25BB}' Record Number: 2152 Source Name: MsiInstaller Time Written: 20080926155049.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: BEANS-FEZTTX3SD Event Code: 1001 Message: Échec de détection du produit '{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}', fonctionnalité 'MSXML4' lors de la demande du composant '{5617BF49-9195-4C35-B9AD-F8D165DE25BB}' Record Number: 2151 Source Name: MsiInstaller Time Written: 20080926155049.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 3 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=0301 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip "FP_NO_HOST_CHECK"=NO -----------------EOF-----------------
  16. roleb
    oui j'ai vu qu'il manqué quelque chose.. dc.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:15:04, on 04/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system32\spoolsv.exe C:\windows\system32\drivers\KodakCCS.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\windows\System32\svchost.exe C:\windows\system32\WgaTray.exe C:\windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\QuickTime\qttask.exe C:\DOCUME~1\carole\APPLIC~1\mqtgsvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\carole\Bureau\HiJackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F3 - REG:win.ini: load=C:\DOCUME~1\carole\APPLIC~1\mqtgsvc.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [spool] C:\DOCUME~1\carole\APPLIC~1\MICROS~1\spoolsv.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [DllHst] C:\DOCUME~1\carole\APPLIC~1\dllhst3g.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [ClipSrv] C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [DllHst] C:\windows\dllhst3g.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [Cisvc] C:\DOCUME~1\carole\APPLIC~1\MICROS~1\cisvc.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [iEudinit] C:\DOCUME~1\carole\LOCALS~1\Temp\ieudinit.exe /waitservice O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [rsvp] C:\windows\System32\drivers\rsvp.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [rsvp] C:\windows\System32\drivers\rsvp.exe /waitservice (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe -- End of file - 4344 bytes
  17. roleb
    Bonjour, besoin de conseil pour comprendre le rapport hidjack, et savoir quoi faire ensuite? MERCI DE VOTRE AIDE LE VOICI : Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system32\spoolsv.exe C:\windows\system32\drivers\KodakCCS.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\windows\System32\svchost.exe C:\windows\system32\WgaTray.exe C:\windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\QuickTime\qttask.exe C:\DOCUME~1\carole\APPLIC~1\mqtgsvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\carole\Bureau\HiJackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll F3 - REG:win.ini: load=C:\DOCUME~1\carole\APPLIC~1\mqtgsvc.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [spool] C:\DOCUME~1\carole\APPLIC~1\MICROS~1\spoolsv.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [DllHst] C:\DOCUME~1\carole\APPLIC~1\dllhst3g.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [ClipSrv] C:\DOCUME~1\carole\LOCALS~1\APPLIC~1\clipsrv.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [DllHst] C:\windows\dllhst3g.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [Cisvc] C:\DOCUME~1\carole\APPLIC~1\MICROS~1\cisvc.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [iEudinit] C:\DOCUME~1\carole\LOCALS~1\Temp\ieudinit.exe /waitservice O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [rsvp] C:\windows\System32\drivers\rsvp.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [rsvp] C:\windows\System32\drivers\rsvp.exe /waitservice (User 'Default user') O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\carole\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe -- End of file - 4344 bytes
×
×
  • Créer...