Henri L. Martel
-
Compteur de contenus
14 -
Inscription
-
Dernière visite
Henri L. Martel's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Connection de 2 disques durs
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Hardware
Merci a tous ceux qui m'ont approté leur solution pour mon problème... Vosus avez tous la même idée et je suis certain que c,est la meilleure car en plus de protéger mon PC...ca protège aussi ma garantie..... Quelqu,un peut-il me dire comment aller ajouter la mention : RÉSOLU......a ma demande initiale.. Continuez votre bon travail la gang.... -
Connection de 2 disques durs
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Hardware
-
Connection de 2 disques durs
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Hardware
Merci les gras de votre reponse qui est la meme solution a mon probleme...oui ce disque dur est bien en..IDE.....vais me procurer un de ces boitiers...tres important de protéger non seulement sa machine , mais aussi la garantie... salut a vs deux et merci de ces reponses si rapide.... -
J'avais un PC Acer Aspire T320 acheté en mars 2005....avec le Windows XP Familial SP3...Processeur de 280GHz ... RAM de 1.25Go...Disque dur de 80 Go... Pendant le processus de demarrage.il se plantait a tout bout de champ, rien a faire pour acceder a mes dossiers et programmes...Un technicien me dit que mon disque dur est sans aucune faille...mais la machine a pris de l,age quand meme.. J'ai acheté un autre PC..Acer Aspire M1202...avec Windows Vista Ed.Familiale Premium et SP2....Processeur AMD Phenom X3 8550 triple coeur de 2.20GHz.....Ram DDR2 de 3.0Go.....Disque dur de 640 Go, partitionné en`` C`` avec 225 Go libres, et en`` D`` avec 290 Go libres......Un lecteur graveur installé en ``E`....... Plus cinq positions de disques amovibles libres`en : F..G..H..I..J.. Comme je veux absolument aller recuperer mes fichiers de mon dossier Mes Documents enregistrés sur mon vieux disque dur...comment je dois faire pour connecter ce premier disque dur avec mon nouveau Pc..sans faire courir de risque a ma nouvelle machine.... Et suite a cette recuperation...me sera t-il possible d'effacer tout ce qui se trouve sur ce vieux disque dur et de m'en servir pour y stocker des fichiers de videos de musique et aussi de MP3 et autres fotos numeriques.. J'espere que ces explications sont assez claires et precises pour me venir en aide.. Merci de toute l'aide et conseils que vous m'apporterez
-
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
Bonjour mon ami zébulonien...j'ai deja imprimé toutes tes instructios et conseils que je sais être judicieux comme d'habitude... Je vais me faire un devoir de les suivre a la lettre car la bonne performance de mon système est essentielle pour moi... Je vais aller faire le nécessaire en ce qui concerne ce : RÉSOLU....J'ESPERE Y ARRIVER... ENCORE UNE FOIS DE TRES GROS MERCIS POUR TOUT CE QUE TU AS FAIT POUR MOI.....TU ES UN AS EN LA MATIÈRE...bRAVO... -
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
Salut...j'ai imprimé tes instructions et ai tout fait ce que tu me demandais...Avec des instructions aussi claires et précises, c'est tres facile a faire ces opérations si on y apporte une bonne attention. Ta compétence est remarquable et des plus appréciée... Pour ce qui est du Norto360, je me rappelle pas mon choix lors de l'installation...mais suis allé voir et ça indique : Afficher l'écran d'accueil au démarrage. Mon PC est très nettement plus rapide à démarrer...un peu moins de 4 minutes pour avoir accès à mon bureau et pouvoir travailler...sans compter que je n'ai plus à attendre le téléchargement de ce zodus de Live Messenger comme avant. Le travail sur la restauration est fait et aussi la suppression de ce que tu avais indiqué. Est-ce que tu as d'autres instructions a me donner concernant mes probs...sinon merci de ta grande patience et de me consacrer beaucoup de ton temps si précieux...tu es un AS en la matière mon Ami Zébulonien....bye et merci... -
Je susi assez nouveau sur ce forum et espère d'utiliser ce forum au mieux possible. Mon système est d'une de ces lenteurs au démarrage...plus de 10 minutes d,attente avant de pouvoir m'en servir....Je sais avoir trop d'items dans le menu démarrage mais comment y remédier est une autre histoire... Je vous joins les résultats du scan que je viens d'effectuer. Ce problème perdure depusi assez longtemps...Merci de votre attention a mon égard.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:34:34, on 2009-05-22 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\FinePixViewerS\QuickDCF2.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\System32\msdtc.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Trend Micro\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.search.yahoo.com/search?fr=mcafee&p=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - rsion - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe r O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Lucien H. Martel\Application Data\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Exif Launcher S.lnk = C:\Program Files\FinePixViewerS\QuickDCF2.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...876/mcfscan.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe -- End of file - 12880 bytes
-
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
Salut et grand merci de ta patience.....J'ai fait ce que tu m'as demandé et le rapport dit : aucune trace de ce virus n'a été décelé sur cet oprdinateur.......alors c,est bien tant mieux si ce problème est réglé Un petit problème est survenu suite a l'utilisation hier de COMBOFIX...Si je veux ouvrir mon Windows Live Hotmail, pour mes courriels..ou certaines recherches sur le web..je recois le message suivant..: LA CONNEXION QUE VOUS ALLEZ UTILISER N'EST PAS SÉCURISÉE..D'AUTRES UTILISATEURS POURRONT ACCÉDER AUX INFOS QUE VOUS ENVOYEZ......Je n,avais pas ces avertissements auparavant....mon antivirus Norton 360 fonctionne...le pare-feu Windows est activé..mises a jour automatiques a tous les jours. Tu peux me dire quoi faire pour y remédier J'oubliais de te mentionner que la mise a jour de securité : MS-08-067, concernant le Conficker est installée sur mon système depusi decembre 2008.. Je te remercie encore une fois de toute cette grande aide que tu m'apportes...tu es vraiment un chic type... -
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
info.txt logfile of random's system information tool 1.06 2009-05-22 12:26:58 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\NuNInst.exe /UNINSTALL -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->C:\WINDOWS\unmrw.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Reader 9.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe" Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Canon MP Navigator 2.0-->"C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini Canon MP170-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{91175441-4E5D-4e13-B116-828FD352CDB2}\DelDrv.exe" /U:{91175441-4E5D-4e13-B116-828FD352CDB2} /L0x000c Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} FUJIFILM FinePixViewer S Ver.2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B32652-CAE0-4909-A463-5840D2689D93}\SETUP.EXE" -l0x40c FW LiveUpdate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11F5D779-7BD9-465A-BBC4-10701386BCB9}\setup.exe" -l0x9 -removeonly Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} GEAR driver installer for x86 and x64-->MsiExec.exe /I{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77} Google Desktop Search-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSearchSetup.exe -uninstall Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HardwareDetection-->"C:\Program Files\HardwareDetection\Uninstall.exe" "C:\Program Files\HardwareDetection\install.log" -u HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" McAfee SiteAdvisor-->C:\Program Files\McAfee\SiteAdvisor\Uninstall.exe Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913433)-->C:\WINDOWS\System32\MacroMed\Flash\genuinst.exe C:\WINDOWS\System32\MacroMed\Flash\KB913433.inf Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Moodflow.com Inspirational Screen Saver-->sstunst3.exe Moodflow.com Inspirational MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5} Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A} Nero Burning Rom Screensaver-->C:\WINDOWS\Nero Burning Rom Screensaver.scr /u Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setup.exe /uninstall ExtraUninstallID="" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Norton 360-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\InstStub.exe /X Notebook Pro 2.0-->C:\Program Files\InstallShield Installation Information\{F015C180-8F3E-4422-BC6F-E6B183710AB3}\Setup.exe -runfromtemp -l0x0c0c -removeonly OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" PowerPoint Slide Show Converter 3.0-->"C:\Program Files\DzSoft\PowerPoint Slide Show Converter\unins000.exe" QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SereneScreen Marine Aquarium 2.6-->"C:\Program Files\SereneScreen\Marine Aquarium 2.6\unins000.exe" Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SoftV92 Data Fax Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F00 Ulead Photo Explorer 8.0 SE Basic-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D271DAE0-8D68-4C97-8356-A126D48A1D8C}\Setup.exe" -l0x40c VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" WebCam Suite 2.0-->MsiExec.exe /X{4E029F9D-A709-4B0A-89C9-D56AA4B1254B} Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Messenger 5.1-->MsiExec.exe /I{F709B922-E62D-4FF3-8E3A-D7D93C93FC35} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7} Yahoo! Barre d'outils-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE ZNsoft Optimizer Xp-->"C:\Program Files\ZNsoft Corporation\ZNsoft Optimizer Xp\unins000.exe" ======Security center information====== AV: Norton 360 FW: Norton Internet Worm Protection (disabled) FW: Norton 360 ======System event log====== Computer Name: LUCIEN Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 45150 Source Name: Service Control Manager Time Written: 20090423192549.000000-240 Event Type: error User: Computer Name: LUCIEN Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 45147 Source Name: Service Control Manager Time Written: 20090423192549.000000-240 Event Type: error User: Computer Name: LUCIEN Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 45144 Source Name: Service Control Manager Time Written: 20090423192549.000000-240 Event Type: error User: Computer Name: LUCIEN Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 45141 Source Name: Service Control Manager Time Written: 20090423192549.000000-240 Event Type: error User: Computer Name: LUCIEN Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 45138 Source Name: Service Control Manager Time Written: 20090423192549.000000-240 Event Type: error User: =====Application event log===== Computer Name: LUCIEN Event Code: 1524 Message: Windows ne peut pas décharger vos classes fichier de Registre - il est en cours d'utilisation par d'autres applications ou services. Le fichier sera déchargé quand il ne sera plus utilisé. Record Number: 37898 Source Name: Userenv Time Written: 20090306063950.000000-300 Event Type: warning User: HLM\Lucien H. Martel Computer Name: LUCIEN Event Code: 1001 Message: Détecteur d'erreurs 734037209. Record Number: 37897 Source Name: Application Hang Time Written: 20090306063832.000000-300 Event Type: error User: Computer Name: LUCIEN Event Code: 1002 Message: Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Record Number: 37895 Source Name: Application Hang Time Written: 20090306063820.000000-300 Event Type: error User: Computer Name: LUCIEN Event Code: 1001 Message: Détecteur d'erreurs 734037209. Record Number: 37894 Source Name: Application Hang Time Written: 20090306063646.000000-300 Event Type: error User: Computer Name: LUCIEN Event Code: 1002 Message: Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Record Number: 37892 Source Name: Application Hang Time Written: 20090306063629.000000-300 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\MPEG;C:\PROGRAM FILES\FICHIERS COMMUNS\ULEAD SYSTEMS\DVD;C:\Program Files\QuickTime\QTSystem "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0303 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- JE SAIS PAS SI TU AS RECU L'AUTRE RAPPORT..ME SUIS UN PEU MÊLÉ DANS MES AFFAIRES -
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
voici le rapport du log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by Lucien H. Martel at 2009-05-22 12:26:04 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 39 GB (51%) free of 76 GB Total RAM: 1271 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:26:50, on 2009-05-22 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\tsnp2std.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\vVX3000.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe C:\Program Files\FinePixViewerS\QuickDCF2.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Documents and Settings\Lucien H. Martel\Bureau\RSIT.exe C:\Program Files\trend micro\Lucien H. Martel.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.search.yahoo.com/search?fr=mcafee&p=%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - rsion - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe r O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Lucien H. Martel\Application Data\mjusbsp\cdloader2.exe" MAGICJACK O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Exif Launcher S.lnk = C:\Program Files\FinePixViewerS\QuickDCF2.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/ O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenue.com/Downloads/AXELPlayerAX_Win32.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...876/mcfscan.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe -- End of file - 13075 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\rsion] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll [2009-05-05 372592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\3.0.0.134\IPSBHO.DLL [2009-05-05 107896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-23 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-23 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-23 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-02-13 150032] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-23 259696] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\3.0.0.134\coIEPlg.dll [2009-05-05 372592] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Barre d'outils - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-11-13 62464] "tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-11-03 258048] "snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-16 675840] "VX3000"=C:\WINDOWS\vVX3000.exe [2006-10-13 707376] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-27 516440] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] "Name of App"=C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2008-07-07 675935] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "cdloader"=C:\Documents and Settings\Lucien H. Martel\Application Data\mjusbsp\cdloader2.exe [2008-12-17 50520] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-03-30 68856] "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-06-02 1957888] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-04-12 1661304] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Exif Launcher S.lnk - C:\Program Files\FinePixViewerS\QuickDCF2.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoSMBalloonTip"=0 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Documents and Settings\rebelle\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\rebelle\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\Lucien H. Martel\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\Lucien H. Martel\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-05-22 12:26:04 ----DC---- C:\rsit 2009-05-22 10:12:52 ----D---- C:\Documents and Settings\Lucien H. Martel\Application Data\Malwarebytes 2009-05-22 10:12:36 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-05-22 10:12:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-05-21 17:11:14 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2009-05-21 16:42:27 ----D---- C:\Program Files\Windows Defender 2009-05-21 12:43:44 ----AC---- C:\ComboFix.txt 2009-05-21 12:11:27 ----AC---- C:\Boot.bak 2009-05-21 12:11:21 ----RASHDC---- C:\cmdcons 2009-05-21 12:09:30 ----A---- C:\WINDOWS\zip.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\SWSC.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\SWREG.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\sed.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\PEV.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\NIRCMD.exe 2009-05-21 12:09:30 ----A---- C:\WINDOWS\grep.exe 2009-05-21 12:09:08 ----DC---- C:\Qoobox 2009-05-20 15:30:42 ----D---- C:\Program Files\ZNsoft Corporation 2009-05-20 15:09:09 ----D---- C:\WINDOWS\ERDNT 2009-05-19 22:53:22 ----D---- C:\Program Files\RegCleaner 2009-05-06 00:34:14 ----DC---- C:\N360_BACKUP 2009-05-05 21:16:34 ----DC---- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} 2009-05-05 21:15:57 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL 2009-05-05 21:15:56 ----D---- C:\Program Files\Symantec 2009-05-05 21:14:47 ----D---- C:\Program Files\Windows Sidebar 2009-05-05 21:14:47 ----D---- C:\Program Files\Norton 360 2009-05-05 21:14:46 ----DC---- C:\Documents and Settings\All Users\Application Data\Norton 2009-05-05 21:09:54 ----DC---- C:\Documents and Settings\All Users\Application Data\NortonInstaller 2009-05-05 21:09:54 ----D---- C:\Program Files\NortonInstaller 2009-05-02 00:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-04-25 22:59:12 ----D---- C:\Program Files\iPod 2009-04-25 22:59:00 ----DC---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-25 22:59:00 ----D---- C:\Program Files\iTunes 2009-04-25 22:56:25 ----D---- C:\Program Files\Bonjour 2009-04-25 12:23:16 ----D---- C:\WINDOWS\ie8updates 2009-04-25 12:19:09 ----HDC---- C:\WINDOWS\ie8 2009-04-23 16:40:32 ----D---- C:\Program Files\Adobe 2009-04-23 16:34:44 ----DC---- C:\Documents and Settings\All Users\Application Data\NOS 2009-04-23 16:34:43 ----D---- C:\Program Files\NOS ======List of files/folders modified in the last 1 months====== 2009-05-22 12:26:50 ----D---- C:\Program Files\Trend Micro 2009-05-22 12:26:13 ----D---- C:\WINDOWS\Temp 2009-05-22 12:26:01 ----D---- C:\WINDOWS\Prefetch 2009-05-22 11:56:50 ----A---- C:\Documents and Settings\Lucien H. Martel\Application Data\SamsungLiveUpdateConfig.ini 2009-05-22 11:53:36 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt 2009-05-22 11:50:40 ----SD---- C:\WINDOWS\Tasks 2009-05-22 11:46:13 ----D---- C:\WINDOWS\system32\drivers 2009-05-22 11:46:13 ----D---- C:\WINDOWS\system32 2009-05-22 11:45:44 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-22 10:32:15 ----D---- C:\Documents and Settings\Lucien H. Martel\Application Data\Skype 2009-05-22 10:12:36 ----D---- C:\Program Files 2009-05-22 08:18:28 ----SHD---- C:\System Volume Information 2009-05-22 08:18:01 ----D---- C:\WINDOWS\repair 2009-05-22 08:17:13 ----D---- C:\WINDOWS\Registration 2009-05-22 08:07:13 ----D---- C:\Documents and Settings\Lucien H. Martel\Application Data\skypePM 2009-05-22 05:42:44 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-21 17:19:41 ----D---- C:\WINDOWS 2009-05-21 17:15:45 ----D---- C:\WINDOWS\Debug 2009-05-21 17:11:03 ----D---- C:\Program Files\Yahoo! 2009-05-21 16:42:39 ----SHD---- C:\WINDOWS\Installer 2009-05-21 16:42:39 ----HDC---- C:\Config.Msi 2009-05-21 16:42:29 ----HD---- C:\WINDOWS\inf 2009-05-21 12:28:24 ----AC---- C:\WINDOWS\system.ini 2009-05-21 12:19:35 ----D---- C:\WINDOWS\system32\config 2009-05-21 12:18:13 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-05-21 12:16:18 ----D---- C:\WINDOWS\AppPatch 2009-05-21 12:16:11 ----D---- C:\Program Files\Fichiers communs 2009-05-21 12:16:04 ----SHD---- C:\Recycled 2009-05-21 12:11:27 ----RASHC---- C:\boot.ini 2009-05-21 11:01:04 ----A---- C:\WINDOWS\win.ini 2009-05-21 11:01:00 ----D---- C:\WINDOWS\pss 2009-05-21 07:04:35 ----D---- C:\Program Files\LimeWire 2009-05-20 17:48:15 ----D---- C:\Documents and Settings\Lucien H. Martel\Application Data\LimeWire 2009-05-20 15:23:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-20 15:01:27 ----DC---- C:\Documents and Settings\All Users\Application Data\WinZip 2009-05-20 15:00:38 ----D---- C:\Program Files\WinZip 2009-05-20 08:44:23 ----A---- C:\WINDOWS\Ulead32.ini 2009-05-19 22:32:34 ----D---- C:\WINDOWS\Help 2009-05-18 16:22:13 ----D---- C:\WINDOWS\system32\CatRoot 2009-05-07 18:35:47 ----D---- C:\Documents and Settings\Lucien H. Martel\Application Data\mjusbsp 2009-05-07 00:16:30 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-06 03:16:59 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-05-05 21:31:10 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-05-02 00:36:29 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-04-29 05:48:47 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-27 06:54:31 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-04-27 06:53:45 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-04-26 11:55:20 ----SD---- C:\Documents and Settings\Lucien H. Martel\Application Data\Microsoft 2009-04-26 11:49:25 ----D---- C:\WINDOWS\system32\NtmsData 2009-04-25 22:59:10 ----D---- C:\Program Files\Fichiers communs\Apple 2009-04-25 12:25:44 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-25 12:25:42 ----D---- C:\WINDOWS\Media 2009-04-25 12:25:42 ----D---- C:\Program Files\Internet Explorer 2009-04-25 12:23:30 ----HD---- C:\WINDOWS\msdownld.tmp 2009-04-25 11:45:01 ----D---- C:\Documents and Settings\Lucien H. Martel\Application Data\Mozilla 2009-04-23 16:42:16 ----DC---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-04-23 16:41:25 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-04-23 16:40:03 ----D---- C:\WINDOWS\WinSxS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\BHDrvx86.sys [] R1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\ccHPx86.sys [] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090513.001\IDSxpx86.sys [] R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-25 29696] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-25 28672] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 SRTSP;Symantec Real Time Storage Protection; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\SRTSP.SYS [] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\N360\0300000.086\SRTSPX.SYS [] R1 SYMTDI;Symantec Network Dispatch Driver; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\SYMTDI.SYS [] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887] R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043] R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711] R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751] R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383] R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-11-13 391680] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-11-13 481596] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-08-26 1041152] R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-08-26 207616] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332] R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090522.002\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090522.002\NAVEX15.SYS [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-10-02 6912] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-03-10 47360] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992] R3 SNP2STD;Notebook Pro 2.0; C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-11-09 12006784] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SYMFW;Symantec Network Filter Driver; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\SYMFW.SYS [] R3 SYMIDS;Symantec Network Filter Driver; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\SYMIDS.SYS [] R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-05-05 36400] R3 SYMNDIS;Symantec Network Filter Driver; \??\C:\WINDOWS\system32\drivers\N360\0300000.086\SYMNDIS.SYS [] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-08-26 675840] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-25 101504] S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel® Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-09-14 120414] S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel® Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-09-14 96890] S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\HardwareDetection\driverhardwarev2.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 Nbmkmd;Nbmkmd; \??\C:\WINDOWS\system32\drivers\Nbmkmd.sys [] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-05-05 36400] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2006-10-13 1966384] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-27 953168] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-02-11 210216] R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe [2009-05-05 115560] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WSearch;Recherche Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800] S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-25 876032] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-23 182768] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- -
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
Salut et merci de tout ce que tu fais pour me venir en aide,,,tres apprécié....Je te transmet mnt le rapport du MBAM...vais mnt faire ceux du random et te les envoyer ensuite...salut.. Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2166 Windows 5.1.2600 Service Pack 3 2009-05-22 11:26:57 mbam-log-2009-05-22 (11-26-57).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 166534 Temps écoulé: 1 hour(s), 10 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 14 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 5 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) -
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
ComboFix 09-05-20.A1 - Lucien H. Martel 2009-05-21 12:12.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.1271.697 [GMT -4:00] Lancé depuis: c:\documents and settings\Lucien H. Martel\Bureau\ComboFix.exe AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Lucien H. Martel\Application Data\QUAD Backups c:\program files\instant access c:\program files\instant access\DesktopIcons\NoCreditCard.lnk c:\program files\instant access\Multi\20070310070308\Common\module.php c:\program files\instant access\Multi\20070310070308\Common\module.php_0.loginvis c:\program files\instant access\Multi\20070310070308\dialerexe.ini c:\program files\instant access\Multi\20070310070308\js\js_api_dialer.php c:\program files\instant access\Multi\20070310070308\medias\button1.jpg c:\program files\instant access\Multi\20070310070308\medias\button2.jpg c:\program files\instant access\Multi\20070310070308\medias\button3.jpg c:\program files\instant access\Multi\20070310070308\medias\button4.jpg c:\program files\instant access\Multi\20070310070308\medias\dialer.ico c:\program files\QUAD Utilities c:\windows\dialerexe.ini c:\windows\Downloaded Program Files\ODCTOOLS c:\windows\install.exe c:\windows\pack.epk c:\windows\system32\DelSelf.bat c:\windows\system32\TDSSqein.dll c:\windows\system32\TDSSqrwn.log c:\windows\system32\TDSSwgqe.dat c:\windows\tmlpcert2007 . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TDSSSERV.SYS -------\Service_TDSSserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-21 au 2009-05-21 )))))))))))))))))))))))))))))))))))) . 2009-05-20 19:30 . 2009-05-20 19:30 -------- d-----w c:\program files\ZNsoft Corporation 2009-05-20 02:53 . 2009-05-20 02:57 -------- d-----w c:\program files\RegCleaner 2009-05-09 09:45 . 2009-05-09 09:45 -------- d-----w c:\documents and settings\Lucien H. Martel\Local Settings\Application Data\Symantec 2009-05-06 04:34 . 2009-05-06 04:34 -------- dc----w C:\N360_BACKUP 2009-05-06 01:16 . 2009-05-06 01:16 -------- dc----w c:\documents and settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} 2009-05-06 01:16 . 2009-05-06 01:16 -------- d-----w c:\documents and settings\Lucien H. Martel\Local Settings\Application Data\Downloaded Installations 2009-05-06 01:16 . 2009-05-06 01:15 36400 ----a-r c:\windows\system32\drivers\SymIM.sys 2009-05-06 01:15 . 2009-05-06 01:15 60808 ----a-w c:\windows\system32\S32EVNT1.DLL 2009-05-06 01:15 . 2009-05-06 01:15 124464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS 2009-05-06 01:15 . 2009-05-06 01:15 -------- d-----w c:\program files\Symantec 2009-05-06 01:14 . 2009-05-06 01:14 -------- d-----w c:\windows\system32\drivers\N360 2009-05-06 01:14 . 2009-05-06 01:15 -------- d-----w c:\program files\Norton 360 2009-05-06 01:14 . 2009-05-06 01:14 -------- d-----w c:\program files\Windows Sidebar 2009-05-06 01:14 . 2009-05-06 01:16 -------- dc----w c:\documents and settings\All Users\Application Data\Norton 2009-05-06 01:09 . 2009-05-06 01:10 -------- dc----w c:\documents and settings\All Users\Application Data\NortonInstaller 2009-05-06 01:09 . 2009-05-06 01:09 -------- d-----w c:\program files\NortonInstaller 2009-04-28 12:14 . 2009-04-28 12:14 -------- d-sh--w c:\documents and settings\Lucien H. Martel\IECompatCache 2009-04-26 02:59 . 2009-04-26 02:59 -------- d-----w c:\program files\iPod 2009-04-26 02:59 . 2009-04-26 02:59 -------- dc----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-26 02:59 . 2009-04-26 02:59 -------- d-----w c:\program files\iTunes 2009-04-26 02:56 . 2009-04-26 02:56 -------- d-----w c:\program files\Bonjour 2009-04-25 16:33 . 2009-04-25 16:33 -------- d-sh--w c:\documents and settings\Lucien H. Martel\PrivacIE 2009-04-25 16:27 . 2009-04-25 16:27 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-04-25 16:26 . 2009-04-25 16:26 -------- d-sh--w c:\documents and settings\Lucien H. Martel\IETldCache 2009-04-25 16:23 . 2009-04-25 16:23 -------- d-----w c:\windows\ie8updates 2009-04-25 16:19 . 2009-04-25 16:21 -------- dc-h--w c:\windows\ie8 2009-04-25 16:15 . 2009-02-28 04:55 105984 ------w c:\windows\system32\dllcache\iecompat.dll 2009-04-25 15:45 . 2009-05-20 21:45 -------- d-----w c:\documents and settings\Lucien H. Martel\Shared 2009-04-23 20:34 . 2009-04-23 20:45 -------- dc----w c:\documents and settings\All Users\Application Data\NOS 2009-04-23 20:34 . 2009-04-23 20:45 -------- d-----w c:\program files\NOS . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-21 11:04 . 2008-06-10 22:08 -------- d-----w c:\program files\LimeWire 2009-05-20 19:23 . 1980-01-01 05:00 95056 ----a-w c:\windows\system32\perfc00C.dat 2009-05-20 19:23 . 1980-01-01 05:00 534270 ----a-w c:\windows\system32\perfh00C.dat 2009-05-06 01:31 . 2006-10-02 05:36 -------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-05-06 01:15 . 2009-05-06 01:15 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-05-06 01:15 . 2009-05-06 01:15 7386 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2009-04-27 10:53 . 2009-02-02 12:09 15688 ----a-w c:\windows\system32\lsdelete.exe 2009-04-27 10:53 . 2009-02-02 11:53 64160 ----a-w c:\windows\system32\drivers\Lbd.sys 2009-04-26 02:59 . 2007-06-29 22:00 -------- d-----w c:\program files\Fichiers communs\Apple 2009-04-23 20:41 . 2006-10-17 00:29 -------- d-----w c:\program files\Fichiers communs\Adobe 2009-04-14 03:02 . 2006-10-02 06:18 -------- d-----w c:\program files\Java 2009-04-05 11:18 . 2006-12-12 03:39 -------- d-----w c:\program files\Messenger Plus! Live 2009-04-05 03:26 . 2009-04-05 03:26 805376 ----a-w c:\windows\Nero Burning Rom Screensaver.scr 2009-04-04 15:29 . 2006-10-04 20:45 -------- d-----w c:\program files\Yahoo! 2009-04-03 12:52 . 2009-02-07 12:52 -------- d-----w c:\program files\Circle Developement 2009-03-19 20:32 . 2008-01-29 16:01 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys 2009-03-09 09:19 . 2009-01-20 16:26 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 08:34 . 2006-06-23 18:28 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 08:34 . 1980-01-01 05:00 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 08:33 . 1980-01-01 05:00 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 08:33 . 1980-01-01 05:00 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 08:32 . 1980-01-01 05:00 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 08:32 . 1980-01-01 05:00 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 08:31 . 1980-01-01 05:00 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 08:31 . 1980-01-01 05:00 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 08:31 . 1980-01-01 05:00 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 08:22 . 1980-01-01 05:00 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-06 14:20 . 1980-01-01 05:00 286720 ----a-w c:\windows\system32\pdh.dll 2008-11-12 13:54 . 2008-11-12 13:54 19559 -c--a-w c:\program files\Fichiers communs\neqewat.db 2008-11-12 13:54 . 2008-11-12 13:54 19126 -c--a-w c:\program files\Fichiers communs\towedasix.pif 2008-11-12 13:54 . 2008-11-12 13:54 16799 -c--a-w c:\program files\Fichiers communs\holelu.db 2006-10-08 04:37 . 2006-10-08 04:37 774144 -c--a-w c:\program files\RngInterstitial.dll 2006-12-03 03:09 . 2006-12-03 03:09 112640 -c--a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cdloader"="c:\documents and settings\Lucien H. Martel\Application Data\mjusbsp\cdloader2.exe" [2008-12-17 50520] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-30 68856] "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 1957888] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2007-04-12 1661304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "tsnp2std"="c:\windows\tsnp2std.exe" [2006-11-03 258048] "snp2std"="c:\windows\vsnp2std.exe" [2006-09-16 675840] "VX3000"="c:\windows\vVX3000.exe" [2006-10-13 707376] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-27 516440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "Name of App"="c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe" [2008-07-07 675935] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2003-11-13 62464] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Exif Launcher S.lnk - c:\program files\FinePixViewerS\QuickDCF2.exe [2007-5-11 303104] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMBalloonTip"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Documents and Settings\\rebelle\\Application Data\\mjusbsp\\magicJack.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\Lucien H. Martel\\Application Data\\mjusbsp\\magicJack.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-02 64160] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0300000.086\BHDrvx86.sys [2009-05-05 21:15 258608] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0300000.086\cchpx86.sys [2009-05-05 21:15 482352] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090513.001\IDSXpx86.sys [2009-05-19 276344] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-13 55152] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-05-05 101936] S3 Nbmkmd;Nbmkmd;c:\windows\system32\drivers\Nbmkmd.sys [2007-03-17 42900] --- Autres Services/Pilotes en mémoire --- *Deregistered* - ALG *Deregistered* - Apple Mobile Device *Deregistered* - AudioSrv *Deregistered* - Bonjour Service *Deregistered* - Browser *Deregistered* - COMSysApp *Deregistered* - CryptSvc *Deregistered* - DcomLaunch *Deregistered* - Dhcp *Deregistered* - Dnscache *Deregistered* - ERSvc *Deregistered* - EventSystem *Deregistered* - FastUserSwitchingCompatibility *Deregistered* - Fax *Deregistered* - helpsvc *Deregistered* - ImapiService *Deregistered* - InCDsrv *Deregistered* - InCDsrvR *Deregistered* - JavaQuickStarterService *Deregistered* - lanmanserver *Deregistered* - lanmanworkstation *Deregistered* - Lavasoft Ad-Aware Service *Deregistered* - LmHosts *Deregistered* - McAfee SiteAdvisor Service *Deregistered* - MSDTC *Deregistered* - N360 *Deregistered* - Netman *Deregistered* - Nla *Deregistered* - PolicyAgent *Deregistered* - ProtectedStorage *Deregistered* - RasMan *Deregistered* - RpcSs *Deregistered* - SamSs *Deregistered* - Schedule *Deregistered* - SeaPort *Deregistered* - seclogon *Deregistered* - SENS *Deregistered* - SharedAccess *Deregistered* - ShellHWDetection *Deregistered* - Spooler *Deregistered* - sr *Deregistered* - srservice *Deregistered* - SRTSP *Deregistered* - SRTSPX *Deregistered* - Srv *Deregistered* - SSDPSRV *Deregistered* - stisvc *Deregistered* - swenum *Deregistered* - SwPrv *Deregistered* - SymEFA *Deregistered* - SymEvent *Deregistered* - SYMFW *Deregistered* - SYMIDS *Deregistered* - SymIMMP *Deregistered* - SYMNDIS *Deregistered* - SYMTDI *Deregistered* - TapiSrv *Deregistered* - Tcpip *Deregistered* - TermDD *Deregistered* - TermService *Deregistered* - Themes *Deregistered* - Tones *Deregistered* - TrkWks *Deregistered* - Update *Deregistered* - V124 *Deregistered* - VgaSave *Deregistered* - VolSnap *Deregistered* - VSS *Deregistered* - Wanarp *Deregistered* - WebClient *Deregistered* - winmgmt *Deregistered* - WmiApSrv *Deregistered* - WS2IFSL *Deregistered* - wscsvc *Deregistered* - WSearch *Deregistered* - wuauserv *Deregistered* - WZCSVC . Contenu du dossier 'Tâches planifiées' 2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 10:53] 2009-05-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:34] . - - - - ORPHELINS SUPPRIMES - - - - HKU-Default-RunOnce-IETI - c:\program files\Skype\Phone\IEPlugin\unins000.exe . ------- Examen supplémentaire ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://ca.search.yahoo.com/search?fr=mcafee&p=%s IE: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZRxdm479YYCA IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} - hxxps://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-21 12:25 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.134\diMaster.dll\" /prefetch:1" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1068108822-879754665-3729648459-1005\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(2632) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\ieframe.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Ahead\InCD\InCDsrv.exe c:\program files\Lavasoft\Ad-Aware\AAWService.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\McAfee\SiteAdvisor\McSACore.exe c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\searchindexer.exe c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Windows Desktop Search\WindowsSearch.exe c:\program files\WinZip\WZQKPICK.EXE c:\windows\system32\vssvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\msdtc.exe c:\windows\system32\dllhost.exe c:\windows\system32\searchfilterhost.exe c:\windows\system32\searchprotocolhost.exe . ************************************************************************** . Heure de fin: 2009-05-21 12:43 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-21 16:43 Avant-CF: 39 925 870 592 octets libres Après-CF: 40 763 781 120 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn Current=2 Default=2 Failed=1 LastKnownGood=7 Sets=1,2,5,6,7 339 --- E O F --- 2009-05-13 10:30 ComboFix 09-05-20.A1 - Lucien H. Martel 2009-05-21 12:12.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.1271.697 [GMT -4:00] Lancé depuis: c:\documents and settings\Lucien H. Martel\Bureau\ComboFix.exe AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Lucien H. Martel\Application Data\QUAD Backups c:\program files\instant access c:\program files\instant access\DesktopIcons\NoCreditCard.lnk c:\program files\instant access\Multi\20070310070308\Common\module.php c:\program files\instant access\Multi\20070310070308\Common\module.php_0.loginvis c:\program files\instant access\Multi\20070310070308\dialerexe.ini c:\program files\instant access\Multi\20070310070308\js\js_api_dialer.php c:\program files\instant access\Multi\20070310070308\medias\button1.jpg c:\program files\instant access\Multi\20070310070308\medias\button2.jpg c:\program files\instant access\Multi\20070310070308\medias\button3.jpg c:\program files\instant access\Multi\20070310070308\medias\button4.jpg c:\program files\instant access\Multi\20070310070308\medias\dialer.ico c:\program files\QUAD Utilities c:\windows\dialerexe.ini c:\windows\Downloaded Program Files\ODCTOOLS c:\windows\install.exe c:\windows\pack.epk c:\windows\system32\DelSelf.bat c:\windows\system32\TDSSqein.dll c:\windows\system32\TDSSqrwn.log c:\windows\system32\TDSSwgqe.dat c:\windows\tmlpcert2007 . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TDSSSERV.SYS -------\Service_TDSSserv.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-21 au 2009-05-21 )))))))))))))))))))))))))))))))))))) . 2009-05-20 19:30 . 2009-05-20 19:30 -------- d-----w c:\program files\ZNsoft Corporation 2009-05-20 02:53 . 2009-05-20 02:57 -------- d-----w c:\program files\RegCleaner 2009-05-09 09:45 . 2009-05-09 09:45 -------- d-----w c:\documents and settings\Lucien H. Martel\Local Settings\Application Data\Symantec 2009-05-06 04:34 . 2009-05-06 04:34 -------- dc----w C:\N360_BACKUP 2009-05-06 01:16 . 2009-05-06 01:16 -------- dc----w c:\documents and settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} 2009-05-06 01:16 . 2009-05-06 01:16 -------- d-----w c:\documents and settings\Lucien H. Martel\Local Settings\Application Data\Downloaded Installations 2009-05-06 01:16 . 2009-05-06 01:15 36400 ----a-r c:\windows\system32\drivers\SymIM.sys 2009-05-06 01:15 . 2009-05-06 01:15 60808 ----a-w c:\windows\system32\S32EVNT1.DLL 2009-05-06 01:15 . 2009-05-06 01:15 124464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS 2009-05-06 01:15 . 2009-05-06 01:15 -------- d-----w c:\program files\Symantec 2009-05-06 01:14 . 2009-05-06 01:14 -------- d-----w c:\windows\system32\drivers\N360 2009-05-06 01:14 . 2009-05-06 01:15 -------- d-----w c:\program files\Norton 360 2009-05-06 01:14 . 2009-05-06 01:14 -------- d-----w c:\program files\Windows Sidebar 2009-05-06 01:14 . 2009-05-06 01:16 -------- dc----w c:\documents and settings\All Users\Application Data\Norton 2009-05-06 01:09 . 2009-05-06 01:10 -------- dc----w c:\documents and settings\All Users\Application Data\NortonInstaller 2009-05-06 01:09 . 2009-05-06 01:09 -------- d-----w c:\program files\NortonInstaller 2009-04-28 12:14 . 2009-04-28 12:14 -------- d-sh--w c:\documents and settings\Lucien H. Martel\IECompatCache 2009-04-26 02:59 . 2009-04-26 02:59 -------- d-----w c:\program files\iPod 2009-04-26 02:59 . 2009-04-26 02:59 -------- dc----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-26 02:59 . 2009-04-26 02:59 -------- d-----w c:\program files\iTunes 2009-04-26 02:56 . 2009-04-26 02:56 -------- d-----w c:\program files\Bonjour 2009-04-25 16:33 . 2009-04-25 16:33 -------- d-sh--w c:\documents and settings\Lucien H. Martel\PrivacIE 2009-04-25 16:27 . 2009-04-25 16:27 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-04-25 16:26 . 2009-04-25 16:26 -------- d-sh--w c:\documents and settings\Lucien H. Martel\IETldCache 2009-04-25 16:23 . 2009-04-25 16:23 -------- d-----w c:\windows\ie8updates 2009-04-25 16:19 . 2009-04-25 16:21 -------- dc-h--w c:\windows\ie8 2009-04-25 16:15 . 2009-02-28 04:55 105984 ------w c:\windows\system32\dllcache\iecompat.dll 2009-04-25 15:45 . 2009-05-20 21:45 -------- d-----w c:\documents and settings\Lucien H. Martel\Shared 2009-04-23 20:34 . 2009-04-23 20:45 -------- dc----w c:\documents and settings\All Users\Application Data\NOS 2009-04-23 20:34 . 2009-04-23 20:45 -------- d-----w c:\program files\NOS . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-21 11:04 . 2008-06-10 22:08 -------- d-----w c:\program files\LimeWire 2009-05-20 19:23 . 1980-01-01 05:00 95056 ----a-w c:\windows\system32\perfc00C.dat 2009-05-20 19:23 . 1980-01-01 05:00 534270 ----a-w c:\windows\system32\perfh00C.dat 2009-05-06 01:31 . 2006-10-02 05:36 -------- d-----w c:\program files\Fichiers communs\Symantec Shared 2009-05-06 01:15 . 2009-05-06 01:15 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF 2009-05-06 01:15 . 2009-05-06 01:15 7386 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT 2009-04-27 10:53 . 2009-02-02 12:09 15688 ----a-w c:\windows\system32\lsdelete.exe 2009-04-27 10:53 . 2009-02-02 11:53 64160 ----a-w c:\windows\system32\drivers\Lbd.sys 2009-04-26 02:59 . 2007-06-29 22:00 -------- d-----w c:\program files\Fichiers communs\Apple 2009-04-23 20:41 . 2006-10-17 00:29 -------- d-----w c:\program files\Fichiers communs\Adobe 2009-04-14 03:02 . 2006-10-02 06:18 -------- d-----w c:\program files\Java 2009-04-05 11:18 . 2006-12-12 03:39 -------- d-----w c:\program files\Messenger Plus! Live 2009-04-05 03:26 . 2009-04-05 03:26 805376 ----a-w c:\windows\Nero Burning Rom Screensaver.scr 2009-04-04 15:29 . 2006-10-04 20:45 -------- d-----w c:\program files\Yahoo! 2009-04-03 12:52 . 2009-02-07 12:52 -------- d-----w c:\program files\Circle Developement 2009-03-19 20:32 . 2008-01-29 16:01 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys 2009-03-09 09:19 . 2009-01-20 16:26 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 08:34 . 2006-06-23 18:28 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 08:34 . 1980-01-01 05:00 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 08:33 . 1980-01-01 05:00 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 08:33 . 1980-01-01 05:00 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 08:32 . 1980-01-01 05:00 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 08:32 . 1980-01-01 05:00 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 08:31 . 1980-01-01 05:00 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 08:31 . 1980-01-01 05:00 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 08:31 . 1980-01-01 05:00 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 08:22 . 1980-01-01 05:00 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-06 14:20 . 1980-01-01 05:00 286720 ----a-w c:\windows\system32\pdh.dll 2008-11-12 13:54 . 2008-11-12 13:54 19559 -c--a-w c:\program files\Fichiers communs\neqewat.db 2008-11-12 13:54 . 2008-11-12 13:54 19126 -c--a-w c:\program files\Fichiers communs\towedasix.pif 2008-11-12 13:54 . 2008-11-12 13:54 16799 -c--a-w c:\program files\Fichiers communs\holelu.db 2006-10-08 04:37 . 2006-10-08 04:37 774144 -c--a-w c:\program files\RngInterstitial.dll 2006-12-03 03:09 . 2006-12-03 03:09 112640 -c--a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cdloader"="c:\documents and settings\Lucien H. Martel\Application Data\mjusbsp\cdloader2.exe" [2008-12-17 50520] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-30 68856] "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 1957888] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2007-04-12 1661304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "tsnp2std"="c:\windows\tsnp2std.exe" [2006-11-03 258048] "snp2std"="c:\windows\vsnp2std.exe" [2006-09-16 675840] "VX3000"="c:\windows\vVX3000.exe" [2006-10-13 707376] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-27 516440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "Name of App"="c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe" [2008-07-07 675935] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2003-11-13 62464] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Exif Launcher S.lnk - c:\program files\FinePixViewerS\QuickDCF2.exe [2007-5-11 303104] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoSMBalloonTip"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Documents and Settings\\rebelle\\Application Data\\mjusbsp\\magicJack.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\Lucien H. Martel\\Application Data\\mjusbsp\\magicJack.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-02 64160] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0300000.086\BHDrvx86.sys [2009-05-05 21:15 258608] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0300000.086\cchpx86.sys [2009-05-05 21:15 482352] R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090513.001\IDSXpx86.sys [2009-05-19 276344] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-13 55152] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-05-05 101936] S3 Nbmkmd;Nbmkmd;c:\windows\system32\drivers\Nbmkmd.sys [2007-03-17 42900] --- Autres Services/Pilotes en mémoire --- *Deregistered* - ALG *Deregistered* - Apple Mobile Device *Deregistered* - AudioSrv *Deregistered* - Bonjour Service *Deregistered* - Browser *Deregistered* - COMSysApp *Deregistered* - CryptSvc *Deregistered* - DcomLaunch *Deregistered* - Dhcp *Deregistered* - Dnscache *Deregistered* - ERSvc *Deregistered* - EventSystem *Deregistered* - FastUserSwitchingCompatibility *Deregistered* - Fax *Deregistered* - helpsvc *Deregistered* - ImapiService *Deregistered* - InCDsrv *Deregistered* - InCDsrvR *Deregistered* - JavaQuickStarterService *Deregistered* - lanmanserver *Deregistered* - lanmanworkstation *Deregistered* - Lavasoft Ad-Aware Service *Deregistered* - LmHosts *Deregistered* - McAfee SiteAdvisor Service *Deregistered* - MSDTC *Deregistered* - N360 *Deregistered* - Netman *Deregistered* - Nla *Deregistered* - PolicyAgent *Deregistered* - ProtectedStorage *Deregistered* - RasMan *Deregistered* - RpcSs *Deregistered* - SamSs *Deregistered* - Schedule *Deregistered* - SeaPort *Deregistered* - seclogon *Deregistered* - SENS *Deregistered* - SharedAccess *Deregistered* - ShellHWDetection *Deregistered* - Spooler *Deregistered* - sr *Deregistered* - srservice *Deregistered* - SRTSP *Deregistered* - SRTSPX *Deregistered* - Srv *Deregistered* - SSDPSRV *Deregistered* - stisvc *Deregistered* - swenum *Deregistered* - SwPrv *Deregistered* - SymEFA *Deregistered* - SymEvent *Deregistered* - SYMFW *Deregistered* - SYMIDS *Deregistered* - SymIMMP *Deregistered* - SYMNDIS *Deregistered* - SYMTDI *Deregistered* - TapiSrv *Deregistered* - Tcpip *Deregistered* - TermDD *Deregistered* - TermService *Deregistered* - Themes *Deregistered* - Tones *Deregistered* - TrkWks *Deregistered* - Update *Deregistered* - V124 *Deregistered* - VgaSave *Deregistered* - VolSnap *Deregistered* - VSS *Deregistered* - Wanarp *Deregistered* - WebClient *Deregistered* - winmgmt *Deregistered* - WmiApSrv *Deregistered* - WS2IFSL *Deregistered* - wscsvc *Deregistered* - WSearch *Deregistered* - wuauserv *Deregistered* - WZCSVC . Contenu du dossier 'Tâches planifiées' 2009-05-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 10:53] 2009-05-16 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:34] . - - - - ORPHELINS SUPPRIMES - - - - HKU-Default-RunOnce-IETI - c:\program files\Skype\Phone\IEPlugin\unins000.exe . ------- Examen supplémentaire ------- . uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://ca.search.yahoo.com/search?fr=mcafee&p=%s IE: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZRxdm479YYCA IE: Easy-WebPrint Ajouter à la liste d'impressions - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint Impression rapide - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Imprimer - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint Prévisualiser - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} - hxxps://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-21 12:25 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.0.0.134\diMaster.dll\" /prefetch:1" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1068108822-879754665-3729648459-1005\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(2632) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\ieframe.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Ahead\InCD\InCDsrv.exe c:\program files\Lavasoft\Ad-Aware\AAWService.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\McAfee\SiteAdvisor\McSACore.exe c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\searchindexer.exe c:\program files\Norton 360\Engine\3.0.0.134\ccSvcHst.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Windows Desktop Search\WindowsSearch.exe c:\program files\WinZip\WZQKPICK.EXE c:\windows\system32\vssvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\msdtc.exe c:\windows\system32\dllhost.exe c:\windows\system32\searchfilterhost.exe c:\windows\system32\searchprotocolhost.exe . ************************************************************************** . Heure de fin: 2009-05-21 12:43 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-21 16:43 Avant-CF: 39 925 870 592 octets libres Après-CF: 40 763 781 120 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn Current=2 Default=2 Failed=1 LastKnownGood=7 Sets=1,2,5,6,7 339 --- E O F --- 2009-05-13 10:30 -
Virus Conficker...( RÉSOLU )
Henri L. Martel a répondu à un(e) sujet de Henri L. Martel dans Analyses et éradication malwares
-
Je suis infecté par ce satané de Conficker...mon fournisseur de services internet m'a conseillé d'utiliser :COMBOFIX...dans l'espoir de regler mon problème...je l'ai fait et ai recu un rapport auquel je ne comprends rien.. Ma machine est assez lente a démarrer et il semble que meme en mon absence, elle envoie des messages infectés à je ne sais pas qui... Je en suis pas un expert en informatique...mais pêut etre quelqu'uin de trop curieux...va se mettre les doigts là où il est pas bon d'aller.. Pouvez-vous me venir en aide pour supprimer ce problème de ma machine....Grand Merci..