Aller au contenu

Heri

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    61

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Heri

  1. Heri
    Bonjour..... La mise à jour de IE8 a été faite automatiquement ..... et je l'ai vérifié c'est OK. Par contre je ne trouve pas la fichier qui doit être scanné :"C:\WINDOWS\system32\rewagiki.dll" Comment faire pour le localiser ..... A plus et merci, Cordialement
  2. Heri
    Bonjour..... La mise à jour de IE8 a été faite automatiquement ..... et je l'ai vérifié c'est OK. Par contre je ne trouve pas la fichier qui doit être scanné :"C:\WINDOWS\system32\rewagiki.dll" Comment faire pour le localiser ..... A plus et merci, Cordialement
  3. Heri
    Bonjour..... et merci pour vos conseils ; ci-joint le rapport log demandé: ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== File/Folder c:\autorun.inf not found. File/Folder d:\autorun.inf not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b4e347e-b309-11dd-8e9f-222222222222}\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\DOCUME~1\HENRIK~1\LOCALS~1\Temp\services.exe deleted successfully. ========== SERVICES/DRIVERS ========== Service\Driver mailKmd deleted successfully. Service\Driver pctplsg deleted successfully. ========== COMMANDS ========== Explorer started successfully OTM by OldTimer - Version 2.1.0.1 log created on 06112009_120137 ok c'est bon,,,,? J'en profite pour faire la mise à jours de IE8 ..... à plus et cordialement. Et je fais la mise
  4. Heri
    Bonjour et merci pour votre aide .... ci-joint un premier rapport: Logfile of random's system information tool 1.06 (written by random/random) Run by Henri KERISIT at 2009-06-10 20:11:18 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 51 GB (67%) free of 76 GB Total RAM: 894 MB (32% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:11:44, on 10/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\SPAMfighter\sfus.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Multimedia Card Reader\shwicon2k.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\OSD.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\Wbutton.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\WebCam\M1000\M1000Mnt.exe C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Henri KERISIT\Bureau\RSIT.exe C:\Documents and Settings\Henri KERISIT\Bureau\Henri KERISIT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.fujitsu-siemens.fr/home-services R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE Cammaestro 4.2GU build 1105 O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe" tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a63fdf20a9b546a3888a10e540b16c12 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a63fdf20a9b546a3888a10e540b16c12 O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: lec - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe -- End of file - 12915 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\User_Feed_Synchronization-{56134A75-B58D-479A-855F-8C2768A3A41E}.job C:\WINDOWS\tasks\XoftSpySE 2.job C:\WINDOWS\tasks\XoftSpySE.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2003-02-07 98356] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-08 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-27 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-27 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-08 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-08 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-27 259696] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-04-05 339968] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-08-01 98393] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-01 688217] "BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-06-09 40960] "Sunkist2k"=C:\Program Files\Multimedia Card Reader\shwicon2k.exe [2003-06-02 135168] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2003-02-07 114741] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-08 136600] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2007-09-18 185632] "M1000Mnt"=M1000Rmv.exe /StartStillMnt [] "LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-03-30 32768] "HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-05-02 57344] "LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2005-03-16 204800] "LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-10-11 245760] "Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-04-18 81920] "CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480] "TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-07 2620336] "AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-07 904880] "Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2007-10-07 140568] "SPAMfighter Agent"=C:\Program Files\SPAMfighter\SFAgent.exe [2009-03-12 326792] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2003-10-10 376912] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-18 68856] "ccleaner"=C:\Program Files\CCleaner\ccleaner.exe [2009-04-28 1560816] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "RTEGPRS"=C:\Program Files\Fichiers communs\SmartCom\RTEGPRS.exe [2005-11-28 2265088] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-28 29744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Les Echos Desk] C:\Program Files\Nosibay\Les Echos Desk\launcher.exe [2008-07-23 239120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE [2005-08-08 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk] C:\PROGRA~1\WinZip\WZQKPICK.EXE [2008-10-08 394856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-01 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap "notification packages"=scecli C:\WINDOWS\system32\rewagiki.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "ConsentPromptBehaviorAdmin"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager" "C:\Program Files\Microsoft ActiveSync\WcesMgr.exe"="C:\Program Files\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Pédagofiche\Fichiers communs\PfManager.exe"="C:\Program Files\Pédagofiche\Fichiers communs\PfManager.exe:*:Enabled:LaunchAnywhere GUI" "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix" "C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting®" "C:\DOCUME~1\HENRIK~1\LOCALS~1\Temp\services.exe"="C:\DOCUME~1\HENRIK~1\LOCALS~1\Temp\services.exe:*:Enabled:Flash Player2" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8b4e347e-b309-11dd-8e9f-222222222222}] shell\Auto\command - cmd /C launch.bat shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0e8fa61-022a-11db-894c-0002e34a7181}] shell\AutoRun\command - setupSNK.exe ======List of files/folders created in the last 1 months====== 2009-06-10 20:11:18 ----D---- C:\rsit 2009-06-09 16:30:03 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-06-09 12:20:55 ----N---- C:\WINDOWS\system32\spmsg2.dll 2009-06-09 12:20:53 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$ 2009-06-09 12:05:58 ----D---- C:\WINDOWS\system32\XPSViewer 2009-06-09 12:05:53 ----D---- C:\Program Files\MSBuild 2009-06-09 12:05:50 ----D---- C:\WINDOWS\system32\en-US 2009-06-09 12:05:37 ----D---- C:\Program Files\Reference Assemblies 2009-06-09 12:04:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-06-09 12:04:50 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-06-09 12:04:49 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-06-08 10:58:28 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-06-08 10:58:25 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-06-08 10:58:24 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-06-08 10:58:12 ----D---- C:\Documents and Settings\Henri KERISIT\Application Data\TuneUp Software 2009-06-08 10:57:20 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2009-06-08 10:57:18 ----D---- C:\Program Files\TuneUp Utilities 2009 2009-05-20 10:56:58 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-05-19 23:11:07 ----A---- C:\WINDOWS\HideWin.exe 2009-05-19 22:50:13 ----D---- C:\Program Files\SymplisIT 2009-05-19 22:50:13 ----D---- C:\Documents and Settings\All Users\Application Data\SymplisIT 2009-05-18 23:39:31 ----D---- C:\Program Files\XoftSpySE 2009-05-18 15:51:28 ----D---- C:\Program Files\Avira 2009-05-18 15:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-05-16 17:27:02 ----D---- C:\Program Files\RegCleaner 2009-05-16 09:57:25 ----D---- C:\Program Files\VS Revo Group 2009-05-15 19:49:38 ----D---- C:\Program Files\trend micro 2009-05-13 18:53:29 ----D---- C:\Program Files\Fichiers communs\Application 2009-05-13 18:45:35 ----D---- C:\Program Files\SPAMfighter ======List of files/folders modified in the last 1 months====== 2009-06-10 19:12:37 ----D---- C:\WINDOWS\Temp 2009-06-10 19:07:12 ----D---- C:\WINDOWS\Prefetch 2009-06-10 19:06:27 ----D---- C:\WINDOWS 2009-06-10 19:06:08 ----D---- C:\WINDOWS\system32\CatRoot2 2009-06-10 19:06:04 ----A---- C:\WINDOWS\ModemLog_Mobile 115200.txt 2009-06-10 19:06:03 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt 2009-06-10 19:06:02 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt 2009-06-10 19:05:55 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt 2009-06-10 19:05:38 ----SD---- C:\WINDOWS\Tasks 2009-06-10 18:39:14 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-06-10 13:02:26 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-06-10 10:08:26 ----D---- C:\Program Files\a-squared Free 2009-06-10 09:28:38 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-06-09 16:30:41 ----HD---- C:\WINDOWS\inf 2009-06-09 16:30:36 ----D---- C:\WINDOWS\system32\CatRoot 2009-06-09 13:08:38 ----D---- C:\Program Files\Fichiers communs 2009-06-09 13:08:07 ----RD---- C:\Program Files 2009-06-09 12:36:01 ----D---- C:\WINDOWS\Microsoft.NET 2009-06-09 12:35:59 ----RSD---- C:\WINDOWS\assembly 2009-06-09 12:27:19 ----HD---- C:\Config.Msi 2009-06-09 12:20:55 ----AD---- C:\WINDOWS\system32 2009-06-09 12:20:45 ----SHD---- C:\WINDOWS\Installer 2009-06-09 12:19:38 ----D---- C:\WINDOWS\system32\mui 2009-06-09 12:16:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-06-09 12:15:23 ----D---- C:\WINDOWS\WinSxS 2009-06-09 12:05:48 ----RSD---- C:\WINDOWS\Fonts 2009-06-09 12:05:11 ----D---- C:\WINDOWS\system32\spool 2009-06-08 22:24:36 ----D---- C:\Program Files\Internet Explorer 2009-06-08 17:46:07 ----D---- C:\WINDOWS\system32\config 2009-06-08 13:53:47 ----A---- C:\WINDOWS\NeroDigital.ini 2009-06-08 11:53:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-08 11:53:40 ----D---- C:\WINDOWS\system32\drivers 2009-06-08 11:28:22 ----A---- C:\WINDOWS\win.ini 2009-06-08 11:27:57 ----D---- C:\WINDOWS\pss 2009-06-08 10:51:54 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-06-08 10:42:54 ----D---- C:\Program Files\ma-config.com 2009-06-08 10:42:53 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-06-07 23:35:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-05-21 10:49:00 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-05-19 22:50:13 ----D---- C:\WINDOWS\system 2009-05-19 22:49:44 ----D---- C:\WINDOWS\Downloaded Installations 2009-05-18 23:32:08 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-05-18 16:02:30 ----D---- C:\WINDOWS\system32\FxsTmp 2009-05-18 15:42:23 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-05-18 10:39:32 ----D---- C:\WINDOWS\BDOSCAN8 2009-05-17 21:54:59 ----D---- C:\Program Files\Launch Manager 2009-05-17 20:15:58 ----D---- C:\DriveKey 2009-05-17 14:54:21 ----D---- C:\WINDOWS\Minidump 2009-05-13 21:37:06 ----D---- C:\WINDOWS\Debug 2009-05-11 10:54:40 ----D---- C:\Documents and Settings 2009-05-11 10:54:35 ----HD---- C:\Program Files\InstallShield Installation Information ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-08-01 39424] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2003-02-05 5589] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2003-02-05 23059] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-23 17801] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2003-02-05 40416] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-08-01 13059] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2003-02-07 23957] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2003-02-07 34773] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2003-02-07 4053] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2003-02-07 2201] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2003-02-07 55540] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2003-02-07 14133] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2003-02-07 6293] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2003-02-07 96596] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2003-02-07 99029] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-04-22 44384] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-01 2314560] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-05-05 463168] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-01 1035776] R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480] R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804] R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000] R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-08-01 1038208] R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-08-01 200192] R3 M1000Srv;M5603C USB2.0 Camera Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-20 274567] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-03-21 9856] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-08-01 70912] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-08-01 188928] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-08-01 146304] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312] R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-01 703232] S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys [] S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [] S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys [] S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 pctplsg;pctplsg; \??\C:\WINDOWS\system32\drivers\pctplsg.sys [] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SunkFilt;Alcor Micro Corp - 9360; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys [] S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys [] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC302;Cammaestro 4.2GU build 1105; C:\WINDOWS\System32\Drivers\usbvm302.sys [2005-01-13 195263] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-06-10 718880] R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-26 611664] R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-01 364544] R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-08 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe [2009-03-12 184968] R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-08 603904] R2 UxTuneUp;TuneUp Extension de thème; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-22 65536] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 268800] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-28 29744] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-08 362240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Suivi du deuxième rapport: info.txt logfile of random's system information tool 1.06 2009-06-10 20:11:47 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {60E971B7-51A0-48CA-8687-C6B8F094A409} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {8855FF30-19CE-4CB1-A654-87B38369CCE1} -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNNMP.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Acronis True Image Home-->MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A} Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003} Adobe Reader for Pocket PC 2.0-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{291A772C-FFB9-4681-B720-AB2A0A620896} Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE BlueSoleil-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\setup.exe" -l0x40c Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Broadcom 802.11 Network Adapter-->C:\WINDOWS\system32\BCMWLU00.exe verbose CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976} EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} EZ Plug-N-Go-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{54D4B4F1-AA60-4FE2-AA9F-3794DEC9399A}\Setup.exe" -l0x40c EZPhoto Browser-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A393E43-9F1B-4B4D-AFC3-E4B6663F6DD3}\Setup.exe" -l0x40c EZPhoto Panorama-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B473BAC8-6A90-4D53-96C9-97A759A76EE8}\Setup.exe" -l0x40c EZPhoto Tools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED8F2441-E5B9-4F48-82AD-759C17A68ADB}\Setup.exe" -l0x40c EZShowtime MMS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FB2EF0E-0254-4B7E-98C9-7F83E0C5E6C2}\Setup.exe" -l0x40c Garmin POI Loader-->MsiExec.exe /X{80A2A967-C1B7-412D-B2B2-C4A33209C205} Garmin WebUpdater-->MsiExec.exe /X{366FFC89-C800-4366-B903-B9C4314109A5} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Horloge Parlante 4.0.0.2-->C:\ZMSoft\HParlant\Uninstal.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070} J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Java 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Launch Manager V1.3.4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x40c Lauyan TOWeb V2-->"C:\Program Files\Lauyan\TOWeb V2\unins000.exe" Lauyan TOWeb-->"C:\Program Files\Lauyan\TOWeb V1\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Les Echos Desk (remove only)-->C:\Program Files\Nosibay\Les Echos Desk\Uninstall Les Echos Desk.exe LimeWire 4.14.12-->"C:\Program Files\LimeWire\uninstall.exe" Ma-Config.com-->MsiExec.exe /X{6C4D4FC0-467B-4BD7-8D11-50E49B2770D2} Mairies et Collectivités Locales-->"C:\Program Files\Pédagofiche\Mairies et Collectivités Locales\Désinstallation20060228\Désinstaller Mairies et Collectivités Locales.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft ActiveSync 3.7-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll" Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7} Microsoft Outlook 2002-->MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9} Microsoft Publisher 2000-->MsiExec.exe /I{0014040C-78E1-11D2-B60F-006097C998E7} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C} MioTransfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03783DC3-7BEC-4AF4-914D-E805111E19F3}\Setup.exe" -l0x40c Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe" Mobipocket Reader 6.2-->MsiExec.exe /I{342126E1-173C-4585-BFBE-3EBDD20E3E9E} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Multimedia Card Reader-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{13B97BA0-1765-4EBA-8902-C6E30291F67B} My Pictures And Sounds 7.15-->C:\Program Files\SAGEM\My Pictures And Sounds\Uninstall.exe Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A} Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID="" OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDFCreator-->"C:\Program Files\PDFCreator\unins000.exe" Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" PoiEdit-->C:\PROGRA~1\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~1\DNOTES~1\POIEDI~1\INSTALL.LOG QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG ShowBiz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07295ABF-1245-415A-BE06-863271753443}\setup.exe" -l0x40c SoftV90 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_10921734\HXFSETUP.EXE -U -IVEN_1002&DEV_4378&SUBSYS_10921734 Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic RecordNow DX-->MsiExec.exe /I{8855FF30-19CE-4CB1-A654-87B38369CCE1} Sonic Simple Backup-->MsiExec.exe /I{60E971B7-51A0-48CA-8687-C6B8F094A409} Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3} SPAMfighter-->"C:\Program Files\SPAMfighter\uninstall.exe" Remove Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} Ulead PhotoImpact 5 Bundled Edition-->C:\WINDOWS\ISUn040c.exe -f"C:\Program Files\Ulead Systems\Ulead PhotoImpact 5 Bundled Edition\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead PhotoImpact 5 Bundled Edition\IS32Inst.dll" USB2.0 Web Camera-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56A648C2-D185-46A9-BBFF-78AE7A501000}\setup.exe" WellPhone DirectSync-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEC7E01-B73C-451D-A366-96978AFD233B}\setup.exe" UNINSTALL WellPhone-->"C:\Program Files\SmartCom\WellPhone\UnInst32.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2} XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" XoftSpySE-->C:\Program Files\XoftSpySE\uninstall.exe Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE =====HijackThis Backups===== R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local [2009-05-20] ======Hosts File====== 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: NOM-E062A2929A2 Event Code: 51 Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\D au cours d'une opération de pagination. Record Number: 5 Source Name: Disk Time Written: 20090608204541.000000+120 Event Type: Avertissement User: Computer Name: NOM-E062A2929A2 Event Code: 64017 Message: L'analyse des fichiers de la protection des fichiers Windows s'est terminée correctement. Record Number: 4 Source Name: Windows File Protection Time Written: 20090608182611.000000+120 Event Type: Informations User: Computer Name: NOM-E062A2929A2 Event Code: 18 Message: TIMEOUT<svchost.exe> C:\...\drivers\oprghdlr.sys Record Number: 3 Source Name: avgntflt Time Written: 20090608180256.000000+120 Event Type: Avertissement User: Computer Name: NOM-E062A2929A2 Event Code: 18 Message: TIMEOUT<TeaTimer.exe> C:\...estroy\ProcCache.sbc Record Number: 2 Source Name: avgntflt Time Written: 20090608175843.000000+120 Event Type: Avertissement User: Computer Name: NOM-E062A2929A2 Event Code: 64016 Message: L'analyse des fichiers de la protection des fichiers Windows a été démarrée. Record Number: 1 Source Name: Windows File Protection Time Written: 20090608174716.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: NOM-E062A2929A2 Event Code: 11707 Message: Produit : Microsoft .NET Framework 3.5 SP1 -- L'installation s'est terminée correctement. Record Number: 5 Source Name: MsiInstaller Time Written: 20090608221755.000000+120 Event Type: Informations User: NOM-E062A2929A2\Henri KERISIT Computer Name: NOM-E062A2929A2 Event Code: 2001 Message: Rejected Safe Mode action : Microsoft Outlook. Record Number: 4 Source Name: Microsoft Office 10 Time Written: 20090608184619.000000+120 Event Type: erreur User: Computer Name: NOM-E062A2929A2 Event Code: 1001 Message: Détecteur d'erreurs 683440355. Record Number: 3 Source Name: Application Hang Time Written: 20090608182254.000000+120 Event Type: erreur User: Computer Name: NOM-E062A2929A2 Event Code: 1002 Message: Application bloquée OUTLOOK.EXE, version 10.0.6838.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Record Number: 2 Source Name: Application Hang Time Written: 20090608181943.000000+120 Event Type: erreur User: Computer Name: NOM-E062A2929A2 Event Code: 1002 Message: Application bloquée OUTLOOK.EXE, version 10.0.6838.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Record Number: 1 Source Name: Application Hang Time Written: 20090608181942.000000+120 Event Type: erreur User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 36 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2402 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- J'espere avoir bien répondu à tes demandes Cordialement.
  5. Heri
    Bonjour, PEUT ETRE UNE INFECTION??? En effet je suis dans l'impossiblité d'utiliser les scans anti virus en ligne car au moment de l'activation de "ActiveX" apparaît le message suivant : " Iexplore.exe - erreur d'application L'instruction à "0x0a6f0068 emploie l'adresse mémoire 0x0a6f0068 . La mémoire ne peut pas être written." Cliquez OK pour terminer le programme Cliquez Annuler pour débloguer le programe ....." Puis les sessions se ferment et j'ai l'affichage suivant: Internet Explorer à fermer cette page web pour protéger l'ordinateur. Y a-t-il une solution à mettre en oeuvre pour résoudre ce dysfonctionnement et .....et utiliser les scans en ligne? Y aurait il une infection éventuelle malgré mon antivirus Antivir, et les scans avec :a-squared Free, ClamWinPortable- pour scan antivirus, Ad-Aware, Spybot - Search & Destroy, Malwarebytes' Anti-Malware qui n'indiquent rien de particulier ... et j'ai IE8. Merci Dans l'attente d'un conseil, Cordialement
  6. Heri
    Bonjour.... Considerons que la première option n'en est pas la cause et donc réglée ..... Aussi voyons la deuxième option possible pour une infection éventuelle et une vérification des logs . Cordialement.
  7. Heri
  8. Heri
    MERCI pour votre reponse.... j'ai IE8 Effectivement .... c'est la réponse que l'on trouve sur tous les sites d'aide.....mais peu concrète pour un simple utilisateur et non un informaticien! Salut à vous!
  9. Heri
  10. Heri
    Bonjour, Je suis dans l'impossiblité d'utiliser les scans anti virus en ligne car au moment de l'activation de "ActiveX" apparaît le message suivant : " Iexplore.exe - erreur d'application L'instruction à "0x0a6f0068 emploie l'adresse mémoire 0x0a6f0068 . La mémoire ne peut pas être written." Cliquez OK pour terminer le programme Cliquez Annuler pour débloguer le programe ....." Puis les sessions se ferment et j'ai l'affichage suivant: Internet Explorer à fermer cette page web pour protéger l'ordinateur. Y a-t-il une solution à mettre en oeuvre pour résoudre ce dysfonctionnement.....et ainsi utiliser les scans en ligne? Merci Dans l'attente d'un conseil, Cordialement
  11. Heri
    Bonjour, A ce jour j'ai un message d'erreur lorsque je consulte un site qui me demande d'activer "ActiveX" (comme c'est le cas pour profiter de vos applications en ligne): " Iexplore.exe - Erreur d'application l'instruction xxxxxxxxxxx emploie l'adresse xxxxxxxxxxx la mémoire ne peut pas être written cliquez sur OK pour terminer le programme cliquez sur annuler pour débloquer le programme" puis la fenêtre se bloque ! Y a t il un remède???? Ou alors comment configurer la sécurité de IE8 pour l'acceptation des modules contrôle X?? Dans l'attente d'une solution......Cordialement Heri
×
×
  • Créer...