Aller au contenu

Heri

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    61

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Heri

  1. Heri
    BONSOIR....Falkra, Ci-joint les logs "hijackthis" : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:32:08, on 16/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Documents and Settings\Henri KERISIT\Bureau\Henri KERISIT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a63fdf20a9b546a3888a10e540b16c12 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a63fdf20a9b546a3888a10e540b16c12 O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: lec - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 12568 bytes Bon décryptage. Cordialement et à plus pour lire tes conclusions...
  2. Heri
    Salut ....Falkra, En désactivant les modules complémentaires le temps de reponse est très rapide pour la consultation du site "Zebulon" ... De plus j'ai essayé de lancer un scan antivirus en ligne ..... Il y a eu la reponse que IE s'exécute sans les modules complémentaires et donc cliquer ici pour gérer ..... MAIS PAS LE MESSAGE: Iexplore.exe - erreur d'application L'instruction à "0x0a6f0068 emploie l'adresse mémoire 0x0a6f0068 . La mémoire ne peut pas être written." Aurions nous un dysfonctionnement avec la gestion des modules complémentaires???? Dans l'attente de te lire......cordialement et à plus!
  3. Heri
    Salut ..... Falkra Merci pour ta patience... Au lancement de "Dial-a-fix" il y a eu ce message : "Dial-a-fix was unable to determine your version internet explorer. Certain DLL registrations will be skipped Please email dia-a-fix@JLizard.net ok Puis le logiciel se lance.... AU résultat ................... rien de plus, à part un meilleur affichage de la ligne de demande d'installation de modules complémentaires ....activeX. Cordialement....à plus
  4. Heri
    Bonjour..........Falkra, J'ai nettoyé le portable et ai laissé tourné "Memtest" tout l'après midi.... Quels sites me demandent cet ActiveX ? Par exemple les sites des divers scans antivirus en ligne à partir de "zebulon" ou encore "Ma Config..." A plus et cordialement....
  5. Heri
    Salut ......Falkra, Je confirme bien au test de "Memtest" le 0 erreurs... et que le message "Iexplore.exe - erreur d'application L'instruction à "0x0a6f0068 emploie l'adresse mémoire 0x0a6f0068 . La mémoire ne peut pas être written." apparait lorsque windows demande dans la fenêtre l'activation de modules supplémentaires ( Active X ) pour continuer ..... ActiveX de windows ne serait il tout simplement déterioré ou corrompu ??? Cordialement et à plus!
  6. Heri
    Bonjour, Aucune erreur n'a été détectée par memtest... Ce message d'erreur parait lorsque le site émet son message de demande d'activation "ActiveX" . Pour le message concernant mon lecteur/enregistreur CD il semblerait que ce soit des restes d'une désinstallation .....alors pas de panique . Nous allons aussi nous arrêter ici..... Mais comme nous sommes surs de la propreté du système puis je faire une sauvegarde sur mon disk externe avec "Acronis" ....?? Merci pour votre recherche et votre aide pour résoudre ce dysfonctionnement: Iexplore.exe - erreur d'application L'instruction à "0x0a6f0068 emploie l'adresse mémoire 0x0a6f0068 . La mémoire ne peut pas être written." Cliquez OK pour terminer le programme Cliquez Annuler pour débloguer le programe ....." CONCLUSION : Sans solution à part une réinstallation de Windows . A plus ......Merci et bonne journée! Cordialement.
  7. Heri
  8. Heri
    Bonsoir......Falkra, Sourires.... Et NON ! Rien n'a vraiment changé quand j'ai voulu faire un scan anti-virus "Kaspersky en ligne" sur le site "Zébulon - antivirus en ligne",car à l'instant ou s'est affiché la ligne de demande d'activation de "ActivX" le message: Iexplore.exe - erreur d'application L'instruction à "0x0a6f0068 emploie l'adresse mémoire 0x0a6f0068 . La mémoire ne peut pas être written." Cliquez OK pour terminer le programme Cliquez Annuler pour débloguer le programe ....." Puis les sessions se sont fermées avec l'affichage suivant: Internet Explorer à fermer cette page web pour protéger l'ordinateur. Une chose dont on est sur : "C'est qu'il n'y a pas d'infection.... et que les barrettes mémoires sont bonnes" Une piste peut être est celle de la sécurité d'internet que j'ai " MOYEN-HAUT" .... C'est peut être trop sécuritaire?? Aussi une solution est d'utiliser le PC telquel.....sans charger des logiciels ou sites qui demandent une activation "ActiveX". Par contre comme nous sommes surs de la propreté du système puis je faire une sauvegarde sur mon diks externe avec "Acronis" .... Tiens je viens de appercevoir un sujet similaire : "Eviter le message " la mémoire ne peut pas être read" traité par" The Playeur " le 12 juin2009 à 18H15.... je ne l'ai pas encore parcouru! En ce qui est du nouveau message sur les propriétés du lecteur CD - ce serait des restes d'un programme Sonic My Dvd ... je vais chercher comment le règler... Puis désinstaller les logiciels que nous avons utilisé pour notre recherche .... et donne moi la liste de ceux qui sont utiles et efficaces pour la sécurité.....car à chacun ses préférences....et de plus tu as les détails sur mon log HijackThis (l'utile, l'efficace ....l'inutile ...) Dans l'attente de ta réponse et de tes suggestions ....
  9. Heri
  10. Heri
    Bonjour .... Falkra, Passes tu un bon W.E? En ce qui concerne nos dysfonctionnements: - j'ai fait controler les barettes mémoires par "Memtest" un bon moment = 0 erreur décelée? - par contre en me connectant sur votre site "ZEBULON - OUTILS ENLIGNE - votre configuration " ......Antivir m'informe d'un élement suspect : code HEUR/HTLM.Malware ....et une surprise de la deconnextion pour protèger l'ordinateur.... - et lors de l'utilisation du lecteur/graveur j'ai fait la découverte d'un message "ACTIVER {No Pconfig} - voulez vous utiliser {No Pconfig} à la place du logiciel d'enregistrement de disque fourni avec Windows XP ? Beaucoup de QUESTIONS ??? Dans l'attente de tes réponses ....... et solutions ? Cordialement
  11. Heri
    RE..... Si SFC /scannow remet de vieux fichiers et peut mettre un énorme bazar que faut il passer à sa place pour s'assurer que windowws n'est pas altéré ......????? que penser de :CHKDSK/R/F alors ? @ plus, cordialement
  12. Heri
    Re...... Je constate que Memtest est compressé.....quel logiciel gratuit de décompression conseilles tu car j'en ai pas d'installé sur le PC ??? Merci pour tes conseils; @PLUS Cordialement
  13. Heri
    RE......Comment savoir si windows est jour et non altéré,,,,?? Windows Update me met à jour regulièrement windows.... et mes verifications par " SFC /scannow ne décèlent pas d'annomalies..... de plus j'emploie TuneUp Utilities 2009 régulièrement. As tu un tuyau??? Cordialement
  14. Heri
    Hello, Rebonjour Falkra, En effet la clé récalcitrante est décelée à chaque fois par ccleaner, regcleaner,TuneUp Maintenance ...... sans qu'ils arrivent à l'effacer... ca fait désordre, mais bon! Pour l'emploi de Memtest qui est un logiciel en Anglais existe-t-il un tutoriel pour pouvoir l'installer facilement sur un cd ou une cle USB....et son emploi ? En sorte quelles sont les conclusions que tu tirent à partir de tes diverses analyses sur mes messages d'erreur .....???? A te lire et à plus, Cordialement
  15. Heri
    Re pour une info ....supplémentaire! Par contre j'ai une clé HKCR\{80b8c23c-16c0-4cd8-bbc3-cece9a78b79} qui ne contient aucune donnée ne veut pas s'effacer ..... et est récalcitrante ... @ plus - cordialement
  16. Heri
    RE.... les deux fichiers en question scannés par VIRUSTOTAL sont "clean" à plus tard, cordialement
  17. Heri
    et j'ai eu le message "Microsoft Visual C++ Runtime library Runtime error - Program: c:\ Windows\explorer.exe lors de ma recherche par la procédure exécuter ............. @+
  18. Heri
    Hello..... je ne trouve pas de fichier PEV.EXE dans windows malgre la présence de PEV (application) par contre j'ai deux fichiers dans c:\WINDOWS\Prefetch : - PEV.EXE-0806C34B.pf - PEV.EXE-2937A365.pf créés le 13/06/2009 à 11H01 et 10H50 Dans l'attente de te lire.... Cordialement.
  19. Heri
    Rebonjour Falkra, Ci joint le nouveau rapport demandé : Logfile of random's system information tool 1.06 (written by random/random) Run by Henri KERISIT at 2009-06-13 14:17:54 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 51 GB (66%) free of 76 GB Total RAM: 894 MB (34% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:18:16, on 13/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\WINDOWS\WebCam\M1000\M1000Mnt.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\TuneUp Utilities 2009\RegistryCleaner.exe C:\WINDOWS\System32\TuneUpDefragService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Henri KERISIT\Bureau\RSIT.exe C:\Documents and Settings\Henri KERISIT\Bureau\Henri KERISIT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a63fdf20a9b546a3888a10e540b16c12 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a63fdf20a9b546a3888a10e540b16c12 O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: lec - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 12916 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\User_Feed_Synchronization-{56134A75-B58D-479A-855F-8C2768A3A41E}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2003-02-07 98356] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-08 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-27 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-27 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-08 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-08 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-27 259696] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-04-05 339968] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-08-01 98393] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-01 688217] "Sunkist2k"=C:\Program Files\Multimedia Card Reader\shwicon2k.exe [2003-06-02 135168] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2003-02-07 114741] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-08 136600] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-18 185632] "LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-03-30 32768] "HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-05-02 57344] "LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2005-03-16 204800] "LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-10-11 245760] "Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-04-18 81920] "CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480] "TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-07 2620336] "AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-07 904880] "Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2007-10-07 140568] "SPAMfighter Agent"=C:\Program Files\SPAMfighter\SFAgent.exe [2009-03-12 326792] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2003-10-10 376912] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-18 68856] "ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2009-04-28 1560816] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "RTEGPRS"=C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2005-11-28 2265088] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-28 29744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Les Echos Desk] C:\Program Files\Nosibay\Les Echos Desk\launcher.exe [2008-07-23 239120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-08-08 45056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-01 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager" "C:\Program Files\Microsoft ActiveSync\WcesMgr.exe"="C:\Program Files\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\Pédagofiche\Fichiers communs\PfManager.exe"="C:\Program Files\Pédagofiche\Fichiers communs\PfManager.exe:*:Enabled:LaunchAnywhere GUI" "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting®" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-06-13 11:05:40 ----A---- C:\ComboFix.txt 2009-06-13 10:52:33 ----A---- C:\Boot.bak 2009-06-13 10:52:25 ----RASHD---- C:\cmdcons 2009-06-13 10:50:38 ----A---- C:\WINDOWS\zip.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\SWSC.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\SWREG.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\sed.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\PEV.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\NIRCMD.exe 2009-06-13 10:50:38 ----A---- C:\WINDOWS\grep.exe 2009-06-13 10:50:26 ----D---- C:\WINDOWS\ERDNT 2009-06-13 10:50:25 ----A---- C:\WINDOWS\system32\CF555.exe 2009-06-13 10:48:24 ----D---- C:\Qoobox 2009-06-11 16:33:09 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-06-11 16:33:06 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-06-11 16:33:04 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-06-11 12:01:37 ----D---- C:\_OTM 2009-06-10 22:46:04 ----D---- C:\Program Files\Unlocker 2009-06-10 20:11:18 ----D---- C:\rsit 2009-06-09 12:20:55 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-06-09 12:05:58 ----D---- C:\WINDOWS\system32\XPSViewer 2009-06-09 12:05:53 ----D---- C:\Program Files\MSBuild 2009-06-09 12:05:50 ----D---- C:\WINDOWS\system32\en-US 2009-06-09 12:05:37 ----D---- C:\Program Files\Reference Assemblies 2009-06-09 12:04:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-06-09 12:04:50 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-06-09 12:04:49 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-06-08 10:58:12 ----D---- C:\Documents and Settings\Henri KERISIT\Application Data\TuneUp Software 2009-06-08 10:57:20 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-06-08 10:57:18 ----D---- C:\Program Files\TuneUp Utilities 2009 2009-05-20 10:56:58 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-19 23:11:07 ----A---- C:\WINDOWS\HideWin.exe 2009-05-19 22:50:13 ----D---- C:\Program Files\SymplisIT 2009-05-19 22:50:13 ----D---- C:\Documents and Settings\All Users\Application Data\SymplisIT 2009-05-18 23:39:31 ----D---- C:\Program Files\XoftSpySE 2009-05-18 15:51:28 ----D---- C:\Program Files\Avira 2009-05-18 15:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-05-16 17:27:02 ----D---- C:\Program Files\RegCleaner 2009-05-16 09:57:25 ----D---- C:\Program Files\VS Revo Group 2009-05-15 19:49:38 ----D---- C:\Program Files\trend micro ======List of files/folders modified in the last 1 months====== 2009-06-13 12:09:24 ----D---- C:\WINDOWS\Temp 2009-06-13 12:01:34 ----D---- C:\Program Files\SPAMfighter 2009-06-13 11:05:43 ----D---- C:\WINDOWS\system32\drivers 2009-06-13 11:01:31 ----D---- C:\WINDOWS 2009-06-13 11:01:30 ----A---- C:\WINDOWS\system.ini 2009-06-13 11:00:58 ----D---- C:\WINDOWS\Prefetch 2009-06-13 11:00:32 ----AD---- C:\WINDOWS\system32 2009-06-13 11:00:22 ----D---- C:\WINDOWS\system32\CatRoot2 2009-06-13 10:59:50 ----A---- C:\WINDOWS\ModemLog_Mobile 115200.txt 2009-06-13 10:59:50 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt 2009-06-13 10:59:50 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt 2009-06-13 10:59:45 ----SD---- C:\WINDOWS\Tasks 2009-06-13 10:59:45 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt 2009-06-13 10:57:09 ----D---- C:\WINDOWS\system32\config 2009-06-13 10:55:25 ----D---- C:\WINDOWS\AppPatch 2009-06-13 10:55:18 ----D---- C:\Program Files\Fichiers communs 2009-06-13 10:52:33 ----RASH---- C:\boot.ini 2009-06-13 10:51:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-06-13 10:50:37 ----SHD---- C:\System Volume Information 2009-06-13 10:50:37 ----D---- C:\WINDOWS\system32\Restore 2009-06-12 19:01:08 ----RD---- C:\Program Files 2009-06-12 15:04:34 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-06-12 13:37:32 ----D---- C:\WINDOWS\Downloaded Installations 2009-06-12 11:58:23 ----D---- C:\WINDOWS\pss 2009-06-12 11:36:20 ----HD---- C:\Config.Msi 2009-06-12 11:11:00 ----SHD---- C:\WINDOWS\Installer 2009-06-12 08:56:03 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-11 18:01:08 ----D---- C:\WINDOWS\WinSxS 2009-06-11 16:35:04 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-11 12:20:43 ----D---- C:\WINDOWS\Debug 2009-06-11 12:19:04 ----D---- C:\Program Files\Internet Explorer 2009-06-11 12:06:48 ----HD---- C:\WINDOWS\inf 2009-06-11 12:06:03 ----D---- C:\Program Files\Microsoft Works 2009-06-10 10:08:26 ----D---- C:\Program Files\a-squared Free 2009-06-09 16:30:36 ----D---- C:\WINDOWS\system32\CatRoot 2009-06-09 12:36:01 ----D---- C:\WINDOWS\Microsoft.NET 2009-06-09 12:35:59 ----RSD---- C:\WINDOWS\assembly 2009-06-09 12:19:38 ----D---- C:\WINDOWS\system32\mui 2009-06-09 12:16:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-06-09 12:05:48 ----RSD---- C:\WINDOWS\Fonts 2009-06-09 12:05:11 ----D---- C:\WINDOWS\system32\spool 2009-06-08 13:53:47 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-08 11:53:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-08 11:28:22 ----A---- C:\WINDOWS\win.ini 2009-06-08 10:42:54 ----D---- C:\Program Files\ma-config.com 2009-06-08 10:42:53 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-06-07 23:35:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-21 10:49:00 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-05-19 22:50:13 ----D---- C:\WINDOWS\system 2009-05-18 23:32:08 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-05-18 16:02:30 ----D---- C:\WINDOWS\system32\FxsTmp 2009-05-18 15:42:23 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-05-18 10:39:32 ----D---- C:\WINDOWS\BDOSCAN8 2009-05-17 21:54:59 ----D---- C:\Program Files\Launch Manager 2009-05-17 20:15:58 ----D---- C:\DriveKey 2009-05-17 14:54:21 ----D---- C:\WINDOWS\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-08-01 39424] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2003-02-05 5589] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2003-02-05 23059] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-23 17801] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2003-02-05 40416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-08-01 13059] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2003-02-07 23957] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2003-02-07 34773] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2003-02-07 4053] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2003-02-07 2201] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2003-02-07 55540] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2003-02-07 14133] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2003-02-07 6293] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2003-02-07 96596] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2003-02-07 99029] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-04-22 44384] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-01 2314560] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-05-05 463168] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-01 1035776] R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480] R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000] R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860] R3 catchme;catchme; \??\C:\DOCUME~1\HENRIK~1\LOCALS~1\Temp\catchme.sys [] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-08-01 1038208] R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-01 200192] R3 M1000Srv;M5603C USB2.0 Camera Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-20 274567] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-03-21 9856] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-08-01 70912] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-08-01 188928] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-08-01 146304] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312] R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-01 703232] S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys [] S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys [] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC302;Cammaestro 4.2GU build 1105; C:\WINDOWS\System32\Drivers\usbvm302.sys [2005-01-13 195263] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-06-10 718880] R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-26 611664] R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-01 364544] R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-08 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe [2009-03-12 184968] R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-11 604416] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-22 65536] R3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-11 361216] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-28 29744] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- @ plus ..... cordialement
  20. Heri
    RE...bonjour cijoint le rapport Combofix :ComboFix 09-06-12.02 - Henri KERISIT 13/06/2009 10:53.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.894.404 [GMT 2:00] Lancé depuis: c:\documents and settings\Henri KERISIT\Bureau\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\br.exe C:\cla.exe C:\x3.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ovfsthdafjwbeecxnsthxymevxbltapqxmkdvh ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-13 au 2009-06-13 )))))))))))))))))))))))))))))))))))) . 2009-06-11 14:33 . 2009-06-11 14:33 604416 ----a-w- c:\windows\system32\TUProgSt.exe 2009-06-11 14:33 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll 2009-06-11 14:33 . 2009-06-11 14:33 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-06-11 10:01 . 2009-06-11 10:01 -------- d-----w- C:\_OTM 2009-06-11 07:25 . 2009-04-30 21:16 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-06-11 07:25 . 2009-04-30 21:16 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-06-10 20:46 . 2009-06-10 21:05 -------- d-----w- c:\program files\Unlocker 2009-06-10 18:11 . 2009-06-10 18:11 -------- d-----w- C:\rsit 2009-06-09 10:20 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-06-09 10:06 . 2009-06-09 10:06 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2009-06-09 10:05 . 2009-06-09 10:20 -------- d-----w- c:\windows\system32\XPSViewer 2009-06-09 10:05 . 2009-06-09 10:05 -------- d-----w- c:\program files\MSBuild 2009-06-09 10:05 . 2009-06-09 10:05 -------- d-----w- c:\program files\Reference Assemblies 2009-06-09 10:04 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-09 10:04 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-09 10:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-06-09 10:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-06-09 10:04 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-09 10:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-06-09 10:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-06-08 08:58 . 2009-06-08 08:58 -------- d-----w- c:\documents and settings\Henri KERISIT\Application Data\TuneUp Software 2009-06-08 08:57 . 2009-06-08 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-06-08 08:57 . 2009-06-11 14:33 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-05-20 08:56 . 2009-06-08 08:57 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-19 21:11 . 2009-05-19 21:11 319488 ----a-w- c:\windows\HideWin.exe 2009-05-19 20:50 . 2009-05-19 21:19 -------- d-----w- c:\program files\SymplisIT 2009-05-19 20:50 . 2009-05-19 21:13 -------- d-----w- c:\documents and settings\All Users\Application Data\SymplisIT 2009-05-18 21:39 . 2009-06-08 08:07 -------- d-----w- c:\program files\XoftSpySE 2009-05-18 13:51 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-05-18 13:51 . 2009-03-24 14:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-05-18 13:51 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-05-18 13:51 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-05-18 13:51 . 2009-05-18 13:51 -------- d-----w- c:\program files\Avira 2009-05-18 13:51 . 2009-05-18 13:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-05-16 15:27 . 2009-05-16 15:29 -------- d-----w- c:\program files\RegCleaner 2009-05-16 07:57 . 2009-05-16 07:57 -------- d-----w- c:\program files\VS Revo Group 2009-05-15 17:49 . 2009-05-15 17:50 -------- d-----w- c:\program files\trend micro . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-12 13:04 . 2007-09-18 07:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-06-12 12:51 . 2009-05-13 16:45 -------- d-----w- c:\program files\SPAMfighter 2009-06-12 06:56 . 2007-06-21 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-11 10:06 . 2005-11-03 10:29 -------- d-----w- c:\program files\Microsoft Works 2009-06-10 08:08 . 2009-04-21 12:26 -------- d-----w- c:\program files\a-squared Free 2009-06-09 11:50 . 2006-06-20 18:23 79848 ----a-w- c:\documents and settings\Henri KERISIT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-09 10:16 . 2005-11-03 11:24 88044 ----a-w- c:\windows\system32\perfc00C.dat 2009-06-09 10:16 . 2005-11-03 11:24 516254 ----a-w- c:\windows\system32\perfh00C.dat 2009-06-08 09:53 . 2009-03-25 09:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-08 09:53 . 2009-05-14 06:58 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-08 08:42 . 2008-11-12 20:35 -------- d-----w- c:\program files\ma-config.com 2009-06-08 08:42 . 2008-11-12 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2009-05-26 11:20 . 2009-03-25 09:58 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-26 11:19 . 2009-03-25 09:58 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-21 08:49 . 2007-06-21 17:30 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-05-17 19:54 . 2009-03-23 09:38 -------- d-----w- c:\program files\Launch Manager 2009-05-13 16:53 . 2009-05-13 16:53 -------- d-----w- c:\program files\Fichiers communs\Application 2009-05-13 05:04 . 2005-11-03 11:24 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-11 08:54 . 2005-11-03 10:25 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-05-07 15:33 . 2005-11-03 11:23 348672 ----a-w- c:\windows\system32\localspl.dll 2009-05-01 08:10 . 2009-05-01 08:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-05-01 08:06 . 2007-04-20 20:15 -------- d-----w- c:\program files\CCleaner 2009-04-29 10:29 . 2009-04-27 09:13 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-04-28 21:36 . 2009-04-28 17:33 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-04-28 21:30 . 2006-10-08 16:21 -------- d-----w- c:\documents and settings\Henri KERISIT\Application Data\Apple Computer 2009-04-28 17:49 . 2009-04-28 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-28 17:43 . 2006-10-08 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-04-28 17:40 . 2009-04-28 17:40 -------- d-----w- c:\program files\Bonjour 2009-04-28 17:10 . 2009-04-28 17:08 -------- d-----w- c:\program files\QuickTime 2009-04-27 11:54 . 2009-03-26 08:11 -------- d-----w- c:\documents and settings\Henri KERISIT\Application Data\SUPERAntiSpyware.com 2009-04-27 11:54 . 2008-05-22 12:35 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2009-04-27 11:54 . 2009-03-26 08:11 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-04-27 09:13 . 2009-04-27 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\MailFrontier 2009-04-22 18:02 . 2009-04-22 18:02 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2009-04-22 18:02 . 2009-04-22 18:02 441760 ----a-w- c:\windows\system32\drivers\timntr.sys 2009-04-22 18:02 . 2009-04-22 18:02 129248 ----a-w- c:\windows\system32\drivers\snapman.sys 2009-04-22 18:02 . 2009-04-22 18:02 368736 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2009-04-22 18:02 . 2009-04-22 18:01 -------- d-----w- c:\program files\Fichiers communs\Acronis 2009-04-22 18:01 . 2009-04-22 18:01 -------- d-----w- c:\program files\Acronis 2009-04-19 19:50 . 2005-11-03 11:24 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-19 18:41 . 2008-06-07 12:09 -------- d-----w- c:\program files\Alwil Software 2009-04-16 20:56 . 2009-04-16 20:56 152576 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-15 14:53 . 2005-11-03 11:24 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-15 10:03 . 2006-06-22 21:03 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-03-23 08:49 . 2009-03-23 08:49 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-03-19 14:02 . 2009-03-19 14:02 86576 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe 2009-03-19 14:02 . 2009-03-19 14:02 132672 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe 2009-03-19 14:02 . 2009-03-19 14:02 392728 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll 2009-03-17 08:24 . 2008-12-03 09:54 152576 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Sun\Java\jre1.6.0_11\lzma.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2003-10-10 376912] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-18 68856] "ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2009-04-28 1560816] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "RTEGPRS"="c:\program files\Fichiers communs\SmartCom\RTEGPRS.exe" [2005-11-28 2265088] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-05 339968] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-08-01 98393] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-01 688217] "Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-06-02 135168] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-02-06 114741] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-08 136600] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-18 185632] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-03-30 32768] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2005-05-02 57344] "LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2004-10-11 245760] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2005-04-18 81920] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880] "Acronis Scheduler2 Service"="c:\program files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"= "c:\\Program Files\\Microsoft ActiveSync\\WcesMgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Pédagofiche\\Fichiers communs\\PfManager.exe"= "c:\\StubInstaller.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [18/05/2009 15:51 108289] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12/03/2009 10:44 184968] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [11/06/2009 16:33 604416] R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [03/11/2005 13:27 200192] R3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\drivers\M1000KNT.sys [21/11/2007 12:49 274567] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18/09/2007 10:09 29744] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864] S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?] S3 ZSMC302;Cammaestro 4.2GU build 1105;c:\windows\system32\drivers\usbvm302.sys [24/06/2006 18:18 195263] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-06-13 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 17:12] 2009-06-13 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:42] 2009-06-13 c:\windows\Tasks\User_Feed_Synchronization-{56134A75-B58D-479A-855F-8C2768A3A41E}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-BigDogPath - c:\windows\VM_STI.EXE Cammaestro 4.2GU HKLM-Run-M1000Mnt - M1000Rmv.exe HKU-Default-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALUNotify.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.aliceadsl.fr/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.aliceadsl.fr uInternet Connection Wizard,ShellNext = hxxp://www.fujitsu-siemens.fr/home-services uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporter vers Microsoft Excel IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a63fdf20a9b546a3888a10e540b16c12 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a63fdf20a9b546a3888a10e540b16c12 Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-13 11:00 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG10.00.00.01WORKSTATION"="82E14B9A63919BEA7B3AA4551538CA687FE8ECF8B3B206C143E6E4C7765E2593F78E388E880 BBB9F72226C5ADB89694D215E1EC948CA813DD5AA8AE1F80B7C6DE0C36FFCB2953EE8F48CB53FDF0F AB0B65DA6C2AF1D48CD6A6689A2E14EC424E31BFD4D82784CA711F4AAF911AFA16392C5FF7DF00062 92C7CF240C9095A957EB3C441BABEEEBB4C5EAD808097C7DD4FA96F50D5545889BFED9E9AF930EC47 2A061A005E65AF9EEAF4104162FAB0F1AB6593FC18658798F869C5BC2374FEBC9E127BECC74CFEBC9 E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC 4980AC7933BA7FD869164D6794BA7FD869164D6794A6171C11EC38DE3DE5A86747128355CDA7F45DB C5EDA20CE05B3B4BC1F011AC6FEE5E17A6CF06E51E7A8D1582FCCA87F80DEFA2DC46A88C8A51F7DD8 B3ABF44C147C5AB1F4B2715D2E19323C4AD32968E40C98B1A3EB89A41E94795A1476ED0DB5A006B5D CFDD8B98D9CBB7081573FF8AA9D7630EA2BE2C56254102D23D7BB849CCC1615191974149E0B0AC879 09F2316969B5E1116776222E4D0D8DC63BB9BBC3B01E3421BBB9AE3CF098EDDB8E74297FF55D5311D 3CB47FD271F8EEA02E955E8AD97C7EF93415D868C4BDAD48393890E0157E466960D5215B9D994FCFE 6E04115B5EDB0541C889E2D165E015F2471079FAF2CA154C0AF778133559707B8F910202B2CDE4D93 0B179E810A1D1E229126A08E18EA082357EF3F58B6C3CB2B95847A2B9D217E57D66B4ACDA16424577 F3CE80BA8D93BCA54115569E2ED9D4FBCAAF6FFA6FA6E358CCC62CB50AA48713AED871F6F77B71173 12DDE8E5449058AEA4FCDE28024430E9DA22BF51D398503D2FB1B7652EA0D664F526BE5E88BDCBDD2 7CD8C233A26911A60122D5C244917081F2727B75766D9834DF0F0DC9A8E7112ED25ECD8AB9B073C95 DBB71C28DF2AA71B820AC0E3865528AF38F5629AA26A5BC32611EDC846470FB78D8CBB96362216C90 00929DCCBD61926F64728BA08A3DD3BB99AE56A3466346578BC817160F6BD07FA21D78572F311FF9B DFACB1C7EC0DAD8F05FF43B0CCEC5401BB39E791944124DCC1EC77C6A58167DFA6A98B5DDBC4EB204 F50B71DD56AB4083B7E7679807B407F6CB0766110B74A63320710777DF3FB9A79AC0F258C3BDA7F4E 65E3C973853FECD420943BBA5C8682FDF2D2E117FD021E1D98F6E0E02558AD238C157917B9DCA31FD F0C375263779EB50F5CE62133B5FEC23461981A4DF403303271EFA9C54423762B71D3B30F5549B7D4 98E95B4CC2FB7CB09A8AF5F5E66E386757939094F8327B42B0B020A50B524567919CCA6E211E38BCC 5A010B655CE2E168D6A6D1F66FFC216AC8309E26A09EAE2B1D1B4CF3C7C7FEDDED5AA59E46E39C0F2 590ADC9AAEA356C1A207D6ADAD8BD" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1984) c:\windows\system32\Ati2evxx.dll c:\windows\System32\BCMLogon.dll - - - - - - - > 'lsass.exe'(240) c:\windows\system32\relog_ap.dll - - - - - - - > 'explorer.exe'(2956) c:\progra~1\WINDOW~2\wmpband.dll c:\program files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\WLTRYSVC.EXE c:\windows\system32\BCMWLTRY.EXE c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\ati2evxx.exe c:\program files\a-squared Free\a2service.exe c:\program files\Fichiers communs\Acronis\Schedule2\schedul2.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe c:\windows\system32\CF555.exe c:\windows\VM_STI.EXE c:\windows\system32\wbem\wmiapsrv.exe c:\windows\WebCam\M1000\M1000Mnt.exe c:\windows\system32\msiexec.exe . ************************************************************************** . Heure de fin: 2009-06-13 11:05 - La machine a redémarré ComboFix-quarantined-files.txt 2009-06-13 09:05 Avant-CF: 53 088 997 376 octets libres Après-CF: 53 013 295 104 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect 277 --- E O F --- 2009-06-11 10:06 @+ dans l'attente de ton analyse et suggestions Cordialement heri
  21. Heri
    BONJOUR Falkra, ci joint en retour le rapport émis par COMBOFIX : ComboFix 09-06-12.02 - Henri KERISIT 13/06/2009 10:53.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.894.404 [GMT 2:00] Lancé depuis: c:\documents and settings\Henri KERISIT\Bureau\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\br.exe C:\cla.exe C:\x3.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ovfsthdafjwbeecxnsthxymevxbltapqxmkdvh ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-13 au 2009-06-13 )))))))))))))))))))))))))))))))))))) . 2009-06-11 14:33 . 2009-06-11 14:33 604416 ----a-w- c:\windows\system32\TUProgSt.exe 2009-06-11 14:33 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll 2009-06-11 14:33 . 2009-06-11 14:33 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-06-11 10:01 . 2009-06-11 10:01 -------- d-----w- C:\_OTM 2009-06-11 07:25 . 2009-04-30 21:16 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-06-11 07:25 . 2009-04-30 21:16 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-06-10 20:46 . 2009-06-10 21:05 -------- d-----w- c:\program files\Unlocker 2009-06-10 18:11 . 2009-06-10 18:11 -------- d-----w- C:\rsit 2009-06-09 10:20 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2009-06-09 10:06 . 2009-06-09 10:06 -------- d-sh--w- c:\documents and settings\Default User\IETldCache 2009-06-09 10:05 . 2009-06-09 10:20 -------- d-----w- c:\windows\system32\XPSViewer 2009-06-09 10:05 . 2009-06-09 10:05 -------- d-----w- c:\program files\MSBuild 2009-06-09 10:05 . 2009-06-09 10:05 -------- d-----w- c:\program files\Reference Assemblies 2009-06-09 10:04 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-09 10:04 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-09 10:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-06-09 10:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-06-09 10:04 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-09 10:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-06-09 10:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-06-08 08:58 . 2009-06-08 08:58 -------- d-----w- c:\documents and settings\Henri KERISIT\Application Data\TuneUp Software 2009-06-08 08:57 . 2009-06-08 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-06-08 08:57 . 2009-06-11 14:33 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-05-20 08:56 . 2009-06-08 08:57 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-19 21:11 . 2009-05-19 21:11 319488 ----a-w- c:\windows\HideWin.exe 2009-05-19 20:50 . 2009-05-19 21:19 -------- d-----w- c:\program files\SymplisIT 2009-05-19 20:50 . 2009-05-19 21:13 -------- d-----w- c:\documents and settings\All Users\Application Data\SymplisIT 2009-05-18 21:39 . 2009-06-08 08:07 -------- d-----w- c:\program files\XoftSpySE 2009-05-18 13:51 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-05-18 13:51 . 2009-03-24 14:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-05-18 13:51 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-05-18 13:51 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-05-18 13:51 . 2009-05-18 13:51 -------- d-----w- c:\program files\Avira 2009-05-18 13:51 . 2009-05-18 13:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-05-16 15:27 . 2009-05-16 15:29 -------- d-----w- c:\program files\RegCleaner 2009-05-16 07:57 . 2009-05-16 07:57 -------- d-----w- c:\program files\VS Revo Group 2009-05-15 17:49 . 2009-05-15 17:50 -------- d-----w- c:\program files\trend micro . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-12 13:04 . 2007-09-18 07:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-06-12 12:51 . 2009-05-13 16:45 -------- d-----w- c:\program files\SPAMfighter 2009-06-12 06:56 . 2007-06-21 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-11 10:06 . 2005-11-03 10:29 -------- d-----w- c:\program files\Microsoft Works 2009-06-10 08:08 . 2009-04-21 12:26 -------- d-----w- c:\program files\a-squared Free 2009-06-09 11:50 . 2006-06-20 18:23 79848 ----a-w- c:\documents and settings\Henri KERISIT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-09 10:16 . 2005-11-03 11:24 88044 ----a-w- c:\windows\system32\perfc00C.dat 2009-06-09 10:16 . 2005-11-03 11:24 516254 ----a-w- c:\windows\system32\perfh00C.dat 2009-06-08 09:53 . 2009-03-25 09:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-08 09:53 . 2009-05-14 06:58 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-08 08:42 . 2008-11-12 20:35 -------- d-----w- c:\program files\ma-config.com 2009-06-08 08:42 . 2008-11-12 20:35 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2009-05-26 11:20 . 2009-03-25 09:58 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-26 11:19 . 2009-03-25 09:58 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-21 08:49 . 2007-06-21 17:30 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-05-17 19:54 . 2009-03-23 09:38 -------- d-----w- c:\program files\Launch Manager 2009-05-13 16:53 . 2009-05-13 16:53 -------- d-----w- c:\program files\Fichiers communs\Application 2009-05-13 05:04 . 2005-11-03 11:24 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-11 08:54 . 2005-11-03 10:25 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-05-07 15:33 . 2005-11-03 11:23 348672 ----a-w- c:\windows\system32\localspl.dll 2009-05-01 08:10 . 2009-05-01 08:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2009-05-01 08:06 . 2007-04-20 20:15 -------- d-----w- c:\program files\CCleaner 2009-04-29 10:29 . 2009-04-27 09:13 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-04-28 21:36 . 2009-04-28 17:33 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-04-28 21:30 . 2006-10-08 16:21 -------- d-----w- c:\documents and settings\Henri KERISIT\Application Data\Apple Computer 2009-04-28 17:49 . 2009-04-28 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-28 17:43 . 2006-10-08 16:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2009-04-28 17:40 . 2009-04-28 17:40 -------- d-----w- c:\program files\Bonjour 2009-04-28 17:10 . 2009-04-28 17:08 -------- d-----w- c:\program files\QuickTime 2009-04-27 11:54 . 2009-03-26 08:11 -------- d-----w- c:\documents and settings\Henri KERISIT\Application Data\SUPERAntiSpyware.com 2009-04-27 11:54 . 2008-05-22 12:35 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard 2009-04-27 11:54 . 2009-03-26 08:11 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-04-27 09:13 . 2009-04-27 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\MailFrontier 2009-04-22 18:02 . 2009-04-22 18:02 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2009-04-22 18:02 . 2009-04-22 18:02 441760 ----a-w- c:\windows\system32\drivers\timntr.sys 2009-04-22 18:02 . 2009-04-22 18:02 129248 ----a-w- c:\windows\system32\drivers\snapman.sys 2009-04-22 18:02 . 2009-04-22 18:02 368736 ----a-w- c:\windows\system32\drivers\tdrpman.sys 2009-04-22 18:02 . 2009-04-22 18:01 -------- d-----w- c:\program files\Fichiers communs\Acronis 2009-04-22 18:01 . 2009-04-22 18:01 -------- d-----w- c:\program files\Acronis 2009-04-19 19:50 . 2005-11-03 11:24 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-19 18:41 . 2008-06-07 12:09 -------- d-----w- c:\program files\Alwil Software 2009-04-16 20:56 . 2009-04-16 20:56 152576 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-15 14:53 . 2005-11-03 11:24 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-15 10:03 . 2006-06-22 21:03 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-03-23 08:49 . 2009-03-23 08:49 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-03-19 14:02 . 2009-03-19 14:02 86576 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe 2009-03-19 14:02 . 2009-03-19 14:02 132672 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe 2009-03-19 14:02 . 2009-03-19 14:02 392728 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll 2009-03-17 08:24 . 2008-12-03 09:54 152576 ----a-w- c:\documents and settings\Henri KERISIT\Application Data\Sun\Java\jre1.6.0_11\lzma.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\WCESCOMM.EXE" [2003-10-10 376912] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-18 68856] "ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2009-04-28 1560816] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "RTEGPRS"="c:\program files\Fichiers communs\SmartCom\RTEGPRS.exe" [2005-11-28 2265088] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-05 339968] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-08-01 98393] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-01 688217] "Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-06-02 135168] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-02-06 114741] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-08 136600] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-18 185632] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-03-30 32768] "HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2005-05-02 57344] "LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2004-10-11 245760] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2005-04-18 81920] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-07 2620336] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-07 904880] "Acronis Scheduler2 Service"="c:\program files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-10-07 140568] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe" [2009-03-12 326792] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"= "c:\\Program Files\\Microsoft ActiveSync\\WcesMgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Pédagofiche\\Fichiers communs\\PfManager.exe"= "c:\\StubInstaller.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [18/05/2009 15:51 108289] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12/03/2009 10:44 184968] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [11/06/2009 16:33 604416] R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [03/11/2005 13:27 200192] R3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\drivers\M1000KNT.sys [21/11/2007 12:49 274567] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [18/09/2007 10:09 29744] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [29/05/2009 17:13 234864] S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?] S3 ZSMC302;Cammaestro 4.2GU build 1105;c:\windows\system32\drivers\usbvm302.sys [24/06/2006 18:18 195263] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contenu du dossier 'Tâches planifiées' 2009-06-13 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 17:12] 2009-06-13 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:42] 2009-06-13 c:\windows\Tasks\User_Feed_Synchronization-{56134A75-B58D-479A-855F-8C2768A3A41E}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-BigDogPath - c:\windows\VM_STI.EXE Cammaestro 4.2GU HKLM-Run-M1000Mnt - M1000Rmv.exe HKU-Default-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALUNotify.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.aliceadsl.fr/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.aliceadsl.fr uInternet Connection Wizard,ShellNext = hxxp://www.fujitsu-siemens.fr/home-services uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporter vers Microsoft Excel IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a63fdf20a9b546a3888a10e540b16c12 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a63fdf20a9b546a3888a10e540b16c12 Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-13 11:00 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG10.00.00.01WORKSTATION"="82E14B9A63919BEA7B3AA4551538CA687FE8ECF8B3B206C143E6E4C7765E2593F78E388E880 BBB9F72226C5ADB89694D215E1EC948CA813DD5AA8AE1F80B7C6DE0C36FFCB2953EE8F48CB53FDF0F AB0B65DA6C2AF1D48CD6A6689A2E14EC424E31BFD4D82784CA711F4AAF911AFA16392C5FF7DF00062 92C7CF240C9095A957EB3C441BABEEEBB4C5EAD808097C7DD4FA96F50D5545889BFED9E9AF930EC47 2A061A005E65AF9EEAF4104162FAB0F1AB6593FC18658798F869C5BC2374FEBC9E127BECC74CFEBC9 E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC 4980AC7933BA7FD869164D6794BA7FD869164D6794A6171C11EC38DE3DE5A86747128355CDA7F45DB C5EDA20CE05B3B4BC1F011AC6FEE5E17A6CF06E51E7A8D1582FCCA87F80DEFA2DC46A88C8A51F7DD8 B3ABF44C147C5AB1F4B2715D2E19323C4AD32968E40C98B1A3EB89A41E94795A1476ED0DB5A006B5D CFDD8B98D9CBB7081573FF8AA9D7630EA2BE2C56254102D23D7BB849CCC1615191974149E0B0AC879 09F2316969B5E1116776222E4D0D8DC63BB9BBC3B01E3421BBB9AE3CF098EDDB8E74297FF55D5311D 3CB47FD271F8EEA02E955E8AD97C7EF93415D868C4BDAD48393890E0157E466960D5215B9D994FCFE 6E04115B5EDB0541C889E2D165E015F2471079FAF2CA154C0AF778133559707B8F910202B2CDE4D93 0B179E810A1D1E229126A08E18EA082357EF3F58B6C3CB2B95847A2B9D217E57D66B4ACDA16424577 F3CE80BA8D93BCA54115569E2ED9D4FBCAAF6FFA6FA6E358CCC62CB50AA48713AED871F6F77B71173 12DDE8E5449058AEA4FCDE28024430E9DA22BF51D398503D2FB1B7652EA0D664F526BE5E88BDCBDD2 7CD8C233A26911A60122D5C244917081F2727B75766D9834DF0F0DC9A8E7112ED25ECD8AB9B073C95 DBB71C28DF2AA71B820AC0E3865528AF38F5629AA26A5BC32611EDC846470FB78D8CBB96362216C90 00929DCCBD61926F64728BA08A3DD3BB99AE56A3466346578BC817160F6BD07FA21D78572F311FF9B DFACB1C7EC0DAD8F05FF43B0CCEC5401BB39E791944124DCC1EC77C6A58167DFA6A98B5DDBC4EB204 F50B71DD56AB4083B7E7679807B407F6CB0766110B74A63320710777DF3FB9A79AC0F258C3BDA7F4E 65E3C973853FECD420943BBA5C8682FDF2D2E117FD021E1D98F6E0E02558AD238C157917B9DCA31FD F0C375263779EB50F5CE62133B5FEC23461981A4DF403303271EFA9C54423762B71D3B30F5549B7D4 98E95B4CC2FB7CB09A8AF5F5E66E386757939094F8327B42B0B020A50B524567919CCA6E211E38BCC 5A010B655CE2E168D6A6D1F66FFC216AC8309E26A09EAE2B1D1B4CF3C7C7FEDDED5AA59E46E39C0F2 590ADC9AAEA356C1A207D6ADAD8BD" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1984) c:\windows\system32\Ati2evxx.dll c:\windows\System32\BCMLogon.dll - - - - - - - > 'lsass.exe'(240) c:\windows\system32\relog_ap.dll - - - - - - - > 'explorer.exe'(2956) c:\progra~1\WINDOW~2\wmpband.dll c:\program files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\WLTRYSVC.EXE c:\windows\system32\BCMWLTRY.EXE c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\ati2evxx.exe c:\program files\a-squared Free\a2service.exe c:\program files\Fichiers communs\Acronis\Schedule2\schedul2.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe c:\windows\system32\CF555.exe c:\windows\VM_STI.EXE c:\windows\system32\wbem\wmiapsrv.exe c:\windows\WebCam\M1000\M1000Mnt.exe c:\windows\system32\msiexec.exe . ************************************************************************** . Heure de fin: 2009-06-13 11:05 - La machine a redémarré ComboFix-quarantined-files.txt 2009-06-13 09:05 Avant-CF: 53 088 997 376 octets libres Après-CF: 53 013 295 104 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect 277 --- E O F --- 2009-06-11 10:06 Pour info, j'ai désactivé la restauration car j'ai ACRONIS et je fais la copie image système sur un disk externe. Cordialement et à plus pour le resultat de ton analyse ......et dis moi tout!
  22. Heri
    SALUT.... Trouves joint les logs: Logfile of random's system information tool 1.06 (written by random/random) Run by Henri KERISIT at 2009-06-12 22:28:08 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 51 GB (66%) free of 76 GB Total RAM: 894 MB (25% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:28:32, on 12/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\WINDOWS\WebCam\M1000\M1000Mnt.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\WINDOWS\System32\TuneUpDefragService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre6\bin\java.exe C:\Documents and Settings\Henri KERISIT\Bureau\RSIT.exe C:\Documents and Settings\Henri KERISIT\Bureau\Henri KERISIT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Cammaestro 4.2GU build 1105 O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a63fdf20a9b546a3888a10e540b16c12 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a63fdf20a9b546a3888a10e540b16c12 O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: lec - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 13140 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\User_Feed_Synchronization-{56134A75-B58D-479A-855F-8C2768A3A41E}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2003-02-07 98356] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-08 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-27 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-27 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-08 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-08 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-27 259696] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-04-05 339968] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-08-01 98393] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-01 688217] "BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960] "Sunkist2k"=C:\Program Files\Multimedia Card Reader\shwicon2k.exe [2003-06-02 135168] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2003-02-07 114741] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-08 136600] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-18 185632] "M1000Mnt"=M1000Rmv.exe /StartStillMnt [] "LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-03-30 32768] "HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-05-02 57344] "LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2005-03-16 204800] "LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-10-11 245760] "Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-04-18 81920] "CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480] "TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-07 2620336] "AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-07 904880] "Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2007-10-07 140568] "SPAMfighter Agent"=C:\Program Files\SPAMfighter\SFAgent.exe [2009-03-12 326792] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2003-10-10 376912] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-18 68856] "ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2009-04-28 1560816] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "RTEGPRS"=C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2005-11-28 2265088] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-28 29744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Les Echos Desk] C:\Program Files\Nosibay\Les Echos Desk\launcher.exe [2008-07-23 239120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-08-08 45056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-01 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap "notification packages"=scecli C:\WINDOWS\system32\rewagiki.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager" "C:\Program Files\Microsoft ActiveSync\WcesMgr.exe"="C:\Program Files\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Pédagofiche\Fichiers communs\PfManager.exe"="C:\Program Files\Pédagofiche\Fichiers communs\PfManager.exe:*:Enabled:LaunchAnywhere GUI" "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting®" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0e8fa61-022a-11db-894c-0002e34a7181}] shell\AutoRun\command - setupSNK.exe ======List of files/folders created in the last 1 months====== 2009-06-11 16:33:09 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-06-11 16:33:06 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-06-11 16:33:04 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-06-11 12:01:37 ----D---- C:\_OTM 2009-06-10 22:46:04 ----D---- C:\Program Files\Unlocker 2009-06-10 20:11:18 ----D---- C:\rsit 2009-06-09 12:20:55 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-06-09 12:05:58 ----D---- C:\WINDOWS\system32\XPSViewer 2009-06-09 12:05:53 ----D---- C:\Program Files\MSBuild 2009-06-09 12:05:50 ----D---- C:\WINDOWS\system32\en-US 2009-06-09 12:05:37 ----D---- C:\Program Files\Reference Assemblies 2009-06-09 12:04:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-06-09 12:04:50 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-06-09 12:04:49 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-06-08 10:58:12 ----D---- C:\Documents and Settings\Henri KERISIT\Application Data\TuneUp Software 2009-06-08 10:57:20 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-06-08 10:57:18 ----D---- C:\Program Files\TuneUp Utilities 2009 2009-05-20 10:56:58 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-19 23:11:07 ----A---- C:\WINDOWS\HideWin.exe 2009-05-19 22:50:13 ----D---- C:\Program Files\SymplisIT 2009-05-19 22:50:13 ----D---- C:\Documents and Settings\All Users\Application Data\SymplisIT 2009-05-18 23:39:31 ----D---- C:\Program Files\XoftSpySE 2009-05-18 15:51:28 ----D---- C:\Program Files\Avira 2009-05-18 15:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-05-16 17:27:02 ----D---- C:\Program Files\RegCleaner 2009-05-16 09:57:25 ----D---- C:\Program Files\VS Revo Group 2009-05-15 19:49:38 ----D---- C:\Program Files\trend micro 2009-05-13 18:53:29 ----D---- C:\Program Files\Fichiers communs\Application 2009-05-13 18:45:35 ----D---- C:\Program Files\SPAMfighter ======List of files/folders modified in the last 1 months====== 2009-06-12 21:50:36 ----SD---- C:\WINDOWS\Tasks 2009-06-12 19:16:04 ----D---- C:\WINDOWS\Prefetch 2009-06-12 19:01:08 ----RD---- C:\Program Files 2009-06-12 14:08:03 ----D---- C:\WINDOWS\Temp 2009-06-12 13:51:34 ----D---- C:\WINDOWS 2009-06-12 13:51:28 ----D---- C:\WINDOWS\system32\CatRoot2 2009-06-12 13:50:48 ----A---- C:\WINDOWS\ModemLog_Mobile 115200.txt 2009-06-12 13:50:48 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt 2009-06-12 13:50:47 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt 2009-06-12 13:50:41 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt 2009-06-12 13:48:14 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-06-12 13:37:32 ----D---- C:\WINDOWS\Downloaded Installations 2009-06-12 11:58:23 ----D---- C:\WINDOWS\pss 2009-06-12 11:36:20 ----HD---- C:\Config.Msi 2009-06-12 11:11:00 ----SHD---- C:\WINDOWS\Installer 2009-06-12 08:56:03 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-11 18:01:08 ----D---- C:\WINDOWS\WinSxS 2009-06-11 16:35:04 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-11 16:35:04 ----AD---- C:\WINDOWS\system32 2009-06-11 14:03:21 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-06-11 12:20:43 ----D---- C:\WINDOWS\Debug 2009-06-11 12:19:04 ----D---- C:\Program Files\Internet Explorer 2009-06-11 12:06:48 ----HD---- C:\WINDOWS\inf 2009-06-11 12:06:03 ----D---- C:\Program Files\Microsoft Works 2009-06-10 10:08:26 ----D---- C:\Program Files\a-squared Free 2009-06-09 16:30:36 ----D---- C:\WINDOWS\system32\CatRoot 2009-06-09 13:08:38 ----D---- C:\Program Files\Fichiers communs 2009-06-09 12:36:01 ----D---- C:\WINDOWS\Microsoft.NET 2009-06-09 12:35:59 ----RSD---- C:\WINDOWS\assembly 2009-06-09 12:19:38 ----D---- C:\WINDOWS\system32\mui 2009-06-09 12:16:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-06-09 12:05:48 ----RSD---- C:\WINDOWS\Fonts 2009-06-09 12:05:11 ----D---- C:\WINDOWS\system32\spool 2009-06-08 17:46:07 ----D---- C:\WINDOWS\system32\config 2009-06-08 13:53:47 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-08 11:53:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-08 11:53:40 ----D---- C:\WINDOWS\system32\drivers 2009-06-08 11:28:22 ----A---- C:\WINDOWS\win.ini 2009-06-08 10:42:54 ----D---- C:\Program Files\ma-config.com 2009-06-08 10:42:53 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-06-07 23:35:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-06-01 18:51:12 ----A---- C:\WINDOWS\system32\MRT.exe 2009-05-21 10:49:00 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-05-19 22:50:13 ----D---- C:\WINDOWS\system 2009-05-18 23:32:08 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-05-18 16:02:30 ----D---- C:\WINDOWS\system32\FxsTmp 2009-05-18 15:42:23 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-05-18 10:39:32 ----D---- C:\WINDOWS\BDOSCAN8 2009-05-17 21:54:59 ----D---- C:\Program Files\Launch Manager 2009-05-17 20:15:58 ----D---- C:\DriveKey 2009-05-17 14:54:21 ----D---- C:\WINDOWS\Minidump 2009-05-13 07:04:17 ----A---- C:\WINDOWS\system32\wininet.dll 2009-05-13 07:04:17 ----A---- C:\WINDOWS\system32\mshtml.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-08-01 39424] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2003-02-05 5589] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2003-02-05 23059] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-23 17801] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2003-02-05 40416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-08-01 13059] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2003-02-07 23957] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2003-02-07 34773] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2003-02-07 4053] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2003-02-07 2201] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2003-02-07 55540] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2003-02-07 14133] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2003-02-07 6293] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2003-02-07 96596] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2003-02-07 99029] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-04-22 44384] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-01 2314560] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-05-05 463168] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-01 1035776] R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480] R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000] R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-08-01 1038208] R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-01 200192] R3 M1000Srv;M5603C USB2.0 Camera Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-20 274567] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-03-21 9856] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-08-01 70912] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-08-01 188928] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-08-01 146304] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312] R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-01 703232] S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys [] S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys [] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC302;Cammaestro 4.2GU build 1105; C:\WINDOWS\System32\Drivers\usbvm302.sys [2005-01-13 195263] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-06-10 718880] R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-26 611664] R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-01 364544] R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-08 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe [2009-03-12 184968] R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-11 604416] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-22 65536] R3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-11 361216] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-28 29744] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- OK merci et excuse moi encore pour le travail que je te donne ... Cordialement et @+ pour les commentaires et suggestions ...... heri
  23. Heri
    BONJOUR ......Falkra ! Je vous tiraille sans doute l'esprit avec mes questions sur les dysfonctionnements rencontrés sur mon pc??? Milles excuses! Bonne soirée à Vous. et dans l'attente de lire les resultats de votre congitation... Cordialement
  24. Heri
  25. Heri
    Bonjour...... De plus j'ai quand j'utilise la fonction " Rechercher des fichiers ou des dosiers " j'ai aussi le message suivant : Microsoft Visual C++ Runtime Library Program : C:\WINDOWS\explorer.exe This aplication has request the Runtime to terminate it an unusual way. Please contact the application's suport team for more information. ok Mes deux messages d'erreur n'auraient ils pas une même origine due à un fichier endommagé ou corrompu ?? Merci et cordialement à +
×
×
  • Créer...