charle

Bonjour et meilleurs voeux, Thanos, est-ce que l'ordi est clean maintenant? Merci.

Bonjour, Après scan Antivir: Avira AntiVir Personal Date de création du fichier de rapport : jeudi 24 décembre 2009 13:41 La recherche porte sur 1473402 souches de virus. Détenteur de la licence :Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :CHARLES Informations de version : BUILD.DAT : 8.2.0.62 17752 Bytes 23/10/2009 13:16:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 07:30:27 ANTIVIR0.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 12:23:02 ANTIVIR1.VDF : 7.10.1.11 1395568 Bytes 19/11/2009 12:23:06 ANTIVIR2.VDF : 7.10.2.42 1191840 Bytes 21/12/2009 12:23:08 ANTIVIR3.VDF : 7.10.2.60 187392 Bytes 24/12/2009 12:23:09 Version du moteur: 8.2.1.122 AEVDF.DLL : 8.1.1.2 106867 Bytes 24/12/2009 12:23:19 AESCRIPT.DLL : 8.1.3.4 586105 Bytes 24/12/2009 12:23:18 AESCN.DLL : 8.1.3.0 127348 Bytes 24/12/2009 12:23:17 AESBX.DLL : 8.1.1.1 246132 Bytes 24/12/2009 12:23:16 AERDL.DLL : 8.1.3.4 479605 Bytes 24/12/2009 12:23:16 AEPACK.DLL : 8.2.0.3 422261 Bytes 24/12/2009 12:23:15 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 24/12/2009 12:23:14 AEHEUR.DLL : 8.1.0.189 2195833 Bytes 24/12/2009 12:23:13 AEHELP.DLL : 8.1.9.0 237943 Bytes 24/12/2009 12:23:11 AEGEN.DLL : 8.1.1.82 369014 Bytes 24/12/2009 12:23:11 AEEMU.DLL : 8.1.1.0 393587 Bytes 24/12/2009 12:23:10 AECORE.DLL : 8.1.9.1 180598 Bytes 24/12/2009 12:23:10 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:27:58 AVREP.DLL : 8.0.0.3 155688 Bytes 24/12/2009 12:23:09 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: marche Fichier mode de recherche........: Tous les fichiers Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Types d'archives divergents......: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Catégories de dangers divergentes: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : jeudi 24 décembre 2009 13:41 La recherche d'objets cachés commence. '164540' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés Processus de recherche 'wampserver.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'LOGI_MWX.EXE' - '1' module(s) sont contrôlés Processus de recherche 'qttask.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'Apache.exe' - '1' module(s) sont contrôlés Processus de recherche 'MsPMSPSv.exe' - '1' module(s) sont contrôlés Processus de recherche 'mysqld-nt.exe' - '1' module(s) sont contrôlés Processus de recherche 'Apache.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SMAgent.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPZipm12.exe' - '1' module(s) sont contrôlés Processus de recherche 'sqlservr.exe' - '1' module(s) sont contrôlés Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'FTRTSVC.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '41' processus ont été contrôlés avec '41' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '49' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix\Reboot.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Reboot.F [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b95641d.qua' ! C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix\restart.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ba6641d.qua' ! C:\Documents and Settings\Administrateur\Bureau\SmitfraudFix\SmitfraudFix.zip [0] Type d'archive: ZIP --> SmitfraudFix/Reboot.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Reboot.F --> SmitfraudFix/restart.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b9c6427.qua' ! C:\RECYCLER\S-1-5-21-3716824744-3083217688-2470962028-500\Dc1.exe [0] Type d'archive: RAR SFX (self extracting) --> SmitfraudFix\Reboot.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Reboot.F --> SmitfraudFix\restart.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b6471ed.qua' ! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP1\A0007122.sys [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b6371c4.qua' ! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP1\A0007123.sys [RESULTAT] Contient le cheval de Troie TR/Trash.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ae2658d.qua' ! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP2\A0007313.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Reboot.F [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b6371cc.qua' ! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP2\A0007314.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b6371cd.qua' ! C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP2\A0007315.exe [0] Type d'archive: RAR SFX (self extracting) --> SmitfraudFix\Reboot.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Reboot.F --> SmitfraudFix\restart.exe [RESULTAT] Contient le modèle de détection du programme SPR/Tool.Hardoff.A [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ae26586.qua' ! Fin de la recherche : jeudi 24 décembre 2009 15:03 Temps nécessaire: 1:22:01 Heure(s) La recherche a été effectuée intégralement 15173 Les répertoires ont été contrôlés 609623 Des fichiers ont été contrôlés 12 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 9 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 609609 Fichiers non infectés 9788 Les archives ont été contrôlées 2 Avertissements 9 Consignes 164540 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés ******************************************************* Merci pour votre aide, En vous souhaitant un joyeux Noël.

Voilà après désinfection; Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3414 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 23/12/2009 18:35:32 mbam-log-2009-12-23 (18-35-32).txt Type de recherche: Examen complet (C:\|E:\|F:\|) Eléments examinés: 468279 Temps écoulé: 2 hour(s), 4 minute(s), 44 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\SDFix\dummy.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\SDFix\apps\dummy.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP0\A0007002.sys (Malware.Packer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP0\A0007003.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP0\A0007004.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{6B545D7D-D0D0-42C0-85A5-D58EE67CACD9}\RP0\A0007074.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTrlnsdjkllt.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTtuvouapabd.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\H8SRTalbabwuteh.sys.vir (Malware.Packer) -> Quarantined and deleted successfully.

Voilà le rapport du Combofix ComboFix 09-12-22.03 - Administrateur 23/12/2009 11:05:34.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.511.249 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\lol.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Thumbs.db c:\windows\Fonts\NfoViewer.ttf c:\windows\system32\drivers\H8SRTalbabwuteh.sys c:\windows\system32\h8srtcfg.dat c:\windows\system32\H8SRTlimrdlyxmp.dat c:\windows\system32\H8SRTrlnsdjkllt.dll c:\windows\system32\H8SRTtuvouapabd.dll c:\windows\system32\Ijl11.dll c:\windows\system32\srcr.dat c:\windows\system32\tmp.reg . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_H8SRTd.sys -------\Legacy_H8SRTd.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-11-23 au 2009-12-23 )))))))))))))))))))))))))))))))))))) . 2009-12-23 08:12 . 2009-12-23 08:12 -------- d-----w- C:\tdsskiller 2009-12-18 11:29 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-18 11:29 . 2009-12-18 11:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-18 11:29 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-16 10:20 . 2009-12-16 10:20 -------- d-----w- C:\rsit 2009-12-15 14:06 . 2009-12-16 10:53 -------- d-----w- C:\FindyKill 2009-12-14 21:57 . 2009-12-18 17:04 -------- d-----w- C:\csscod 2009-12-11 07:38 . 2009-12-11 07:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\igraal 2009-12-09 22:33 . 2009-12-14 19:23 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared 2009-12-09 22:28 . 2009-12-14 19:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-12-09 22:28 . 2009-12-09 22:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2009-12-09 22:28 . 2009-12-09 22:28 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-12-09 11:16 . 2009-12-09 15:47 32 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-12-09 11:16 . 2009-12-09 15:47 2974752 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-12-09 10:08 . 2009-12-11 12:33 -------- d-----w- c:\program files\ParetoLogic 2009-12-09 10:08 . 2009-12-11 12:33 -------- d-----w- c:\program files\Fichiers communs\ParetoLogic 2009-12-09 09:50 . 2009-02-13 11:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-12-09 09:50 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-12-09 09:11 . 2009-12-09 09:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-12-02 12:52 . 2009-12-02 12:52 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Opera 2009-12-02 12:51 . 2009-12-02 12:51 -------- d-----w- c:\program files\Opera 2009-11-30 07:00 . 2009-11-30 07:00 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-18 18:11 . 2009-09-29 14:08 -------- d-----w- c:\documents and settings\Administrateur\Application Data\vlc 2009-12-18 17:43 . 2006-04-26 12:51 -------- d-----w- c:\program files\BeClean 2009-12-18 11:29 . 2009-06-08 07:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-16 10:20 . 2005-06-21 13:45 -------- d-----w- c:\program files\Trend Micro 2009-12-11 12:31 . 2009-03-19 14:51 -------- d-----w- c:\program files\Panda Security 2009-12-11 07:30 . 2004-08-16 02:35 75038 ----a-w- c:\windows\system32\perfh00C.dat 2009-12-11 07:30 . 2004-08-16 02:35 25486 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-09 15:47 . 2009-12-09 11:16 45092 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-12-09 15:47 . 2009-12-09 11:16 32 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-12-09 15:45 . 2005-08-08 13:33 -------- d-----w- c:\program files\Eraser 2009-12-09 11:30 . 2008-07-25 15:26 -------- d-----w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org2 2009-12-09 11:23 . 2008-07-25 15:27 1 ----a-w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2009-12-07 14:52 . 2009-09-29 14:08 -------- d-----w- c:\documents and settings\Administrateur\Application Data\dvdcss 2009-10-29 07:42 . 2004-08-05 01:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2004-08-05 01:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2004-08-05 01:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-05 01:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:33 . 2004-08-05 01:00 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2004-08-05 01:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2004-08-05 01:00 150528 ----a-w- c:\windows\system32\rastls.dll 2009-10-05 09:56 . 2009-10-05 09:56 452104 ----a-w- c:\documents and settings\Administrateur\Application Data\Real\RealPlayer\setup\AU_setup9.exe 2008-12-17 09:17 . 2006-07-28 12:38 10240 --sha-w- c:\program files\Thumbs.db 2004-04-27 22:19 . 2004-04-27 22:19 233160 ----a-w- c:\program files\LISTOOL.EXE 2004-02-19 10:22 . 2004-02-19 10:22 2884096 ----a-w- c:\program files\VirtualMap.msi 2004-02-19 10:21 . 2004-02-19 10:21 41 ----a-w- c:\program files\Setup.Ini 2004-02-11 14:32 . 2004-02-11 14:32 257189 ----a-w- c:\program files\LISTOOL.CHM 2002-08-27 16:40 . 2005-03-09 03:46 55313 -c--a-w- c:\program files\viewsonicinstruct_xp.pdf 2002-06-13 08:28 . 2002-06-13 08:28 20411 -c--a-w- c:\program files\E_DF16EE.CAT 2002-06-04 04:41 . 2002-06-04 04:41 4384 -c--a-w- c:\program files\E_DF16EE.INF 2002-06-04 03:00 . 2002-06-04 03:00 463733 -c--a-w- c:\program files\E_DI06BE.DL_ 2002-05-31 04:41 . 2002-05-31 04:41 1015 -c--a-w- c:\program files\E_DM16EE.VI_ 2002-05-30 04:00 . 2002-05-30 04:00 196729 -c--a-w- c:\program files\E_DU16BE.DL_ 2002-05-22 01:00 . 2002-05-22 01:00 97873 -c--a-w- c:\program files\E_QI021E.HL_ 2002-05-17 03:00 . 2002-05-17 03:00 2626131 -c--a-w- c:\program files\E_DSU0EE.DL_ 2002-05-13 00:00 . 2002-05-13 00:00 24569 -c--a-w- c:\program files\E_H2E0E2.DL_ 2002-05-08 04:00 . 2002-05-08 04:00 2602 -c--a-w- c:\program files\E_DD16EE.CF_ 2002-04-30 00:00 . 2002-04-30 00:00 394847 -c--a-w- c:\program files\E_H290E2.DL_ 2002-04-15 01:23 . 2002-04-15 01:23 43130 -c--a-w- c:\program files\EBPMON2.DL_ 2002-04-08 03:00 . 2002-04-08 03:00 58132 -c--a-w- c:\program files\E_DHMM12.DL_ 2002-04-08 03:00 . 2002-04-08 03:00 48478 -c--a-w- c:\program files\E_DUMW02.DL_ 2002-03-26 05:06 . 2002-03-26 05:06 69433 -c--a-w- c:\program files\EPUTIX24.DL_ 2002-03-26 05:06 . 2002-03-26 05:06 22818 -c--a-w- c:\program files\EPUTIX24.EX_ 2002-03-12 23:00 . 2002-03-12 23:00 598 -c--a-w- c:\program files\E_HUTX59.DX_ 2002-03-07 15:12 . 2002-03-07 15:12 114194 -c--a-w- c:\program files\EE199__1.IC_ 2002-02-26 04:00 . 2002-02-26 04:00 61336 -c--a-w- c:\program files\E_DMAI14.DL_ 2002-02-20 01:23 . 2002-02-20 01:23 32571 ----a-w- c:\program files\ECBTEG.DL_ 2002-02-12 04:00 . 2002-02-12 04:00 30854 -c--a-w- c:\program files\E_DI13AE.DO_ 2002-02-12 04:00 . 2002-02-12 04:00 22528 ----a-w- c:\program files\README.DOC 2002-02-08 03:00 . 2002-02-08 03:00 198646 -c--a-w- c:\program files\E_DJB303.DL_ 2002-01-17 04:00 . 2002-01-17 04:00 26310 -c--a-w- c:\program files\E_DDSP13.DL_ 2001-12-18 04:52 . 2001-12-18 04:52 26860 -c--a-w- c:\program files\SETUP32.DL_ 2001-12-18 04:52 . 2001-12-18 04:52 251370 -c--a-w- c:\program files\EPUPDATE.EX_ 2001-11-02 03:00 . 2001-11-02 03:00 24366 -c--a-w- c:\program files\EPIPGI10.DL_ 2001-10-23 03:00 . 2001-10-23 03:00 263347 -c--a-w- c:\program files\E_DPUI03.DL_ 2001-09-25 10:05 . 2001-09-25 10:05 1707856 ----a-w- c:\program files\InstMsiA.Exe 2001-09-11 13:04 . 2001-09-11 13:04 1821008 ----a-w- c:\program files\InstMsiW.Exe 2001-09-04 01:04 . 2001-09-04 01:04 131 -c--a-w- c:\program files\EBPPORT.DA_ 2001-06-21 03:00 . 2001-06-21 03:00 85607 -c--a-w- c:\program files\E_DPPE03.EX_ 2001-06-13 03:00 . 2001-06-13 03:00 14471 -c--a-w- c:\program files\EPIBSR30.EX_ 2001-05-30 03:00 . 2001-05-30 03:00 165389 -c--a-w- c:\program files\E_DHT40D.DL_ 2000-06-07 00:01 . 2000-06-07 00:01 16402 -c--a-w- c:\program files\EBPCHP.DL_ 2000-05-29 03:00 . 2000-05-29 03:00 160473 -c--a-w- c:\program files\E_DCON02.DL_ 2000-05-16 01:00 . 2000-05-16 01:00 30451 -c--a-w- c:\program files\E_S00RP2.EX_ 1999-06-09 00:07 . 1999-06-09 00:07 28066 -c--a-w- c:\program files\EPSET32.DL_ 1999-03-08 02:00 . 1999-03-08 02:00 85857 -c--a-w- c:\program files\E_DMSG00.EX_ 2009-11-29 16:03 . 2008-09-27 17:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-17 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-07-26 282624] "Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] c:\program files\Documents and Settings\Programmes\D‚marrage\ WampServer.lnk - c:\program files\wamp\wampserver.exe [2004-6-27 1101824] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Zinf\\zinf.exe"= "c:\\Program Files\\i-voyager\\scol.exe"= "c:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Kaspersky\\kavupd.exe"= "c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= "c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"= "c:\\Program Files\\Orange\\Home Library\\DesktopMirror\\rsync.exe"= "c:\\Program Files\\Orange\\Home Library\\DesktopMirror\\ssh.exe"= "c:\\Program Files\\Orange\\Home Library\\QuickConnect\\AxentraPicturesWizard.exe"= "c:\\Program Files\\Orange\\Home Library\\QuickConnect\\AxentraSmartShortcut.exe"= "c:\\Program Files\\Orange\\Home Library\\HipServAgent\\HipServAgent.exe"= "c:\\Program Files\\Opera\\opera.exe"= R1 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [13/04/2005 15:51 2721] S2 msav;Moon Secure Antivirus Core;c:\program files\Moon Secure Antivirus\msavcore.exe --> c:\program files\Moon Secure Antivirus\msavcore.exe [?] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [26/04/2006 06:09 30192] S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS --> c:\windows\system32\ZDCndis5.SYS [?] . ------- Examen supplémentaire ------- . DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} - hxxp://www.commandondemand.com/eval/cod/cabs/cssweb.cab DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f003.mail.caramail.lycos.fr/app/uploader/FileUploader.cab FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\jhoba20b.default\ FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- FF - user.js: yahoo.homepage.dontask - true. - - - - ORPHELINS SUPPRIMES - - - - AddRemove-HijackThis - c:\docume~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe AddRemove-Vertical Mapper V.2 - c:\program files\MAPINFO\PROFESSIONAL\Vm2\Uninst.isu ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-23 11:18 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-3716824744-3083217688-2470962028-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,55,5b,b0,b9,5b,4a,92,4b,b7,af,f3,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,55,5b,b0,b9,5b,4a,92,4b,b7,af,f3,\ [HKEY_USERS\S-1-5-21-3716824744-3083217688-2470962028-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BBE9BF3-5704-5E9B-D334-B01C948C2BCA}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "oamjgbpgbiaoncamgchdldcakdnbim"=hex:6a,61,66,6a,63,63,64,70,62,62,6a,70,6f,6f, 6b,63,70,66,61,68,00,21 "nackmafipbmfigpgckchdijaaaao"=hex:6a,61,66,6a,63,63,64,70,62,62,6a,70,6f,6f, 6b,63,70,66,61,68,00,21 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(3708) c:\progra~1\WINDOW~1\wmpband.dll c:\program files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll c:\program files\Fichiers communs\ESRI\esriShellExt.dll c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.FRA c:\program files\Illustrate\dBpowerAMP\dBShell.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe c:\windows\system32\HPZipm12.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\wamp\apache\Apache.exe c:\program files\wamp\mysql\bin\mysqld-nt.exe c:\windows\system32\MsPMSPSv.exe c:\program files\wamp\apache\Apache.exe c:\windows\system32\wscntfy.exe c:\windows\Logi_MwX.Exe . ************************************************************************** . Heure de fin: 2009-12-23 11:24:45 - La machine a redémarré ComboFix-quarantined-files.txt 2009-12-23 10:24 Avant-CF: 79 798 525 952 octets libres Après-CF: 79 761 879 040 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 3F2430770615153A44C8B31E5941B640

Bonjour, Ci-dessous le rapport de TDSSkiller. En enregistrant ComboFix sur le bureau, il ne se lance pas. En l'exécutant depuis le téléchargement il ne s'installe pas...j'ai une fenêtre qui me signale que je ne peux renommer Combofix en Combofix[1]. 09:12:25:671 4088 TDSSKiller 2.1.1 Dec 20 2009 02:40:02 09:12:25:671 4088 ================================================================================ 09:12:25:671 4088 SystemInfo: 09:12:25:671 4088 OS Version: 5.1.2600 ServicePack: 3.0 09:12:25:671 4088 Product type: Workstation 09:12:25:671 4088 ComputerName: CHARLES 09:12:25:671 4088 UserName: Administrateur 09:12:25:671 4088 Windows directory: C:\WINDOWS 09:12:25:671 4088 Processor architecture: Intel x86 09:12:25:671 4088 Number of processors: 2 09:12:25:671 4088 Page size: 0x1000 09:12:25:671 4088 Boot type: Normal boot 09:12:25:671 4088 ================================================================================ 09:12:25:687 4088 ForceUnloadDriver: NtUnloadDriver error 2 09:12:25:687 4088 ForceUnloadDriver: NtUnloadDriver error 2 09:12:25:687 4088 ForceUnloadDriver: NtUnloadDriver error 2 09:12:25:702 4088 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0 09:12:25:702 4088 main: Driver KLMD successfully dropped 09:12:25:749 4088 main: Driver KLMD successfully loaded 09:12:25:749 4088 Scanning Registry ... 09:12:25:765 4088 ScanServices: Searching service UACd.sys 09:12:25:765 4088 ScanServices: Open/Create key error 2 09:12:25:765 4088 ScanServices: Searching service TDSSserv.sys 09:12:25:765 4088 ScanServices: Open/Create key error 2 09:12:25:765 4088 ScanServices: Searching service gaopdxserv.sys 09:12:25:765 4088 ScanServices: Open/Create key error 2 09:12:25:765 4088 ScanServices: Searching service gxvxcserv.sys 09:12:25:765 4088 ScanServices: Open/Create key error 2 09:12:25:765 4088 ScanServices: Searching service MSIVXserv.sys 09:12:25:765 4088 ScanServices: Open/Create key error 2 09:12:25:765 4088 UnhookRegistry: Kernel module file name: C:\windows\system32\ntoskrnl.exe, base addr: 804D7000 09:12:25:780 4088 UnhookRegistry: Kernel local addr: E60000 09:12:25:796 4088 UnhookRegistry: KeServiceDescriptorTable addr: EEB520 09:12:25:890 4088 UnhookRegistry: KiServiceTable addr: E6D8B0 09:12:25:890 4088 UnhookRegistry: NtEnumerateKey service number (local): 47 09:12:25:890 4088 UnhookRegistry: NtEnumerateKey local addr: F01E14 09:12:25:921 4088 KLMD_OpenDevice: Trying to open KLMD device 09:12:25:921 4088 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey 09:12:25:921 4088 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey 09:12:25:921 4088 KLMD_ReadMem: Trying to ReadMemory 0x804E380F[0x4] 09:12:25:921 4088 UnhookRegistry: NtEnumerateKey service number (kernel): 47 09:12:25:921 4088 KLMD_ReadMem: Trying to ReadMemory 0x804E49CC[0x4] 09:12:25:921 4088 UnhookRegistry: NtEnumerateKey real addr: 80578E14 09:12:25:921 4088 UnhookRegistry: NtEnumerateKey calc addr: 80578E14 09:12:25:921 4088 UnhookRegistry: No SDT hooks found on NtEnumerateKey 09:12:25:921 4088 KLMD_ReadMem: Trying to ReadMemory 0x80578E14[0xA] 09:12:25:921 4088 UnhookRegistry: Splicing found on NtEnumerateKey 09:12:25:921 4088 KLMD_WriteMem: Trying to WriteMemory 0x80578E14[0xA] 09:12:25:921 4088 UnhookRegistry: NtEnumerateKey (Splicing) unhooked successfully 09:12:25:921 4088 Hidden service detected: H8SRTd.sys Type "delete" (without quotes) to delete it: 09:12:46:131 4088 09:12:46:131 4088 Scanning Kernel memory ... 09:12:46:131 4088 KLMD_OpenDevice: Trying to open KLMD device 09:12:46:131 4088 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk 09:12:46:131 4088 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 09:12:46:131 4088 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 82F82900 09:12:46:131 4088 DetectCureTDL3: KLMD_GetDeviceObjectList returned 2 DevObjects 09:12:46:131 4088 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 82FCAC68 09:12:46:131 4088 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82FCAC68 09:12:46:131 4088 KLMD_ReadMem: Trying to ReadMemory 0x82FCAC68[0x38] 09:12:46:131 4088 DetectCureTDL3: DRIVER_OBJECT addr: 82F82900 09:12:46:131 4088 KLMD_ReadMem: Trying to ReadMemory 0x82F82900[0xA8] 09:12:46:131 4088 KLMD_ReadMem: Trying to ReadMemory 0xE16C6650[0x208] 09:12:46:131 4088 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 09:12:46:131 4088 DetectCureTDL3: IrpHandler (0) addr: F86FBBB0 09:12:46:131 4088 DetectCureTDL3: IrpHandler (1) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (2) addr: F86FBBB0 09:12:46:131 4088 DetectCureTDL3: IrpHandler (3) addr: F86F5D1F 09:12:46:131 4088 DetectCureTDL3: IrpHandler (4) addr: F86F5D1F 09:12:46:131 4088 DetectCureTDL3: IrpHandler (5) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (6) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (7) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler ( addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (9) addr: F86F62E2 09:12:46:131 4088 DetectCureTDL3: IrpHandler (10) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (11) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (12) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (13) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (14) addr: F86F63BB 09:12:46:131 4088 DetectCureTDL3: IrpHandler (15) addr: F86F9F28 09:12:46:131 4088 DetectCureTDL3: IrpHandler (16) addr: F86F62E2 09:12:46:131 4088 DetectCureTDL3: IrpHandler (17) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (18) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (19) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (20) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (21) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (22) addr: F86F7C82 09:12:46:131 4088 DetectCureTDL3: IrpHandler (23) addr: F86FC99E 09:12:46:131 4088 DetectCureTDL3: IrpHandler (24) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (25) addr: 804F9739 09:12:46:131 4088 DetectCureTDL3: IrpHandler (26) addr: 804F9739 09:12:46:131 4088 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 09:12:46:131 4088 KLMD_ReadMem: DeviceIoControl error 1 09:12:46:131 4088 TDL3_StartIoHookDetect: Unable to get StartIo handler code 09:12:46:131 4088 TDL3_FileDetect: Processing driver: Disk 09:12:46:131 4088 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 09:12:46:131 4088 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 09:12:46:131 4088 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 09:12:46:178 4088 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 82F5AAB8 09:12:46:178 4088 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82F5AAB8 09:12:46:178 4088 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 82FA19E8 09:12:46:178 4088 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82FA19E8 09:12:46:178 4088 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 82F5C940 09:12:46:178 4088 KLMD_GetLowerDeviceObject: Trying to get lower device object for 82F5C940 09:12:46:178 4088 KLMD_ReadMem: Trying to ReadMemory 0x82F5C940[0x38] 09:12:46:178 4088 DetectCureTDL3: DRIVER_OBJECT addr: 82F84C28 09:12:46:178 4088 KLMD_ReadMem: Trying to ReadMemory 0x82F84C28[0xA8] 09:12:46:178 4088 KLMD_ReadMem: Trying to ReadMemory 0xE16B2DA8[0x208] 09:12:46:178 4088 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 09:12:46:178 4088 DetectCureTDL3: IrpHandler (0) addr: F86016F2 09:12:46:178 4088 DetectCureTDL3: IrpHandler (1) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (2) addr: F86016F2 09:12:46:178 4088 DetectCureTDL3: IrpHandler (3) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (4) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (5) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (6) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (7) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler ( addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (9) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (10) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (11) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (12) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (13) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (14) addr: F8601712 09:12:46:178 4088 DetectCureTDL3: IrpHandler (15) addr: F85FD852 09:12:46:178 4088 DetectCureTDL3: IrpHandler (16) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (17) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (18) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (19) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (20) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (21) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (22) addr: F860173C 09:12:46:178 4088 DetectCureTDL3: IrpHandler (23) addr: F8608336 09:12:46:178 4088 DetectCureTDL3: IrpHandler (24) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (25) addr: 804F9739 09:12:46:178 4088 DetectCureTDL3: IrpHandler (26) addr: 804F9739 09:12:46:178 4088 KLMD_ReadMem: Trying to ReadMemory 0xF85FE864[0x400] 09:12:46:178 4088 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 316, 0 09:12:46:178 4088 TDL3_FileDetect: Processing driver: atapi 09:12:46:178 4088 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\atapi.sys, C:\WINDOWS\system32\Drivers\atapi.tsk, SYSTEM\CurrentControlSet\Services\atapi, system32\Drivers\atapi.tsk 09:12:46:178 4088 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\atapi.sys 09:12:46:178 4088 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\atapi.sys 09:12:46:193 4088 Completed Results: 09:12:46:193 4088 Infected objects in memory: 0 09:12:46:193 4088 Cured objects in memory: 0 09:12:46:193 4088 Infected objects on disk: 0 09:12:46:193 4088 Objects on disk cured on reboot: 0 09:12:46:193 4088 Objects on disk deleted on reboot: 0 09:12:46:193 4088 Registry nodes deleted on reboot: 0 09:12:46:193 4088

Désolé pour le retard, entre le temps important que demandait le scan et le plantage de l'ordi au moment de sauver le rapport...Mais bon le voici enfin... GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2009-12-21 15:37:38 Windows 5.1.2600 Service Pack 3 Running: 9vniw49w.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pwldqpob.sys ---- System - GMER 1.0.15 ---- Code 82ABB300 ZwEnumerateKey Code 82AAB540 ZwFlushInstructionCache Code 82AA363E IofCallDriver Code 82A18C9E IofCompleteRequest ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Modules - GMER 1.0.15 ---- Module \systemroot\system32\drivers\H8SRTalbabwuteh.sys (*** hidden *** ) EF4C6000-EF4E2000 (114688 bytes) ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\system32\drivers\H8SRTalbabwuteh.sys (*** hidden *** ) [sYSTEM] H8SRTd.sys <-- ROOTKIT !!! ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys@start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys@type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys@imagepath \systemroot\system32\drivers\H8SRTalbabwuteh.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys@group file system Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys\modules Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys\modules@H8SRTd \\?\globalroot\systemroot\system32\drivers\H8SRTalbabwuteh.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys\modules@H8SRTc \\?\globalroot\systemroot\system32\H8SRTrlnsdjkllt.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys\modules@H8SRTsrcr \\?\globalroot\systemroot\system32\H8SRTlimrdlyxmp.dat Reg HKLM\SYSTEM\CurrentControlSet\Services\H8SRTd.sys\modules@h8srtserf \\?\globalroot\systemroot\system32\H8SRTtuvouapabd.dll Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys@start 1 Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys@type 1 Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys@imagepath \systemroot\system32\drivers\H8SRTalbabwuteh.sys Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys@group file system Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys\modules (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys\modules@H8SRTd \\?\globalroot\systemroot\system32\drivers\H8SRTalbabwuteh.sys Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys\modules@H8SRTc \\?\globalroot\systemroot\system32\H8SRTrlnsdjkllt.dll Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys\modules@H8SRTsrcr \\?\globalroot\systemroot\system32\H8SRTlimrdlyxmp.dat Reg HKLM\SYSTEM\ControlSet002\Services\H8SRTd.sys\modules@h8srtserf \\?\globalroot\systemroot\system32\H8SRTtuvouapabd.dll Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BBE9BF3-5704-5E9B-D334-B01C948C2BCA} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BBE9BF3-5704-5E9B-D334-B01C948C2BCA}@oamjgbpgbiaoncamgchdldcakdnbim 0x6A 0x61 0x66 0x6A ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6BBE9BF3-5704-5E9B-D334-B01C948C2BCA}@nackmafipbmfigpgckchdijaaaao 0x6A 0x61 0x66 0x6A ... ---- Files - GMER 1.0.15 ---- File C:\Documents and Settings\Administrateur\Local Settings\Temp\H8SRT8d26.tmp 343040 bytes executable File C:\Documents and Settings\Administrateur\Local Settings\Temp\~DFF805.tmp 0 bytes File C:\Documents and Settings\Administrateur\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\UKZXVR08\tools[1] 3560 bytes File C:\Documents and Settings\Administrateur\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\UKZXVR08\noConnect[1] 8230 bytes File C:\WINDOWS\TEMP\H8SRT111d.tmp 194 bytes File C:\WINDOWS\TEMP\H8SRT528f.tmp 202 bytes File C:\WINDOWS\TEMP\H8SRTb41d.tmp 201 bytes File C:\WINDOWS\TEMP\H8SRTd982.tmp 201 bytes File C:\WINDOWS\TEMP\H8SRTe654.tmp 196 bytes ---- EOF - GMER 1.0.15 ----

La désinstallatin a marché. le nettoyage aussi. La réinstallation a été longue.... Mais Malwarebytes ne se lance toujours pas.

Bonjour, Comme tous les autres antivirus, il ne se lance pas. Je l'installe mais le raccourci ne fonctionne pas...je double-click mais rien ne se lance. Pourtant je peux ouvrir n'importe quel autre logiciel. Que faire?

Fichier Explorer.EXE reçu le 2009.12.16 12:08:30 (UTC)Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/40 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.43 2009.12.16 - AhnLab-V3 5.0.0.2 2009.12.16 - AntiVir 7.9.1.108 2009.12.16 - Antiy-AVL 2.0.3.7 2009.12.16 - Authentium 5.2.0.5 2009.12.02 - Avast 4.8.1351.0 2009.12.15 - AVG 8.5.0.427 2009.12.16 - BitDefender 7.2 2009.12.16 - CAT-QuickHeal 10.00 2009.12.16 - ClamAV 0.94.1 2009.12.16 - Comodo 3262 2009.12.16 - DrWeb 5.0.0.12182 2009.12.16 - eSafe 7.0.17.0 2009.12.16 - eTrust-Vet 35.1.7178 2009.12.16 - F-Prot 4.5.1.85 2009.12.15 - F-Secure 9.0.15370.0 2009.12.16 - Fortinet 4.0.14.0 2009.12.16 - GData 19 2009.12.16 - Ikarus T3.1.1.78.0 2009.12.16 - Jiangmin 13.0.900 2009.12.16 - K7AntiVirus 7.10.920 2009.12.14 - Kaspersky 7.0.0.125 2009.12.16 - McAfee 5833 2009.12.15 - McAfee+Artemis 5833 2009.12.15 - McAfee-GW-Edition 6.8.5 2009.12.16 - Microsoft 1.5302 2009.12.16 - NOD32 4692 2009.12.16 - Norman 6.04.03 2009.12.15 - nProtect 2009.1.8.0 2009.12.16 - Panda 10.0.2.2 2009.12.15 - PCTools 7.0.3.5 2009.12.16 - Rising 22.26.02.04 2009.12.16 - Sophos 4.48.0 2009.12.16 - Sunbelt 3.2.1858.2 2009.12.16 - Symantec 1.4.4.12 2009.12.16 - TheHacker 6.5.0.2.094 2009.12.15 - TrendMicro 9.100.0.1001 2009.12.16 - VBA32 3.12.12.0 2009.12.16 - ViRobot 2009.12.16.2092 2009.12.16 - VirusBuster 5.0.21.0 2009.12.14 - Information additionnelle File size: 1037824 bytes MD5...: f2317622d29f9ff0f88aeecd5f60f0dd SHA1..: d54b0b83de6ee5922dd90db1446872bf32062b25 SHA256: 1ab74a4ae472156a5d2c6714e2e1a60e3b32ceb4996f923887a12b6a27315d13 ssdeep: 12288:6HmcoCUyZtwAvAs4wTCyrPT7lvGVa/oXqoJpaz/g/J/v1S:4mfty/wAvN7 lrPlvGEoXJaz/g/J/t PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1a55f timedatestamp.....: 0x48025c30 (Sun Apr 13 19:17:04 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x44c09 0x44e00 6.38 013207a9f70ec52b78392db51f333ff0 .data 0x46000 0x1db4 0x1800 1.30 983f35021232560eaaa99fcbc1b7d359 .rsrc 0x48000 0xb3280 0xb3400 6.63 e73694f42fb4ef5e9b8ea017fcf60103 .reloc 0xfc000 0x374c 0x3800 6.78 ec335057489badbf6d8142b57175fd91 ( 13 imports ) > ADVAPI32.dll: RegSetValueW, RegEnumKeyExW, GetUserNameW, RegNotifyChangeKeyValue, RegEnumValueW, RegQueryValueExA, RegOpenKeyExA, RegEnumKeyW, RegCloseKey, RegCreateKeyW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, RegQueryValueW > BROWSEUI.dll: -, -, -, - > GDI32.dll: GetStockObject, CreatePatternBrush, OffsetViewportOrgEx, GetLayout, CombineRgn, CreateDIBSection, GetTextExtentPoint32W, StretchBlt, CreateRectRgnIndirect, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, PatBlt, GetBkColor, CreateCompatibleDC, CreateCompatibleBitmap, OffsetWindowOrgEx, DeleteDC, SetBkColor, BitBlt, ExtTextOutW, GetTextExtentPointW, GetClipBox, GetObjectW, SetTextColor, SetBkMode, CreateFontIndirectW, DeleteObject, GetTextMetricsW, SelectObject, GetDeviceCaps, TranslateCharsetInfo, SetStretchBltMode > KERNEL32.dll: GetSystemDirectoryW, CreateThread, CreateJobObjectW, ExitProcess, SetProcessShutdownParameters, ReleaseMutex, CreateMutexW, SetPriorityClass, GetCurrentProcess, GetStartupInfoW, GetCommandLineW, SetErrorMode, LeaveCriticalSection, EnterCriticalSection, ResetEvent, LoadLibraryExA, CompareFileTime, GetSystemTimeAsFileTime, SetThreadPriority, GetCurrentThreadId, GetThreadPriority, GetCurrentThread, GetUserDefaultLangID, Sleep, GetBinaryTypeW, GetModuleHandleExW, SystemTimeToFileTime, GetLocalTime, GetCurrentProcessId, GetEnvironmentVariableW, UnregisterWait, GlobalGetAtomNameW, GetFileAttributesW, MoveFileW, lstrcmpW, LoadLibraryExW, FindClose, FindNextFileW, FindFirstFileW, lstrcmpiA, SetEvent, AssignProcessToJobObject, GetDateFormatW, GetTimeFormatW, FlushInstructionCache, lstrcpynW, GetSystemWindowsDirectoryW, SetLastError, GetProcessHeap, HeapFree, HeapReAlloc, HeapSize, HeapAlloc, GetUserDefaultLCID, ReadProcessMemory, OpenProcess, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, VirtualFree, VirtualAlloc, ResumeThread, TerminateProcess, TerminateThread, GetSystemDefaultLCID, GetLocaleInfoW, CreateEventW, GetLastError, OpenEventW, DelayLoadFailureHook, WaitForSingleObject, GetTickCount, ExpandEnvironmentStringsW, GetModuleFileNameW, GetPrivateProfileStringW, lstrcmpiW, CreateProcessW, FreeLibrary, GetWindowsDirectoryW, LocalAlloc, CreateFileW, DeviceIoControl, LocalFree, GetQueuedCompletionStatus, CreateIoCompletionPort, SetInformationJobObject, CloseHandle, LoadLibraryW, GetModuleHandleW, ActivateActCtx, DeactivateActCtx, GetFileAttributesExW, GetProcAddress, DeleteCriticalSection, CreateEventA, HeapDestroy, InitializeCriticalSection, MulDiv, InitializeCriticalSectionAndSpinCount, lstrlenW, InterlockedDecrement, InterlockedIncrement, GlobalAlloc, InterlockedExchange, GetModuleHandleA, GetVersionExA, GlobalFree, GetProcessTimes, lstrcpyW, GetLongPathNameW, RegisterWaitForSingleObject > msvcrt.dll: _itow, free, memmove, realloc, _except_handler3, malloc, _ftol, _vsnwprintf > ntdll.dll: RtlNtStatusToDosError, NtQueryInformationProcess > ole32.dll: CoFreeUnusedLibraries, RegisterDragDrop, CreateBindCtx, RevokeDragDrop, CoInitializeEx, CoUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoMarshalInterThreadInterfaceInStream, CoCreateInstance, OleUninitialize, DoDragDrop > OLEAUT32.dll: -, - > SHDOCVW.dll: -, -, - > SHELL32.dll: -, -, SHGetFolderPathW, -, -, -, -, -, ExtractIconExW, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHGetSpecialFolderLocation, ShellExecuteExW, -, -, -, SHGetSpecialFolderPathW, -, -, -, SHBindToParent, -, -, -, SHParseDisplayName, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHChangeNotify, SHGetDesktopFolder, SHAddToRecentDocs, -, -, -, DuplicateIcon, -, -, -, -, -, -, -, -, SHUpdateRecycleBinIcon, SHGetFolderLocation, SHGetPathFromIDListA, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, - > SHLWAPI.dll: StrCpyNW, -, -, -, -, StrRetToBufW, StrRetToStrW, -, -, -, -, SHQueryValueExW, PathIsNetworkPathW, -, AssocCreate, -, -, -, -, -, StrCatW, StrCpyW, -, -, -, -, -, -, SHGetValueW, -, StrCmpNIW, PathRemoveBlanksW, PathRemoveArgsW, PathFindFileNameW, StrStrIW, PathGetArgsW, -, StrToIntW, SHRegGetBoolUSValueW, SHRegWriteUSValueW, SHRegCloseUSKey, SHRegCreateUSKeyW, SHRegGetUSValueW, SHSetValueW, -, PathAppendW, PathUnquoteSpacesW, -, -, PathQuoteSpacesW, -, SHSetThreadRef, SHCreateThreadRef, -, -, -, PathCombineW, -, -, -, SHStrDupW, PathIsPrefixW, PathParseIconLocationW, AssocQueryKeyW, -, AssocQueryStringW, StrCmpW, -, -, -, -, -, -, -, -, SHRegQueryUSValueW, SHRegOpenUSKeyW, SHRegSetUSValueW, PathIsDirectoryW, PathFileExistsW, PathGetDriveNumberW, -, StrChrW, PathFindExtensionW, -, -, PathRemoveFileSpecW, PathStripToRootW, -, -, -, SHOpenRegStream2W, -, -, -, StrDupW, SHDeleteValueW, StrCatBuffW, SHDeleteKeyW, StrCmpIW, -, -, wnsprintfW, -, -, StrCmpNW, -, - > USER32.dll: TileWindows, GetDoubleClickTime, GetSystemMetrics, GetSysColorBrush, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetParent, GetMessagePos, CheckDlgButton, EnableWindow, GetDlgItemInt, SetDlgItemInt, CopyIcon, AdjustWindowRectEx, DrawFocusRect, DrawEdge, ExitWindowsEx, WindowFromPoint, SetRect, AppendMenuW, LoadAcceleratorsW, LoadBitmapW, SendNotifyMessageW, SetWindowPlacement, CheckMenuItem, EndDialog, SendDlgItemMessageW, MessageBeep, GetActiveWindow, PostQuitMessage, MoveWindow, GetDlgItem, RemovePropW, GetClassNameW, GetDCEx, SetCursorPos, ChildWindowFromPoint, ChangeDisplaySettingsW, RegisterHotKey, UnregisterHotKey, SetCursor, SendMessageTimeoutW, GetWindowPlacement, LoadImageW, SetWindowRgn, IntersectRect, OffsetRect, EnumDisplayMonitors, RedrawWindow, SubtractRect, TranslateAcceleratorW, WaitMessage, InflateRect, CallWindowProcW, GetDlgCtrlID, SetCapture, LockSetForegroundWindow, SystemParametersInfoW, FindWindowW, CreatePopupMenu, GetMenuDefaultItem, DestroyMenu, GetShellWindow, EnumChildWindows, GetWindowLongW, SendMessageW, RegisterWindowMessageW, GetKeyState, CopyRect, MonitorFromRect, MonitorFromPoint, RegisterClassW, SetPropW, GetWindowLongA, SetWindowLongW, FillRect, GetCursorPos, MessageBoxW, LoadStringW, ReleaseDC, GetDC, EnumDisplaySettingsExW, EnumDisplayDevicesW, PostMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, PtInRect, BeginPaint, EndPaint, SetWindowTextW, GetAsyncKeyState, InvalidateRect, GetWindow, ShowWindowAsync, TrackPopupMenuEx, UpdateWindow, DestroyIcon, IsRectEmpty, SetActiveWindow, GetSysColor, DrawTextW, IsHungAppWindow, SetTimer, GetMenuItemID, TrackPopupMenu, EndTask, SendMessageCallbackW, GetClassLongW, LoadIconW, OpenInputDesktop, CloseDesktop, SetScrollPos, ShowWindow, BringWindowToTop, GetDesktopWindow, CascadeWindows, CharUpperBuffW, SwitchToThisWindow, InternalGetWindowText, GetScrollInfo, GetMenuItemCount, CreateWindowExW, DialogBoxParamW, MsgWaitForMultipleObjects, CharNextA, RegisterClipboardFormatW, EndDeferWindowPos, DeferWindowPos, BeginDeferWindowPos, PrintWindow, SetClassLongW, GetPropW, GetNextDlgGroupItem, GetNextDlgTabItem, ChildWindowFromPointEx, IsChild, NotifyWinEvent, TrackMouseEvent, GetCapture, GetAncestor, CharUpperW, SetWindowLongA, DrawCaption, ModifyMenuW, InsertMenuW, IsWindowEnabled, GetMenuState, LoadCursorW, GetParent, IsDlgButtonChecked, DestroyWindow, EnumWindows, IsWindowVisible, GetClientRect, UnionRect, EqualRect, GetWindowThreadProcessId, GetForegroundWindow, KillTimer, GetClassInfoExW, DefWindowProcW, RegisterClassExW, GetIconInfo, SetScrollInfo, GetLastActivePopup, SetForegroundWindow, IsWindow, GetSystemMenu, IsIconic, IsZoomed, EnableMenuItem, SetMenuDefaultItem, MonitorFromWindow, GetMonitorInfoW, GetWindowInfo, GetFocus, SetFocus, MapWindowPoints, ScreenToClient, ClientToScreen, GetWindowRect, SetWindowPos, DeleteMenu, GetMenuItemInfoW, SetMenuItemInfoW, CharNextW > UxTheme.dll: GetThemeBackgroundContentRect, GetThemeBool, GetThemePartSize, DrawThemeParentBackground, OpenThemeData, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, CloseThemeData, SetWindowTheme, GetThemeBackgroundRegion, -, GetThemeMargins, GetThemeColor, GetThemeFont, GetThemeRect, IsAppThemed ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. Tous droits r_serv_s. product......: Syst_me d_exploitation Microsoft_ Windows_ description..: Explorateur Windows original name: EXPLORER.EXE internal name: explorer file version.: 6.00.2900.5512 (xpsp.080413-2105) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Fichier winlogon.exe reçu le 2009.12.16 12:27:56 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.43 2009.12.16 - AhnLab-V3 5.0.0.2 2009.12.16 - AntiVir 7.9.1.108 2009.12.16 - Antiy-AVL 2.0.3.7 2009.12.16 - Authentium 5.2.0.5 2009.12.02 - Avast 4.8.1351.0 2009.12.15 - AVG 8.5.0.427 2009.12.16 - BitDefender 7.2 2009.12.16 - CAT-QuickHeal 10.00 2009.12.16 - ClamAV 0.94.1 2009.12.16 - Comodo 3262 2009.12.16 - DrWeb 5.0.0.12182 2009.12.16 - eSafe 7.0.17.0 2009.12.16 - eTrust-Vet 35.1.7178 2009.12.16 - F-Prot 4.5.1.85 2009.12.15 - F-Secure 9.0.15370.0 2009.12.16 - Fortinet 4.0.14.0 2009.12.16 - GData 19 2009.12.16 - Ikarus T3.1.1.78.0 2009.12.16 - Jiangmin 13.0.900 2009.12.16 - K7AntiVirus 7.10.920 2009.12.14 - Kaspersky 7.0.0.125 2009.12.16 - McAfee 5833 2009.12.15 - McAfee+Artemis 5833 2009.12.15 - McAfee-GW-Edition 6.8.5 2009.12.16 - Microsoft 1.5302 2009.12.16 - NOD32 4692 2009.12.16 - Norman 6.04.03 2009.12.15 - nProtect 2009.1.8.0 2009.12.16 - Panda 10.0.2.2 2009.12.15 - PCTools 7.0.3.5 2009.12.16 - Prevx 3.0 2009.12.16 - Rising 22.26.02.04 2009.12.16 - Sophos 4.48.0 2009.12.16 - Sunbelt 3.2.1858.2 2009.12.16 - Symantec 1.4.4.12 2009.12.16 - TheHacker 6.5.0.2.094 2009.12.15 - TrendMicro 9.100.0.1001 2009.12.16 - VBA32 3.12.12.0 2009.12.16 - ViRobot 2009.12.16.2092 2009.12.16 - VirusBuster 5.0.21.0 2009.12.14 - Information additionnelle File size: 512000 bytes MD5...: dd73d6b9f6b4cb630cf35b438b540174 SHA1..: 2904328b7e27f004042d4f83440c50659d64018b SHA256: ecef5a07dbc72e99adcb82af4dab143f5a2bad3812ccbfa87ea5e82e29e133fa ssdeep: 6144:SNZlxEdL5RvGlcHF37newMLao6nMnKHOD13XRnCfOVSePfLtisgZYlg:tdz +lcDKao6nSKHsRqOMgxZgp PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x3e5e1 timedatestamp.....: 0x48027549 (Sun Apr 13 21:04:09 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x70991 0x70a00 6.82 82b1e7e83279c56e34dc6c6e8c33f81d .data 0x72000 0x4e70 0x2000 6.28 44bd27282514b5e3a27b570106930d8d .rsrc 0x77000 0xa18c 0xa200 3.69 2de1a63c2a7883cf163c3699bb614883 ( 20 imports ) > ADVAPI32.dll: ConvertStringSecurityDescriptorToSecurityDescriptorA, A_SHAInit, A_SHAUpdate, A_SHAFinal, LsaStorePrivateData, LsaRetrievePrivateData, LsaNtStatusToWinError, CryptGetUserKey, CryptGetKeyParam, CryptEncrypt, CryptSetProvParam, CryptSignHashW, CryptDeriveKey, CryptGetProvParam, RegOpenCurrentUser, RegDeleteKeyW, AddAccessAllowedAceEx, RegSetKeySecurity, I_ScSendTSMessage, MD5Init, MD5Update, MD5Final, SetFileSecurityA, AllocateLocallyUniqueId, LsaOpenPolicy, LsaQueryInformationPolicy, LsaFreeMemory, LsaClose, RegNotifyChangeKeyValue, QueryServiceConfigW, SetKernelObjectSecurity, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegEnumKeyExW, GetCurrentHwProfileW, RegCloseKey, RegQueryValueExW, RegOpenKeyW, FreeSid, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, AddAccessAllowedAce, InitializeAcl, GetLengthSid, AllocateAndInitializeSid, RegOpenKeyExW, CreateProcessAsUserW, DuplicateTokenEx, CloseServiceHandle, ControlService, StartServiceW, QueryServiceStatus, OpenServiceW, OpenSCManagerW, EqualSid, GetTokenInformation, RegSetValueExW, RegCreateKeyExW, CryptGenRandom, CryptDestroyHash, CryptVerifySignatureW, CryptSetHashParam, CryptGetHashParam, CryptHashData, CryptCreateHash, CryptDecrypt, ReportEventW, RegisterEventSourceW, CryptImportKey, CryptAcquireContextW, CryptReleaseContext, CryptDestroyKey, RegEnumValueW, RegQueryInfoKeyW, RegDeleteValueW, CredFree, CredDeleteW, CredEnumerateW, CopySid, GetSidLengthRequired, GetSidSubAuthority, GetSidSubAuthorityCount, GetUserNameW, OpenThreadToken, EnumServicesStatusW, ImpersonateLoggedOnUser, RegQueryValueExA, CheckTokenMembership, DeregisterEventSource, LsaGetUserName, RevertToSelf, LookupAccountSidW, IsValidSid, SetTokenInformation, LogonUserW, LookupAccountNameW, OpenProcessToken, SynchronizeWindows31FilesAndWindowsNTRegistry, QueryWindows31FilesMigration, AdjustTokenPrivileges, RegQueryInfoKeyA > AUTHZ.dll: AuthzInitializeResourceManager, AuthzAccessCheck, AuthziFreeAuditEventType, AuthziInitializeAuditEvent, AuthziInitializeAuditParams, AuthziInitializeAuditEventType, AuthziLogAuditEvent, AuthzFreeAuditEvent, AuthzFreeResourceManager, AuthzFreeHandle > CRYPT32.dll: CryptImportPublicKeyInfo, CryptVerifyMessageSignature, CertCreateCertificateContext, CertSetCertificateContextProperty, CertVerifyCertificateChainPolicy, CryptSignMessage, CertCloseStore, CertComparePublicKeyInfo, CryptExportPublicKeyInfo, CertFindExtension, CryptDecryptMessage, CertGetCertificateContextProperty, CertAddCertificateContextToStore, CertOpenStore, CertVerifySubjectCertificateContext, CertGetIssuerCertificateFromStore, CertDuplicateCertificateContext, CertFreeCertificateContext, CertEnumCertificatesInStore, CryptImportPublicKeyInfoEx > GDI32.dll: RemoveFontResourceW, AddFontResourceW > KERNEL32.dll: WTSGetActiveConsoleSessionId, GetTimeFormatW, GetUserDefaultLCID, FileTimeToSystemTime, FileTimeToLocalFileTime, GetProcAddress, LoadLibraryW, GetModuleHandleW, SystemTimeToFileTime, GetSystemTime, SetLastError, TerminateProcess, GetCurrentProcess, CreateTimerQueueTimer, CreateThread, lstrcpynW, GetShortPathNameW, GetProfileStringW, FreeLibrary, ReleaseSemaphore, CreateSemaphoreW, GetSystemInfo, GetComputerNameW, GetEnvironmentVariableW, WaitForSingleObjectEx, LoadResource, FindResourceW, SetThreadExecutionState, DeleteTimerQueueTimer, ResetEvent, GetSystemDirectoryW, TransactNamedPipe, SetNamedPipeHandleState, GetTickCount, CreateFileW, GlobalGetAtomNameW, VirtualLock, VirtualQuery, GetDriveTypeW, Beep, ExpandEnvironmentStringsW, OpenMutexW, QueueUserWorkItem, LeaveCriticalSection, EnterCriticalSection, DisconnectNamedPipe, SearchPathW, lstrcatW, LocalReAlloc, TerminateThread, ResumeThread, GetDiskFreeSpaceExW, GlobalMemoryStatusEx, DeleteFileW, WriteProfileStringW, ReadFile, FindVolumeClose, FindNextVolumeW, FindFirstVolumeW, FormatMessageW, SetPriorityClass, MoveFileExW, WaitForMultipleObjectsEx, GetExitCodeProcess, SleepEx, InterlockedExchange, FindClose, FindFirstFileW, GetWindowsDirectoryW, SetTimerQueueTimer, GetComputerNameA, GetVersionExW, VerSetConditionMask, WriteFile, WaitNamedPipeW, WaitForMultipleObjects, ConnectNamedPipe, GetVersionExA, DuplicateHandle, OpenProcess, GetOverlappedResult, lstrcmpW, SetEnvironmentVariableW, UnregisterWait, CreateNamedPipeW, CreateRemoteThread, CreateActCtxW, GetModuleFileNameW, ExitProcess, LoadLibraryExW, SetErrorMode, SetUnhandledExceptionFilter, GetPrivateProfileStringW, LocalSize, VirtualAlloc, VirtualQueryEx, DebugBreak, CreateFileA, InitializeCriticalSection, ProcessIdToSessionId, SetInformationJobObject, AssignProcessToJobObject, TerminateJobObject, PostQueuedCompletionStatus, PulseEvent, GetQueuedCompletionStatus, CreateIoCompletionPort, CreateJobObjectW, ActivateActCtx, DeactivateActCtx, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, GetSystemTimeAsFileTime, UnhandledExceptionFilter, GetModuleHandleA, GetStartupInfoA, GetCurrentProcessId, SetThreadPriority, GetCurrentThreadId, lstrcmpiW, GetProfileIntW, LoadLibraryExA, lstrcpyW, lstrlenW, Sleep, LocalAlloc, CreateEventW, GetExitCodeThread, SetThreadAffinityMask, GetProcessAffinityMask, CreateWaitableTimerW, CreateMutexW, OpenEventW, RegisterWaitForSingleObject, WaitForSingleObject, CreateProcessW, SetWaitableTimer, ReleaseMutex, SetEvent, UnregisterWaitEx, CloseHandle, lstrlenA, lstrcpyA, MultiByteToWideChar, GetACP, WideCharToMultiByte, HeapAlloc, GetProcessHeap, HeapFree, lstrcpynA, UnmapViewOfFile, MapViewOfFile, CreateFileMappingW, lstrcmpiA, GetFileSize, SetFilePointer, GlobalAlloc, GlobalFree, GetLastError, LocalFree, lstrcatA, lstrcmpA, GetLogicalDriveStringsA, GetDriveTypeA, GetVolumeInformationW, GlobalMemoryStatus, CreateMutexA, FindResourceExW, LockResource, SizeofResource, VerifyVersionInfoW, GetSystemDirectoryA, GetCurrentThread, DelayLoadFailureHook, BaseInitAppcompatCacheSupport, OpenProfileUserMapping, CloseProfileUserMapping, BaseCleanupAppcompatCacheSupport, InitializeCriticalSectionAndSpinCount, VirtualProtect, CreateEventA, TlsSetValue, TlsGetValue, DeleteCriticalSection, TlsAlloc, VirtualFree, TlsFree > msvcrt.dll: wcslen, _vsnwprintf, wcsncpy, wcsstr, atoi, wcstok, memmove, wcschr, swprintf, swscanf, _local_unwind2, _wcslwr, wcscmp, _snwprintf, malloc, _c_exit, _exit, _XcptFilter, _cexit, exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, __3@YAXPAX@Z, __2@YAPAXI@Z, __CxxFrameHandler, _itow, _snprintf, _wtol, _strnicmp, sscanf, wcstombs, sprintf, strchr, strncmp, atof, _ftol, isspace, wcscpy, _controlfp, wcsncmp, _wcsupr, ceil, wcscat, _except_handler3, free, _wcsicmp > NDdeApi.dll: -, -, -, - > ntdll.dll: RtlSubAuthoritySid, RtlAllocateHeap, NtPowerInformation, NtSetSystemPowerState, NtRaiseHardError, RtlDeleteCriticalSection, NtOpenSymbolicLinkObject, NtReplyPort, NtCompleteConnectPort, NtReplyWaitReceivePort, NtAcceptConnectPort, NtCreatePort, RtlConvertSidToUnicodeString, RtlFreeUnicodeString, NtLockProductActivationKeys, RtlTimeToTimeFields, NtUnmapViewOfSection, NtMapViewOfSection, NtOpenSection, NtQuerySymbolicLinkObject, NtQueryVolumeInformationFile, NtSetSecurityObject, RtlAdjustPrivilege, NtOpenFile, NtFsControlFile, RtlAllocateAndInitializeSid, RtlDestroyEnvironment, RtlFreeHeap, NtQueryInformationToken, NtShutdownSystem, RtlEnterCriticalSection, RtlLeaveCriticalSection, RtlInitializeCriticalSection, RtlCreateEnvironment, RtlQueryEnvironmentVariable_U, RtlSetEnvironmentVariable, RtlInitUnicodeString, NtOpenKey, NtQueryValueKey, RtlInitializeSid, RtlLengthRequiredSid, NtAllocateLocallyUniqueId, RtlGetDaclSecurityDescriptor, RtlCopySid, RtlLengthSid, NtSetInformationThread, NtDuplicateToken, NtDuplicateObject, RtlEqualSid, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, NtClose, RtlOpenCurrentUser, RtlAddAce, RtlCreateAcl, RtlNtStatusToDosError, NtSetInformationProcess, NtQuerySystemInformation, NtCreateEvent, NtCreatePagingFile, RtlDosPathNameToNtPathName_U, RtlRegisterWait, NtSetValueKey, NtCreateKey, RtlTimeToSecondsSince1980, NtQuerySystemTime, NtPrivilegeObjectAuditAlarm, NtPrivilegeCheck, NtOpenThreadToken, NtOpenProcessToken, RtlInitString, RtlUnhandledExceptionFilter, NtQueryInformationProcess, DbgBreakPoint, RtlCheckProcessParameters, RtlSetThreadIsCritical, RtlSetProcessIsCritical, RtlGetNtProductType, NtInitiatePowerAction, DbgPrint, NtFilterToken, NtQueryInformationJobObject, NtOpenEvent, RtlGetAce, RtlQueryInformationAcl, NtQuerySecurityObject, RtlCompareUnicodeString, NtOpenDirectoryObject > PROFMAP.dll: InitializeProfileMappingApi, RemapAndMoveUserW > PSAPI.DLL: EnumProcesses, EnumProcessModules, GetModuleBaseNameW > REGAPI.dll: RegDefaultUserConfigQueryW, RegUserConfigQuery > RPCRT4.dll: RpcServerRegisterIfEx, RpcServerUseProtseqEpW, RpcImpersonateClient, I_RpcMapWin32Status, RpcServerRegisterIf, RpcGetAuthorizationContextForClient, RpcFreeAuthorizationContext, RpcServerListen, RpcRevertToSelf, NdrServerCall2, UuidCreate > Secur32.dll: LsaCallAuthenticationPackage, GetUserNameExW, LsaLookupAuthenticationPackage, LsaRegisterLogonProcess > SETUPAPI.dll: SetupDiDestroyDeviceInfoList, SetupDiEnumDeviceInfo, SetupDiGetClassDevsW, SetupDiGetDeviceRegistryPropertyW > USER32.dll: SetFocus, EnumWindows, CreateWindowStationW, RegisterLogonProcess, RecordShutdownReason, LoadLocalFonts, UnhookWindowsHook, SetWindowsHookW, GetWindowTextW, CallNextHookEx, DialogBoxParamW, GetWindowPlacement, GetSystemMenu, DeleteMenu, SetWindowPlacement, SetUserObjectInformationW, GetAsyncKeyState, PostThreadMessageW, SetUserObjectSecurity, CreateDesktopW, GetMessageTime, SetTimer, SetLogonNotifyWindow, UnlockWindowStation, ReplyMessage, UnregisterHotKey, RegisterHotKey, OpenInputDesktop, GetUserObjectInformationW, CloseDesktop, RegisterDeviceNotificationW, SetThreadDesktop, CreateWindowExW, GetMessageW, TranslateMessage, RegisterWindowMessageW, RegisterClassW, SetCursor, FindWindowW, MessageBoxW, SendNotifyMessageW, PostQuitMessage, MsgWaitForMultipleObjects, GetWindowRect, GetSystemMetrics, PeekMessageW, DispatchMessageW, KillTimer, SetProcessWindowStation, UpdateWindow, ShowWindow, SetWindowPos, PostMessageW, ExitWindowsEx, EnumDisplayMonitors, SystemParametersInfoW, GetDlgItem, SendMessageW, CreateDialogParamW, DestroyWindow, GetWindowLongW, GetDlgItemTextW, EndDialog, SetWindowLongW, LoadStringW, SetWindowTextW, SetDlgItemTextW, wsprintfW, wsprintfA, LockWindowStation, MBToWCSEx, SetWindowStationUser, UpdatePerUserSystemParameters, DialogBoxIndirectParamW, wvsprintfW, SetLastErrorEx, LoadCursorW, CheckDlgButton, IsDlgButtonChecked, DefWindowProcW, CloseWindowStation, LoadImageW, GetParent, GetKeyState, GetDesktopWindow, SetForegroundWindow, SwitchDesktop, OpenDesktopW > USERENV.dll: -, WaitForUserPolicyForegroundProcessing, GetAllUsersProfileDirectoryW, -, -, -, WaitForMachinePolicyForegroundProcessing, -, -, -, UnloadUserProfile, LoadUserProfileW, -, RegisterGPNotification, CreateEnvironmentBlock, DestroyEnvironmentBlock, UnregisterGPNotification, GetUserProfileDirectoryW > VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW > WINSTA.dll: WinStationRequestSessionsList, WinStationQueryLogonCredentialsW, WinStationIsHelpAssistantSession, WinStationAutoReconnect, _WinStationWaitForConnect, _WinStationNotifyLogoff, WinStationDisconnect, _WinStationCallback, WinStationNameFromLogonIdW, _WinStationFUSCanRemoteUserDisconnect, WinStationEnumerate_IndexedW, WinStationGetMachinePolicy, WinStationQueryInformationW, WinStationFreeMemory, WinStationReset, _WinStationNotifyDisconnectPipe, WinStationConnectW, WinStationSetInformationW, WinStationShutdownSystem, WinStationCheckLoopBack, _WinStationNotifyLogon > WINTRUST.dll: CryptCATAdminEnumCatalogFromHash, CryptCATCatalogInfoFromContext, CryptCATAdminCalcHashFromFileHandle, CryptCATAdminAcquireContext, CryptCATAdminReleaseCatalogContext, WTHelperProvDataFromStateData, WinVerifyTrust, WTHelperGetProvSignerFromChain, CryptCATAdminReleaseContext > WS2_32.dll: -, -, getaddrinfo ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win64 Executable Generic (80.9%) Win32 Executable Generic (8.0%) Win32 Dynamic Link Library (generic) (7.1%) Generic Win/DOS Executable (1.8%) DOS Executable Generic (1.8%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. Tous droits r_serv_s. product......: Syst_me d_exploitation Microsoft_ Windows_ description..: Application d_ouverture de session Windows NT original name: WINLOGON.EXE internal name: winlogon file version.: 5.1.2600.5512 (xpsp.080413-2113) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned

Je viens de le refaire touner: ############################## | FindyKill V5.021 | # User : Administrateur (Administrateurs) # CHARLES # Update on 10/12/2009 by Chiquitine29 # Start at: 11:48:57 | 16/12/2009 # Website : http://pagesperso-orange.fr/NosTools/index.html # Contact : FindyKill.Contact@gmail.com # Intel® Pentium® 4 CPU 3.20GHz # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Enabled # AV : AntiMalware 1.0 [ Enabled | (!) Outdated ] # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 149.04 Go (73.93 Go free) # NTFS # D:\ # Disque CD-ROM ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\wamp\apache\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\wamp\apache\Apache.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## | C: | ################## | C:\WINDOWS | ################## | C:\WINDOWS\system32 | ################## | C:\WINDOWS\system32\drivers | ################## | C:\Documents and Settings\Administrateur\Application Data | ################## | Temporary Internet Files | ################## | Registre / Clés infectieuses | Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify" Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride" Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify" Présent ! [HKLM\software\microsoft\security center] "FirewallOverride" Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify" ################## | Etat / Services / Informations | # Affichage des fichiers cachés : OK # Mode sans echec : OK # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) # EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) # (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 ) ################## | Cracks / Keygens / Serials | ################## | ! Fin du rapport # FindyKill V5.021 ! |

Logfile of random's system information tool 1.06 (written by random/random)Run by Administrateur at 2009-12-16 11:20:25 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 76 GB (50%) free of 153 GB Total RAM: 511 MB (28% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:20:34, on 16/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\wamp\apache\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\wamp\apache\Apache.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: I.R.I.S. Desktop Search - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6796.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://ct.prim.net/mgaxctrl.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - http://f003.mail.caramail.lycos.fr/app/upl...ileUploader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...827/mcfscan.cab O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache\Apache.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe -- End of file - 9124 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\ParetoLogic Registration.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-10-05 329312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-05-25 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-02 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-05-25 264720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160] {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - I.R.I.S. Desktop Search - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll [2006-01-11 1385768] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-07-26 282624] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-17 68856] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Program Files\Documents and Settings\Programmes\Démarrage WampServer.lnk - C:\Program Files\wamp\wampserver.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-05-25 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\SYSTEM32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, append.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Zinf\zinf.exe"="C:\Program Files\Zinf\zinf.exe:*:Enabled:Zinf" "C:\Program Files\i-voyager\scol.exe"="C:\Program Files\i-voyager\scol.exe:*:Enabled:scol" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\WINDOWS\network diagnostic\xpnetdiag.exe"="C:\WINDOWS\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostic for Windows XP" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Kaspersky\kavupd.exe"="C:\Kaspersky\kavupd.exe:*:Enabled:kavupd" "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS" "C:\Documents and Settings\Administrateur\Local Settings\Temp\7zS1B.tmp\SymNRT.exe"="C:\Documents and Settings\Administrateur\Local Settings\Temp\7zS1B.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool" "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE:*:Disabled:Microsoft Office Word" "D:\Setup\HipServSetup.exe"="D:\Setup\HipServSetup.exe:*:Enabled:Installation de Home Library" "C:\Program Files\Orange\Home Library\DesktopMirror\rsync.exe"="C:\Program Files\Orange\Home Library\DesktopMirror\rsync.exe:*:Enabled:HipServ DesktopMirror (rsync)" "C:\Program Files\Orange\Home Library\DesktopMirror\ssh.exe"="C:\Program Files\Orange\Home Library\DesktopMirror\ssh.exe:*:Enabled:HipServ DesktopMirror (ssh)" "C:\Program Files\Orange\Home Library\QuickConnect\AxentraPicturesWizard.exe"="C:\Program Files\Orange\Home Library\QuickConnect\AxentraPicturesWizard.exe:*:Enabled:HipServ Pictures Wizard" "C:\Program Files\Orange\Home Library\QuickConnect\AxentraSmartShortcut.exe"="C:\Program Files\Orange\Home Library\QuickConnect\AxentraSmartShortcut.exe:*:Enabled:HipServ SmartShortcut" "C:\Program Files\Orange\Home Library\HipServAgent\HipServAgent.exe"="C:\Program Files\Orange\Home Library\HipServAgent\HipServAgent.exe:*:Enabled:HipServAgent" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======File associations====== .reg - edit - .reg - open - ======List of files/folders created in the last 1 months====== 2009-12-16 11:20:25 ----D---- C:\rsit 2009-12-16 10:45:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-16 09:03:23 ----A---- C:\WINDOWS\ntbtlog.txt 2009-12-15 15:20:14 ----A---- C:\FindyKill.txt 2009-12-15 15:06:54 ----D---- C:\FindyKill 2009-12-15 14:38:42 ----D---- C:\Program Files\Kaspersky Lab 2009-12-15 14:38:42 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-12-15 09:24:57 ----D---- C:\WINDOWS\BDOSCAN8 2009-12-14 22:57:51 ----D---- C:\csscod 2009-12-14 20:25:16 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-12-11 08:38:42 ----D---- C:\Documents and Settings\Administrateur\Application Data\igraal 2009-12-11 08:16:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-11 08:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-11 08:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-11 08:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-11 08:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-09 23:33:11 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-12-09 23:28:35 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-12-09 23:28:35 ----D---- C:\Documents and Settings\All Users\Application Data\Norton 2009-12-09 23:28:29 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller 2009-12-09 14:54:19 ----A---- C:\rollback.ini 2009-12-09 11:08:58 ----D---- C:\Program Files\ParetoLogic 2009-12-09 11:08:58 ----D---- C:\Program Files\Fichiers communs\ParetoLogic 2009-12-09 11:08:58 ----D---- C:\Documents and Settings\All Users\Application Data\ParetoLogic 2009-12-02 13:52:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\Opera 2009-12-02 13:51:16 ----D---- C:\Program Files\Opera 2009-11-25 17:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-11-25 17:25:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ ======List of files/folders modified in the last 1 months====== 2009-12-16 11:20:34 ----D---- C:\Program Files\Trend Micro 2009-12-16 11:16:02 ----D---- C:\WINDOWS\TEMP 2009-12-16 11:16:02 ----D---- C:\WINDOWS\system32 2009-12-16 11:15:55 ----A---- C:\WINDOWS\pdf995.ini 2009-12-16 11:08:59 ----D---- C:\SDFix 2009-12-16 10:59:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-16 10:45:18 ----D---- C:\WINDOWS\system32\drivers 2009-12-16 10:45:16 ----AD---- C:\Program Files 2009-12-16 09:45:20 ----D---- C:\WINDOWS\Prefetch 2009-12-16 09:26:17 ----A---- C:\rapport.txt 2009-12-16 09:21:17 ----A---- C:\WINDOWS\system32\tmp.txt 2009-12-16 09:03:23 ----D---- C:\WINDOWS 2009-12-16 08:59:39 ----SHD---- C:\WINDOWS\CSC 2009-12-15 19:33:15 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-12-15 19:33:15 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe 2009-12-15 16:52:19 ----D---- C:\WINDOWS\system32\CatRoot 2009-12-15 16:50:32 ----SHD---- C:\WINDOWS\Installer 2009-12-15 16:50:31 ----HD---- C:\Config.Msi 2009-12-15 16:44:57 ----HD---- C:\WINDOWS\inf 2009-12-15 16:43:23 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-15 14:03:09 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-12-15 14:02:37 ----D---- C:\Program Files\BeClean 2009-12-14 20:23:25 ----SD---- C:\WINDOWS\Tasks 2009-12-11 13:31:28 ----D---- C:\Program Files\Panda Security 2009-12-11 11:24:28 ----D---- C:\Program Files\Mozilla Firefox 2009-12-11 09:22:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc 2009-12-11 08:30:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-11 08:28:40 ----SHD---- C:\System Volume Information 2009-12-11 08:21:24 ----RASH---- C:\boot.ini 2009-12-11 08:21:24 ----A---- C:\WINDOWS\win.ini 2009-12-11 08:21:24 ----A---- C:\WINDOWS\system.ini 2009-12-11 08:16:25 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-12-11 08:16:00 ----D---- C:\Program Files\Internet Explorer 2009-12-11 08:15:45 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-09 23:33:11 ----D---- C:\Program Files\Fichiers communs 2009-12-09 23:21:11 ----D---- C:\WINDOWS\pss 2009-12-09 20:58:13 ----D---- C:\hijackthis 2009-12-09 16:45:25 ----D---- C:\Program Files\Eraser 2009-12-09 12:30:54 ----D---- C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org2 2009-12-09 10:47:41 ----D---- C:\WINDOWS\WinSxS 2009-12-07 15:52:09 ----D---- C:\Documents and Settings\Administrateur\Application Data\dvdcss 2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe 2009-12-01 10:57:23 ----A---- C:\WINDOWS\Graphex3.ini 2009-11-20 16:47:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mozilla 2009-11-20 11:03:24 ----AC---- C:\WINDOWS\WORDPAD.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2005-04-18 2721] R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2004-01-09 66992] R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2004-01-09 24698] R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2004-01-09 259200] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-05-24 296976] R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2004-01-09 118409] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2004-01-09 213120] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-10-23 100384] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-08 769536] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-06-19 190336] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472] R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-11 51582] R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894] R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2004-01-09 22745] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-04-15 612416] R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46848] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2004-02-04 51584] S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [] S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2004-01-09 21993] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-03 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-03 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-03 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-03 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-03 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-03 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-03 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-03 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-03 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-03 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-03 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-03 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-03 22271] S3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-11 25630] S3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-11 37916] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-09-29 2467392] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 portio;portio; \??\C:\Program Files\Zinf\portio.sys [] S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys [] S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS [] S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-08 105472] S4 iaStor;Intel RAID Controller; C:\WINDOWS\System32\DRIVERS\iaStor.sys [2004-06-29 477952] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504] S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2008-06-20 65536] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MSSQL$MICROSOFTBCM;MSSQL$MICROSOFTBCM; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe [2003-05-31 7544916] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 wampapache;wampapache; C:\Program Files\wamp\apache\Apache.exe [2004-10-28 20545] R2 wampmysqld;wampmysqld; C:\Program Files\wamp\mysql\bin\mysqld-nt.exe [2004-10-31 2207744] R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-07 516096] S2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-05-25 303376] S2 msav;Moon Secure Antivirus Core; C:\Program Files\Moon Secure Antivirus\msavcore.exe [] S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-09-29 114755] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2005-03-09 69632] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-04 651720] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-01 138168] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544] S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-01-07 79360] S3 SQLAgent$MICROSOFTBCM;SQLAgent$MICROSOFTBCM; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE [2002-12-17 311872] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2006-06-14 323584] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-12-16 11:20:38 ======Uninstall list====== --> ADD_REMOVE="TRUE" --> -c"C:\Program Files\MapInfo\Professional\Uninst.dll" -->MsiExec.exe /I{76D6189D-0001-8000-0002-DFC2EE337EAC} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3dem-->C:\Program Files\Visualization\3dem\Uninst.exe /pid:{C0A1A59B-5AA8-4439-9792-CBABE48AEA6A} /asd A9Converter-->MsiExec.exe /I{0D71EC64-26F3-4622-B01C-8311DB5303A8} AbsoluteShield File Shredder-->"C:\Program Files\SysShield Tools\File Shredder\unins000.exe" Adobe Acrobat 7.1.0 Standard - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-BA7E-000000000002} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Illustrator CS-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}\setup.exe" Adobe Photoshop Album 2.0 Edition Découverte-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24} Adobe Product/Adobe Studio Update 10/2001-->"C:\Program Files\InstallShield Installation Information\{73006B34-9743-4A39-AC37-38EDFCEB6DCE}\setup.exe" Adobe Reader 6.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-000000000001} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Panorama Maker 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CABB679-3958-44AA-BFFF-4E68A2684255}\Setup.exe" -l0x40c -uninst ArcView 9.0 (Demo Edition)-->MsiExec.exe /I{3268CD7A-9285-4CF9-AE07-CE0E2286AAA7} ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe" Autodesk Inventor Plug-In 8.0-->MsiExec.exe /I{4780F600-0001-0409-0000-114715ACF216} AutoDWG DWG DXF Converter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3C53492-53A3-4EA8-A3A2-B30DBBE14B96}\Setup.exe" BB FlashBack-->MsiExec.exe /I{9AA0A17D-7B65-47AE-9E8C-07E8A9A4AA23} BeClean-->"C:\Program Files\BeClean\unins000.exe" Bentley View (V 08.05.02.35) - 1-->"C:\Program Files\InstallShield Installation Information\GUID.exe" -uninstall -guid"{EC2A673E-4292-4C5E-A802-80DD385B8A52}_0" Broadcom Management Programs-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1036 ColorLUT (C:\Program Files\ColorLUT\) #3-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ColorLUT\ST6UNST.001" ColorLUT (C:\Program Files\ColorLUT\) #4-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ColorLUT\ST6UNST.002" ColorLUT (C:\Program Files\ColorLUT\) #5-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ColorLUT\ST6UNST.003" ColorLUT (C:\Program Files\ColorLUT\)-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ColorLUT\ST6UNST.000" ColorLUT-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ColorLUT\ST6UNST.LOG" Command On Demand for Command Software-->rundll32 advpack.dll,LaunchINFSection C:\csscod\uninst.inf,DefaultUninstall Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Cortona® VRML Client-->C:\PROGRA~1\PARALL~1\CORTON~1\UNWISE32.EXE C:\PROGRA~1\PARALL~1\CORTON~1\Install.log Disk Cleaner (remove only)-->"C:\Program Files\Disk Cleaner\uninstall.exe" DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN DjVu Web Browser Plug-in-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3230613-BE9A-4B90-810A-5042496C02D8}\setup.exe" Easy CD & DVD Creator 6-->MsiExec.exe /I{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9} ECW Compressor 2.2-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ER Mapper\ECW Compressor 2.2\uninstNT.isu" EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\SETUP.EXE" UNINSTALL Eraser 5.8-->"C:\Program Files\Eraser\unins000.exe" ESRI ArcExplorer 1.1.5-->C:\Program Files\ESRI\ArcExplorer\UNWISE32.EXE C:\PROGRA~1\ESRI\ARCEXP~1\INSTALL.LOG "ESRI ArcExplorer 1.1.5" FireGL driver for 3D Studio MAX/VIZ-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5AEBFD6-3AF9-4784-81C2-F442C86AA096}\setup.exe" FloorPlan 3D v7-->MsiExec.exe /I{708A6AC6-03EC-11D5-AA9A-00C0DF245F7E} Flora Helvetica 2.0 (f)-->MsiExec.exe /X{1E8CB7B7-157B-11D5-A6F6-0050DACF0BB9} FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe" FotoStation Easy-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67DD948A-974D-41B7-9723-036BCFA45232}\Setup.exe" FreeUndelete-->C:\Program Files\FreeUndelete\GLF40.exe /handle:fun Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe Geographic Tracker 3.3 MapInfo Version-->MsiExec.exe /X{206C509F-D8A8-4289-9492-90F391B2CBE7} Gestionnaire de contacts professionnels pour Outlook 2003-->MsiExec.exe /I{66563AD8-637B-407F-BCA7-0233A16891AB} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll" GTP 1.5 for MapInfo Vertical Mapper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65832D29-3D42-41C7-B215-F106BF61FBD2}\setup.exe" -l0x9 HijackThis 2.0.2-->"C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\HijackThis.exe" /uninstall Home Library-->MsiExec.exe /I{D323C27E-5DB7-4EE6-B75D-35C0F4D3FABD} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Help and Support-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\SETUP.EXE" -l0x40c HP Performance Tuning Framework-->MsiExec.exe /I{D326BF8E-4E0A-4E03-9027-74C11CC46999} HP Safety and Comfort Guide-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAC4426A-42CD-4B4E-8057-9738C96F2C8F}\SETUP.EXE" -l0x40c I.R.I.S. Desktop Search-->C:\Program Files\IRIS Desktop Search\uninst.exe IGNMap 1.0.3-->C:\Program Files\IGN\IGNMap\uninst.exe IKEA HomePlanner Kitchen-->MsiExec.exe /I{A36BE275-BD22-406C-8D2D-ED99F9E6C0B4} ImageWarp-->C:\WINDOWS\uninst.exe -fc:\esri\av_gis30\arcview\DeIsL3.isu -cc:\esri\av_gis30\arcview\_ISREG32.DLL InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe iTunes-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{54C0D94A-F467-4ABC-9D02-6E58748668D4} /l1036 JAI Image I/O Tools 1.0_01 for JRE-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5196C0EF-A503-4683-95DE-E594788F56BE} Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030} Java Advanced Imaging 1.1.2_01 For JRE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Java\j2re1.4.2_03\Uninstjai.isu" Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logitech MouseWare 9.80 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" MapCAD 9.5-->MsiExec.exe /I{1CB5B390-B34E-4878-ACC3-5FEFC104DCA1} MapImagery-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GID\Uninst.isu" MapInfo Line Style Editor 2.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MapInfo\MapInfo Line Style Editor 2.0\MILine24.isu" MapInfo MDAC-DAO-ODBC-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E0952DF-C3AA-11D3-98BB-0050049DA7AB}\setup.exe" MapInfo Professional 6.0-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\MapInfo\Professional\MIPro60.isu" MapInfo Professional 9.5-->MsiExec.exe /I{6653F8EB-AE75-45F0-9DC1-456A3C745F57} Microdem 8.01-->C:\WINDOWS\uninst.exe -f"C:\Program Files\PETMAR Trilobites\Microdem 8.01\DeIsL1.isu" -c"C:\Program Files\PETMAR Trilobites\Microdem 8.01\_ISREG32.DLL" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NFO viewer v 2.1-->"C:\Program Files\NFO viewer\unins000.exe" Nokia Connectivity Cable Driver-->MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7} Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_fre_web.exe Nokia PC Suite-->MsiExec.exe /I{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI OpenOffice.org 2.1-->MsiExec.exe /I{E5430A11-6799-41E0-A9D5-F68BDC67AAD8} OpenOffice.org 2.4-->MsiExec.exe /I{B6694BAA-7604-46AA-A41F-B5F1E6DADE7A} Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930} Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u Package de pilotes Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_044C8712DB44F83D9DE6C376991EE9254E0A69E4\pccswpddriver.inf Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf Package de pilotes Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf Package de pilotes Windows - Nokia Modem (05/24/2007 6.84.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf PC Connectivity Solution-->MsiExec.exe /I{99A40651-0BC2-4095-8F9A-A40FAB224FEF} PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x40c Pdf995-->c:\pdf995\setup.exe uninstall PDFCreator-->C:\Program Files\PDFCreator\unins000.exe Poly Plus-->C:\Program Files\Poly Plus\UnInstal.exe Python 2.1 combined Win32 extensions-->C:\Python21\UNWISE~1.EXE C:\Python21\w32inst.log Python 2.1-->C:\Python21\\Python21\UNWISE.EXE C:\Python21\\Python21\INSTALL.LOG Quantum GIS 0.8 Titan-->C:\Program Files\Quantum GIS\uninst.exe QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1036 Readiris Pro 11 Demo-->MsiExec.exe /I{B0F11672-0D3D-4881-8BA2-06AD828670BB} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 Relief Shade-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02E15A98-4587-4CFB-A4BB-A9F27C55C9C0}\setup.exe" -l0x9 SavGIS-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\IRD\Savane\Uninst.isu" SimpleOCR 3.1-->C:\PROGRA~1\SIMPLE~1\UNWISE.EXE C:\PROGRA~1\SIMPLE~1\INSTALL.LOG SLCS User License Manager-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Photomatics\SLCS\Uninst.isu" Software Setup-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\COMPAQ\Software Setup\Uninst.isu" -c"C:\Program Files\COMPAQ\Software Setup\CPQUNST.DLL" SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE" Support DBMS MapInfo-->C:\WINDOWS\IsUn040c.exe -f"C:\PROGRAM FILES\MAPINFO\PROFESSIONAL\MI_ODBC60.isu" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" v 1.2-->"C:\Program Files\LayersPlus\unins000.exe" v 2.0.7[1]-->"C:\Program Files\CopyPlus\unins000.exe" Vertical Mapper 3.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97042B20-E491-11D3-96D4-00105A111647}\setup.exe" Vertical Mapper Version 2.5-->C:\WINDOWS\IsUninst.exe -f"C:\PROGRAM FILES\MAPINFO\PROFESSIONAL\Vm2\Uninst.isu" ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9 VirtualMap-->MsiExec.exe /I{41FF6AE7-522D-4E21-9145-F48EED630E0B} VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe VuPassword-->"C:\Program Files\VuPassword\unins000.exe" WAMP5 1.3.2-->"C:\Program Files\wamp\unins000.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WOCAR-->C:\WINDOWS\uninst.exe -f"C:\Program Files\WOCAR\DeIsL1.isu" XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" XnView 1.96-->"C:\Program Files\XnView\unins000.exe" Zinf 2.2.1-->C:\PROGRA~1\Zinf\UNWISE.EXE C:\PROGRA~1\Zinf\INSTALL.LOG ======Hosts File====== 127.0.0.1 localhost ======Security center information====== AV: AntiMalware (outdated) ======System event log====== Computer Name: CHARLES Event Code: 7036 Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution. Record Number: 39355 Source Name: Service Control Manager Time Written: 20091209092315.000000+060 Event Type: Informations User: Computer Name: CHARLES Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL. Record Number: 39354 Source Name: Service Control Manager Time Written: 20091209092315.000000+060 Event Type: Informations User: AUTORITE NT\SERVICE LOCAL Computer Name: CHARLES Event Code: 7036 Message: Le service Google Updater Service est entré dans l'état : en cours d'exécution. Record Number: 39353 Source Name: Service Control Manager Time Written: 20091209092314.000000+060 Event Type: Informations User: Computer Name: CHARLES Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Google Updater Service. Record Number: 39352 Source Name: Service Control Manager Time Written: 20091209092314.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: CHARLES Event Code: 7 Message: Le périphérique \Device\Harddisk0\D comporte un bloc défectueux. Record Number: 39351 Source Name: Disk Time Written: 20091209092314.000000+060 Event Type: erreur User: =====Application event log===== Computer Name: CHARLES Event Code: 105 Message: The service was started. Record Number: 5 Source Name: WMDM PMSP Service Time Written: 20091024141231.000000+120 Event Type: Informations User: Computer Name: CHARLES Event Code: 3299 Message: The Apache service named Apache.exe reported the following error: >>> [sat Oct 24 14:12:31 2009] [warn] pid file c:/program files/wamp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run? <<< before the error.log file could be opened. More information may be available in the error.log file. . Record Number: 4 Source Name: Apache Service Time Written: 20091024141231.000000+120 Event Type: erreur User: Computer Name: CHARLES Event Code: 3299 Message: The Apache service named Apache.exe reported the following error: >>> Processing config file: c:/osiris/appli/install/conf/httpd_osiris.conf <<< before the error.log file could be opened. More information may be available in the error.log file. . Record Number: 3 Source Name: Apache Service Time Written: 20091024141231.000000+120 Event Type: erreur User: Computer Name: CHARLES Event Code: 3299 Message: The Apache service named Apache.exe reported the following error: >>> Processing config directory: c:/osiris/appli/install/conf <<< before the error.log file could be opened. More information may be available in the error.log file. . Record Number: 2 Source Name: Apache Service Time Written: 20091024141231.000000+120 Event Type: erreur User: Computer Name: CHARLES Event Code: 105 Message: The service was started. Record Number: 1 Source Name: ATI Smart Time Written: 20091024141219.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\FICHIERS COMMUNS\ROXIO SHARED\DLLSHARED;C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\GESTIONNAIRE DE CONTACTS PROFESSIONNELS\IM;C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\;C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE11\GESTIONNAIRE DE CONTACTS PROFESSIONNELS\;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL;C:\PROGRAM FILES\ATI TECHNOLOGIES\FIRE GL 3D STUDIO MAX;C:\PROGRAM FILES\QUICKTIME\QTSYSTEM\;C:\Program Files\Fichiers communs\Autodesk Shared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0304 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip -----------------EOF-----------------

Je précise un symptôme, aucun exe ne se lance depuis le bureau...je dois par exemple exécuter SmitFraudFix lors du téléchargement... Malgré ce dernier j'ai toujours les mêmes problèmes. Pouvez-vous m'aider. Merci.

Que pensez-vous du rapport? Où est le problème? Merci à vous.

Bonjour à tous, Depuis un chargement intempestif et forcé d'un antispam...je n'ai plus aucun antivirus qui se lancent et l'ordi a du mal a démarrer une session. J'ai voulu installer un logiciel mais sans succès. Le "virus" bloque tout installation et tous les scans en ligne ne trouvent rien. En vous remerciant pour votre aide. Voici mon rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:02:17, on 15/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\wamp\apache\Apache.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\wamp\apache\Apache.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Administrateur\Bureau\hijackthis-2.0.2.75917.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hijackthis-2.0.2.75917.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Fichiers Internet temporaires\Content.IE5\8AAD3DUL\HiJackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: I.R.I.S. Desktop Search - {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - C:\Program Files\IRIS Desktop Search\IRISDesktopSearchIntegration910.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6796.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://ct.prim.net/mgaxctrl.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6CCE3920-3183-4B3D-808A-B12EB769DE12} (CSS Web Installer Class) - http://www.commandondemand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - http://f003.mail.caramail.lycos.fr/app/upl...ileUploader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...827/mcfscan.cab O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache\Apache.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe -- End of file - 10073 bytes

La manip a fait du bien mais le ventilo tourne toujours autant... Est-ce que ça pourrait être un problème physique de l'ordi?

Vous n'avez rien décelé ? Merci.

Bonjour à tous, Mon ordi est relativement lent depuis plusieurs semaines (poste de travail, internet,...). j'ai donc fait tourner des scans en ligne, divers utilitaires, etc... J'ai suivi la procédure de pré-nettoyage décrite dans le forum et voici mon rapport HijackThis: ******************************************************************* Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:28:15, on 08/06/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\BeClean\bca.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\Logi_MwX.Exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Eraser\eraser.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\FotoStation Easy\FotoStation Easy AutoLaunch.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\wamp\apache\Apache.exe C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\wamp\mysql\bin\mysqld-nt.exe C:\Program Files\wamp\wampserver.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\wamp\apache\Apache.exe C:\Program Files\OrangeHSS\systray\systrayapp.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing) O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [beClean Agent] C:\Program Files\BeClean\bca.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: WampServer.lnk = C:\Program Files\wamp\wampserver.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {BE2F2769-8A63-4bc7-8A99-06C2C4AD7B9B} - (no file) (HKCU) O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kav...can_unicode.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://ct.prim.net/mgaxctrl.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - http://f003.mail.caramail.lycos.fr/app/upl...ileUploader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...563/mcfscan.cab O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: wampapache - Unknown owner - C:\Program Files\wamp\apache\Apache.exe O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe -- End of file - 9517 bytes *********************************************************** En vous remerciant pour votre aide.