MoiBeber

Voici le rapport Kapersky terminé avec succès au 7ème essai : -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Sunday, August 2, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Saturday, August 01, 2009 22:28:33 Records in database: 2570997 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ Scan statistics: Files scanned: 106122 Threat name: 2 Infected objects: 2 Suspicious objects: 0 Duration of the scan: 06:45:23 File name / Threat name / Threats count C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D13M1007NetInstaller.exe Infected: not-a-virus:Downloader.Win32.WinFixer.l 1 C:\WINDOWS\system32\40vothrv.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao 1 The selected area was scanned.

Vous m'avez demandé de faire une analyse Antivirus Kapersky en ligne tout se passe bien mais lorsque l'analyse arrive aux 99% il y a découverte d'un fichier infecté et là l'analyse s'arrête brutalement même après avoir tourné toute une nuit...

Lorsque je fait un analyse en ligne avec Kapersky quand il est a 99% il trouve un fichier infecté et l'analyse s'arrête je ne comprends pas... Et Antivir ne m'indique aucune infection je ne comprends pas non plus...

A quoi sert la défragmentation?

A l'aide de Zeb-Utility puis je défragmenter, nettoyer les disques, les vérifier, et défragmenter les fichiers de démarrage?? mais a quoi sert tout cela et quoi sélectionné pour un nettoyage de disques? Pour ce qui est de l'analyse en ligne je refait un essai après de échec due a l'arrêt de l'analyse en cours pour je ne sais quelle raison...

Lots du scan de Kapersky j'ai un message me disant Windows - Mémoire virtuelle minimale insuffisante.... Grave pas grave???

Pour ce qui est de votre message pour remédier aux problèmes de lenteur de mon ordinateur c'est plus que du chinois donc je ne pense pas être en mesures de réussir quoi que ce soit sans comprendre

Merci :P Le scan arrive mais le téléchargement est long..... très long ... trop long....

Que voulez vous faire ?Vous n'envisagez pas de les restaurer ? Vous m'avez demandé de selectionné ces lignes et de cliqué sur Fix... mais ayant fermé HijackThis j'ai perdu ces lignes comment dois-je faire pour faire ce que vous me demandez?

Apres avoir posté le rapport j'ai fermé HijackThis comment récupérer ces lignes? Mon ordinateur a un gros problème de lenteur sauriez-vous me dire quelle peut en être la ou les raison(s)?

Rapport OTM: All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== FILES ========== File/Folder c:\windows\system32\hgqhp.exe not found. File/Folder C:\\Recycler\\Q678341.exe not found. File/Folder c:\ex.cab not found. C:\Program Files\Bonjour\mDNSResponder.exe moved successfully. C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe moved successfully. ========== SERVICES/DRIVERS ========== Service\Driver Bonjour Service deleted successfully. Service\Driver Boonty Games deleted successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\hgqhp.exe deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Bertrand ->Temp folder emptied: 1402350 bytes ->Temporary Internet Files folder emptied: 88163 bytes ->Java cache emptied: 13425527 bytes ->FireFox cache emptied: 41727385 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Jean-Loup ->Temp folder emptied: 100317 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 72741089 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 19569 bytes %systemroot%\System32 .tmp files removed: 0 bytes Windows Temp folder emptied: 16384 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 123,58 mb OTM by OldTimer - Version 3.0.0.5 log created on 07312009_155810 Files moved on Reboot... Registry entries deleted on Reboot... Dans la sous option Services installés il n'y avait pas cette ligne... Je l'ai rajouté...

Apres avoir posté le rapport j'ai fermé HijackThis comment récuperer ces lignes? dans un premier temps je tape Regsvr32.exe /u msimtf.dll puis Regsvr32.exe /u Msctf.dll ou juste Msctf.dll

Voici le rapport Hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:22:22, on 30/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\Program Files\Borland\InterBase\bin\ibguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Borland\InterBase\bin\ibserver.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\system32\devldr32.exe D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\Messenger\Msmsgs.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe D:\pictureproject\NkbMonitor.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Microsoft Office\Office10\POWERPNT.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir Desktop\avscan.exe C:\Documents and Settings\Bertrand\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [MSN Sniffer] C:\Program Files\MsnSniffer\MsnSniffer.exe O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Wanadoo\EspaceWanadoo.exe O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\System32\hgqhp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [simp] C:\Program Files\Secway\SimpLite-MSN 2.1\SimpLite-MSN.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Startup: WireChanger.lnk = C:\Program Files\WiredPlane\WireChanger\WireChanger.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NkbMonitor.exe.lnk = D:\pictureproject\NkbMonitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {10000000-1000-0000-0000-000000000000} - file://C:\\Recycler\\Q678341.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/Data...6-6D5536C585C9} O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA50D2E-9997-41F3-9D48-4164331251CF}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{69998F6E-FEC5-425E-B4B8-A3A915CA7612}: NameServer = 192.168.1.1 O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 11741 bytes

Voici le dernier rapport cette fois ci après suppression : --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : Version 1.00 USER : Bertrand ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.30 (Not Activated) C:\ (Local Disk) - NTFS - Total:19 Go (Free:1 Go) D:\ (Local Disk) - NTFS - Total:18 Go (Free:4 Go) E:\ (CD or DVD) F:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 29/07/2009|22:10 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [15/07/2009|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [31/05/2008|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [04/10/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [17/03/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [27/07/2009|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [08/06/2005|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [01/02/2007|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [29/03/2009|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant [28/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [24/06/2005|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [12/07/2009|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [23/06/2006|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [19/02/2009|02:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/11/2005|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [15/04/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [14/09/2005|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media [26/05/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [28/05/2005|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [01/04/2006|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [08/04/2006|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [15/03/2006|23:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft [01/05/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [25/05/2005|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir [25/05/2005|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard [10/06/2006|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [18/11/2007|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [01/07/2005|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [19/01/2008|13:52] C:\DOCUME~1\Bertrand\APPLIC~1\Adobe [31/05/2008|22:46] C:\DOCUME~1\Bertrand\APPLIC~1\AdobeUM [17/03/2007|20:26] C:\DOCUME~1\Bertrand\APPLIC~1\Apple Computer [31/08/2005|21:34] C:\DOCUME~1\Bertrand\APPLIC~1\ArcSoft [26/09/2006|20:10] C:\DOCUME~1\Bertrand\APPLIC~1\BitTorrent [06/01/2006|20:50] C:\DOCUME~1\Bertrand\APPLIC~1\BVS Solitaire Collection [02/07/2009|11:06] C:\DOCUME~1\Bertrand\APPLIC~1\Canon [29/04/2006|15:11] C:\DOCUME~1\Bertrand\APPLIC~1\Chessmaster Challenge [07/01/2006|20:29] C:\DOCUME~1\Bertrand\APPLIC~1\Creative [23/02/2007|20:12] C:\DOCUME~1\Bertrand\APPLIC~1\DeepBurner [29/10/2006|23:30] C:\DOCUME~1\Bertrand\APPLIC~1\dvdcss [29/08/2005|18:27] C:\DOCUME~1\Bertrand\APPLIC~1\eConf [22/07/2009|21:52] C:\DOCUME~1\Bertrand\APPLIC~1\eMule [07/06/2007|13:19] C:\DOCUME~1\Bertrand\APPLIC~1\fltk.org [30/08/2006|16:22] C:\DOCUME~1\Bertrand\APPLIC~1\Google [17/11/2005|20:12] C:\DOCUME~1\Bertrand\APPLIC~1\Help [01/02/2007|21:01] C:\DOCUME~1\Bertrand\APPLIC~1\HP [23/10/2005|18:44] C:\DOCUME~1\Bertrand\APPLIC~1\Identities [20/06/2007|22:13] C:\DOCUME~1\Bertrand\APPLIC~1\Image Zone Express [01/07/2005|22:11] C:\DOCUME~1\Bertrand\APPLIC~1\Incredible Ink [29/10/2005|18:11] C:\DOCUME~1\Bertrand\APPLIC~1\Interactive Agents [15/09/2008|09:30] C:\DOCUME~1\Bertrand\APPLIC~1\InterTrust [06/07/2005|10:41] C:\DOCUME~1\Bertrand\APPLIC~1\Lavasoft [11/11/2006|17:40] C:\DOCUME~1\Bertrand\APPLIC~1\Leadertech [24/03/2006|18:42] C:\DOCUME~1\Bertrand\APPLIC~1\Macromedia [12/07/2009|17:49] C:\DOCUME~1\Bertrand\APPLIC~1\Malwarebytes [01/04/2006|17:11] C:\DOCUME~1\Bertrand\APPLIC~1\Media Player Classic [02/04/2008|13:33] C:\DOCUME~1\Bertrand\APPLIC~1\Microsoft [24/06/2005|20:06] C:\DOCUME~1\Bertrand\APPLIC~1\Mind Control Software [02/09/2008|00:09] C:\DOCUME~1\Bertrand\APPLIC~1\Mozilla [24/05/2009|18:48] C:\DOCUME~1\Bertrand\APPLIC~1\MSN6 [15/04/2006|16:44] C:\DOCUME~1\Bertrand\APPLIC~1\muvee Technologies [16/04/2006|19:13] C:\DOCUME~1\Bertrand\APPLIC~1\Nikon [25/12/2005|18:38] C:\DOCUME~1\Bertrand\APPLIC~1\PDFcreator [26/05/2006|10:31] C:\DOCUME~1\Bertrand\APPLIC~1\PlayFirst [10/04/2007|23:50] C:\DOCUME~1\Bertrand\APPLIC~1\pokerth [28/02/2008|01:36] C:\DOCUME~1\Bertrand\APPLIC~1\Real [26/10/2006|10:47] C:\DOCUME~1\Bertrand\APPLIC~1\ScanSoft [18/03/2007|21:33] C:\DOCUME~1\Bertrand\APPLIC~1\Screenshot Sender [14/10/2007|03:46] C:\DOCUME~1\Bertrand\APPLIC~1\Sony Ericsson [08/06/2005|18:35] C:\DOCUME~1\Bertrand\APPLIC~1\Sun [26/11/2006|19:01] C:\DOCUME~1\Bertrand\APPLIC~1\Talkback [01/06/2007|19:42] C:\DOCUME~1\Bertrand\APPLIC~1\TaoUSign [14/10/2007|03:48] C:\DOCUME~1\Bertrand\APPLIC~1\Teleca [28/05/2005|10:02] C:\DOCUME~1\Bertrand\APPLIC~1\Thunderbird [15/04/2007|14:59] C:\DOCUME~1\Bertrand\APPLIC~1\U3 [28/07/2005|12:44] C:\DOCUME~1\Bertrand\APPLIC~1\Wildfire [23/10/2005|18:44] C:\DOCUME~1\Bertrand\APPLIC~1\Zylom [25/05/2005|22:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [20/01/2008|08:36] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Adobe [31/05/2005|00:08] C:\DOCUME~1\JEAN-L~1\APPLIC~1\AdobeUM [05/05/2007|08:32] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Apple Computer [02/06/2005|14:35] C:\DOCUME~1\JEAN-L~1\APPLIC~1\ArcSoft [09/07/2009|23:13] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Canon [14/11/2005|22:52] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Creative [29/06/2005|22:16] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Help [25/05/2005|22:21] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Identities [05/06/2007|23:17] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Image Zone Express [30/10/2005|08:38] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Interactive Agents [02/04/2008|13:33] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Lavasoft [16/06/2005|15:39] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Macromedia [18/07/2009|08:30] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Malwarebytes [20/04/2006|11:18] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Media Player Classic [02/11/2008|23:38] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Microsoft [15/09/2008|10:10] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Mozilla [08/05/2009|20:00] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Nikon [30/05/2006|14:28] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Real [25/05/2005|22:30] C:\DOCUME~1\JEAN-L~1\APPLIC~1\ScanSoft [05/01/2006|14:08] C:\DOCUME~1\JEAN-L~1\APPLIC~1\SolSuite [15/10/2007|22:58] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Sony Ericsson [10/06/2005|13:35] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Sun [20/02/2006|17:17] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Talkback [24/06/2006|17:13] C:\DOCUME~1\JEAN-L~1\APPLIC~1\TaoUSign [15/10/2007|23:04] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Teleca [01/06/2005|14:11] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Thunderbird [14/04/2007|17:34] C:\DOCUME~1\JEAN-L~1\APPLIC~1\U3 [25/05/2005|23:32] C:\DOCUME~1\JEAN-L~1\APPLIC~1\vlc [17/10/2005|23:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [17/10/2005|23:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [02/04/2008|13:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/10/2005|23:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\PDFcreator [02/04/2008|13:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [11/07/2009 19:41][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [29/07/2009 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job [29/07/2009 21:45][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [18/05/2006|21:32] C:\Program Files\A.S.C [15/09/2008|09:30] C:\Program Files\Adobe [20/09/2008|15:00] C:\Program Files\Apple Software Update [25/05/2005|22:28] C:\Program Files\ArcSoft [27/04/2009|08:42] C:\Program Files\Ask Search Assistant [23/02/2007|20:11] C:\Program Files\Astonsoft [27/07/2009|18:42] C:\Program Files\Avira [09/04/2008|15:52] C:\Program Files\AxBx [11/11/2006|17:05] C:\Program Files\BitTorrent [15/07/2009|16:34] C:\Program Files\Bonjour [16/10/2005|23:03] C:\Program Files\Borland [09/06/2005|20:58] C:\Program Files\calimco [15/09/2008|09:27] C:\Program Files\Canon [26/10/2005|14:43] C:\Program Files\ClassportSH [02/05/2008|17:07] C:\Program Files\Dictionnaire [09/05/2006|18:44] C:\Program Files\DIFX [25/05/2005|22:51] C:\Program Files\DivX [07/06/2009|19:33] C:\Program Files\Dofus [22/07/2009|21:51] C:\Program Files\eMule [27/02/2008|09:24] C:\Program Files\Everest Poker [17/12/2008|21:35] C:\Program Files\Fichiers communs [23/02/2007|19:10] C:\Program Files\Free Audio Pack [17/06/2008|12:00] C:\Program Files\GALA-NET [23/02/2007|19:11] C:\Program Files\GIMP-2.0 [29/02/2008|01:07] C:\Program Files\Gpotato [07/04/2008|20:59] C:\Program Files\Gpotato.eu [30/06/2009|13:15] C:\Program Files\Hewlett-Packard [03/06/2007|11:52] C:\Program Files\HP [01/02/2007|20:57] C:\Program Files\hp deskjet 3420 series [27/02/2008|01:47] C:\Program Files\Hypermule [08/01/2007|22:01] C:\Program Files\Illustrate [20/02/2009|01:30] C:\Program Files\InstallShield Installation Information [29/07/2009|17:13] C:\Program Files\Internet Explorer [15/07/2009|16:43] C:\Program Files\iPod [14/09/2008|23:15] C:\Program Files\iPod(2) [25/02/2007|15:14] C:\Program Files\iVisit [15/02/2006|11:24] C:\Program Files\Jasc Software Inc [15/07/2009|16:10] C:\Program Files\Java [06/10/2005|19:19] C:\Program Files\ListeCd2 [08/01/2007|19:45] C:\Program Files\LitexMedia [12/07/2009|17:49] C:\Program Files\Malwarebytes' Anti-Malware [28/06/2008|11:08] C:\Program Files\MediaInfo [28/07/2009|23:12] C:\Program Files\Messenger [29/07/2009|20:22] C:\Program Files\Messenger Plus! Live [28/06/2008|11:26] C:\Program Files\MessengerDiscovery [09/05/2006|19:19] C:\Program Files\MessengerPlus! 3 [17/12/2008|22:13] C:\Program Files\Microsoft [18/11/2007|23:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [25/05/2005|22:15] C:\Program Files\microsoft frontpage [27/07/2005|11:21] C:\Program Files\Microsoft Games [18/04/2008|23:32] C:\Program Files\Microsoft Office [25/07/2009|03:36] C:\Program Files\Microsoft Silverlight [18/11/2007|17:56] C:\Program Files\Microsoft SQL Server Compact Edition [17/12/2008|22:10] C:\Program Files\Microsoft Sync Framework [25/05/2005|23:23] C:\Program Files\Microsoft Visual Studio [28/10/2005|17:51] C:\Program Files\Microsoft Windows Script [28/07/2009|23:10] C:\Program Files\Movie Maker [29/07/2009|21:54] C:\Program Files\Mozilla Firefox [18/04/2008|23:28] C:\Program Files\MSECache [25/05/2005|22:09] C:\Program Files\MSN [30/06/2006|09:21] C:\Program Files\MSN Games [25/05/2005|22:09] C:\Program Files\MSN Gaming Zone [28/06/2008|11:25] C:\Program Files\MSN Messenger [18/11/2007|22:48] C:\Program Files\MSXML 4.0 [29/07/2009|20:51] C:\Program Files\Navilog1 [28/07/2009|23:03] C:\Program Files\NetMeeting [28/07/2009|23:03] C:\Program Files\Outlook Express [01/02/2007|23:36] C:\Program Files\PDFCreator [07/11/2005|21:16] C:\Program Files\PE Explorer [30/07/2006|23:02] C:\Program Files\PHILIPS [15/04/2007|12:36] C:\Program Files\PhotoCite Collection [15/07/2009|16:33] C:\Program Files\QuickTime [23/05/2006|19:42] C:\Program Files\Real [03/09/2007|21:03] C:\Program Files\SAGEM [25/05/2005|22:29] C:\Program Files\ScanSoft [24/12/2005|13:11] C:\Program Files\Scatlaws [08/05/2006|13:43] C:\Program Files\ScreensaverSource-Bikini [25/05/2005|22:11] C:\Program Files\Services en ligne [01/04/2006|17:37] C:\Program Files\Siber Systems [10/12/2006|14:52] C:\Program Files\Split and Tile Trial [01/05/2008|10:56] C:\Program Files\Spybot - Search & Destroy [29/02/2008|11:28] C:\Program Files\The KMPlayer [03/09/2007|21:00] C:\Program Files\Thomson [06/03/2007|21:04] C:\Program Files\TRELLIAN [29/07/2009|11:03] C:\Program Files\trend micro [11/10/2005|18:32] C:\Program Files\Trymedia [12/03/2008|15:58] C:\Program Files\Ubi Soft [27/12/2006|12:34] C:\Program Files\Ubisoft [10/12/2006|14:08] C:\Program Files\Ulead Systems [25/05/2005|22:13] C:\Program Files\Uninstall Information [10/04/2007|17:46] C:\Program Files\Usability Sciences [25/05/2005|23:06] C:\Program Files\VIA Technologies, INC [27/02/2008|09:58] C:\Program Files\VideoLAN [23/07/2009|15:21] C:\Program Files\Wanadoo [08/04/2006|14:36] C:\Program Files\Wanadoo Jeux [19/02/2009|02:47] C:\Program Files\Windows Live [17/12/2008|22:05] C:\Program Files\Windows Live SkyDrive [03/01/2008|19:04] C:\Program Files\Windows Media Connect 2 [28/07/2009|23:03] C:\Program Files\Windows Media Player [28/07/2009|23:03] C:\Program Files\Windows NT [26/05/2005|22:35] C:\Program Files\WindowsUpdate [07/11/2005|21:48] C:\Program Files\WinPcap [22/01/2006|22:27] C:\Program Files\WinRAR [27/12/2005|16:23] C:\Program Files\WordBiz [25/05/2005|22:15] C:\Program Files\xerox [25/05/2005|22:52] C:\Program Files\XviD [04/06/2005|14:25] C:\Program Files\Yahoo! [09/06/2005|20:58] C:\Program Files\Zero G Registry [23/10/2005|19:27] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/09/2008|09:30] C:\Program Files\Fichiers communs\Adobe [15/07/2009|16:43] C:\Program Files\Fichiers communs\Apple [08/06/2005|13:14] C:\Program Files\Fichiers communs\BOONTY Shared [25/05/2005|23:23] C:\Program Files\Fichiers communs\Designer [03/06/2007|11:52] C:\Program Files\Fichiers communs\HP [28/02/2008|18:08] C:\Program Files\Fichiers communs\InstallShield [02/08/2006|10:42] C:\Program Files\Fichiers communs\Knowledge Adventure [24/06/2005|20:36] C:\Program Files\Fichiers communs\Macrovision Shared [19/02/2009|02:41] C:\Program Files\Fichiers communs\Microsoft Shared [25/05/2005|22:10] C:\Program Files\Fichiers communs\MSSoap [15/04/2006|14:50] C:\Program Files\Fichiers communs\muvee Technologies [16/04/2006|19:13] C:\Program Files\Fichiers communs\Nikon [25/05/2005|23:02] C:\Program Files\Fichiers communs\ODBC [30/07/2006|23:06] C:\Program Files\Fichiers communs\PhilipsMM [28/02/2008|01:37] C:\Program Files\Fichiers communs\Real [15/09/2008|09:33] C:\Program Files\Fichiers communs\ScanSoft Shared [25/05/2005|22:11] C:\Program Files\Fichiers communs\Services [25/05/2005|23:02] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2005|09:48] C:\Program Files\Fichiers communs\SWF Studio [28/07/2009|23:03] C:\Program Files\Fichiers communs\System [28/02/2008|02:28] C:\Program Files\Fichiers communs\Teleca Shared [17/12/2008|21:35] C:\Program Files\Fichiers communs\Windows Live [18/11/2007|17:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 45 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-29 22:13:40 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1222 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:6][D:1]-> C:\DOCUME~1\Bertrand\LOCALS~1\Temp [F:9][D:0]-> C:\DOCUME~1\Bertrand\Cookies [F:6][D:4]-> C:\DOCUME~1\Bertrand\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 29/07/2009|22:07 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 29/07/2009|22:19 - Option : [2] --------------------\\ Fin du rapport a 22:19:03 Es-ce normal que des dossiers de fichiers des utilitaires utilisés lors de la désinfection soient encore présent sur mon ordinateur? Navilog n'est pas présent dans Ajout suppression de programmes c'est normal? Voila pear tu as tout en main je te laisse bosser a très bientôt

Voici le contenu de lopR.txt : --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : Version 1.00 USER : Bertrand ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.30 (Not Activated) C:\ (Local Disk) - NTFS - Total:19 Go (Free:1 Go) D:\ (Local Disk) - NTFS - Total:18 Go (Free:4 Go) E:\ (CD or DVD) F:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 29/07/2009|21:59 ) --------------------\\ Listing des dossiers dans APPLIC~1 [15/07/2009|16:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [31/05/2008|22:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [04/10/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [17/03/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [27/07/2009|18:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [08/06/2005|13:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [01/02/2007|20:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP [29/03/2009|14:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant [28/02/2008|19:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield [24/06/2005|20:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision [12/07/2009|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [23/06/2006|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [19/02/2009|02:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [06/11/2005|18:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [15/04/2006|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies [14/09/2005|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberon Media [26/05/2006|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [28/05/2005|19:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [01/04/2006|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm [08/04/2006|00:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games [15/03/2006|23:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft [01/05/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [25/05/2005|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir [25/05/2005|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard [10/06/2006|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [18/11/2007|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [01/07/2005|13:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom [19/01/2008|13:52] C:\DOCUME~1\Bertrand\APPLIC~1\Adobe [31/05/2008|22:46] C:\DOCUME~1\Bertrand\APPLIC~1\AdobeUM [17/03/2007|20:26] C:\DOCUME~1\Bertrand\APPLIC~1\Apple Computer [31/08/2005|21:34] C:\DOCUME~1\Bertrand\APPLIC~1\ArcSoft [26/09/2006|20:10] C:\DOCUME~1\Bertrand\APPLIC~1\BitTorrent [06/01/2006|20:50] C:\DOCUME~1\Bertrand\APPLIC~1\BVS Solitaire Collection [02/07/2009|11:06] C:\DOCUME~1\Bertrand\APPLIC~1\Canon [29/04/2006|15:11] C:\DOCUME~1\Bertrand\APPLIC~1\Chessmaster Challenge [07/01/2006|20:29] C:\DOCUME~1\Bertrand\APPLIC~1\Creative [23/02/2007|20:12] C:\DOCUME~1\Bertrand\APPLIC~1\DeepBurner [29/10/2006|23:30] C:\DOCUME~1\Bertrand\APPLIC~1\dvdcss [29/08/2005|18:27] C:\DOCUME~1\Bertrand\APPLIC~1\eConf [22/07/2009|21:52] C:\DOCUME~1\Bertrand\APPLIC~1\eMule [07/06/2007|13:19] C:\DOCUME~1\Bertrand\APPLIC~1\fltk.org [30/08/2006|16:22] C:\DOCUME~1\Bertrand\APPLIC~1\Google [17/11/2005|20:12] C:\DOCUME~1\Bertrand\APPLIC~1\Help [01/02/2007|21:01] C:\DOCUME~1\Bertrand\APPLIC~1\HP [23/10/2005|18:44] C:\DOCUME~1\Bertrand\APPLIC~1\Identities [20/06/2007|22:13] C:\DOCUME~1\Bertrand\APPLIC~1\Image Zone Express [01/07/2005|22:11] C:\DOCUME~1\Bertrand\APPLIC~1\Incredible Ink [29/10/2005|18:11] C:\DOCUME~1\Bertrand\APPLIC~1\Interactive Agents [15/09/2008|09:30] C:\DOCUME~1\Bertrand\APPLIC~1\InterTrust [06/07/2005|10:41] C:\DOCUME~1\Bertrand\APPLIC~1\Lavasoft [11/11/2006|17:40] C:\DOCUME~1\Bertrand\APPLIC~1\Leadertech [24/03/2006|18:42] C:\DOCUME~1\Bertrand\APPLIC~1\Macromedia [12/07/2009|17:49] C:\DOCUME~1\Bertrand\APPLIC~1\Malwarebytes [01/04/2006|17:11] C:\DOCUME~1\Bertrand\APPLIC~1\Media Player Classic [02/04/2008|13:33] C:\DOCUME~1\Bertrand\APPLIC~1\Microsoft [24/06/2005|20:06] C:\DOCUME~1\Bertrand\APPLIC~1\Mind Control Software [02/09/2008|00:09] C:\DOCUME~1\Bertrand\APPLIC~1\Mozilla [24/05/2009|18:48] C:\DOCUME~1\Bertrand\APPLIC~1\MSN6 [15/04/2006|16:44] C:\DOCUME~1\Bertrand\APPLIC~1\muvee Technologies [16/04/2006|19:13] C:\DOCUME~1\Bertrand\APPLIC~1\Nikon [25/12/2005|18:38] C:\DOCUME~1\Bertrand\APPLIC~1\PDFcreator [26/05/2006|10:31] C:\DOCUME~1\Bertrand\APPLIC~1\PlayFirst [10/04/2007|23:50] C:\DOCUME~1\Bertrand\APPLIC~1\pokerth [28/02/2008|01:36] C:\DOCUME~1\Bertrand\APPLIC~1\Real [26/10/2006|10:47] C:\DOCUME~1\Bertrand\APPLIC~1\ScanSoft [18/03/2007|21:33] C:\DOCUME~1\Bertrand\APPLIC~1\Screenshot Sender [14/10/2007|03:46] C:\DOCUME~1\Bertrand\APPLIC~1\Sony Ericsson [08/06/2005|18:35] C:\DOCUME~1\Bertrand\APPLIC~1\Sun [26/11/2006|19:01] C:\DOCUME~1\Bertrand\APPLIC~1\Talkback [01/06/2007|19:42] C:\DOCUME~1\Bertrand\APPLIC~1\TaoUSign [14/10/2007|03:48] C:\DOCUME~1\Bertrand\APPLIC~1\Teleca [28/05/2005|10:02] C:\DOCUME~1\Bertrand\APPLIC~1\Thunderbird [15/04/2007|14:59] C:\DOCUME~1\Bertrand\APPLIC~1\U3 [28/07/2005|12:44] C:\DOCUME~1\Bertrand\APPLIC~1\Wildfire [23/10/2005|18:44] C:\DOCUME~1\Bertrand\APPLIC~1\Zylom [25/05/2005|22:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [20/01/2008|08:36] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Adobe [31/05/2005|00:08] C:\DOCUME~1\JEAN-L~1\APPLIC~1\AdobeUM [05/05/2007|08:32] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Apple Computer [02/06/2005|14:35] C:\DOCUME~1\JEAN-L~1\APPLIC~1\ArcSoft [09/07/2009|23:13] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Canon [14/11/2005|22:52] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Creative [29/06/2005|22:16] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Help [25/05/2005|22:21] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Identities [05/06/2007|23:17] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Image Zone Express [30/10/2005|08:38] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Interactive Agents [02/04/2008|13:33] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Lavasoft [16/06/2005|15:39] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Macromedia [18/07/2009|08:30] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Malwarebytes [20/04/2006|11:18] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Media Player Classic [02/11/2008|23:38] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Microsoft [15/09/2008|10:10] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Mozilla [08/05/2009|20:00] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Nikon [30/05/2006|14:28] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Real [25/05/2005|22:30] C:\DOCUME~1\JEAN-L~1\APPLIC~1\ScanSoft [05/01/2006|14:08] C:\DOCUME~1\JEAN-L~1\APPLIC~1\SolSuite [15/10/2007|22:58] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Sony Ericsson [10/06/2005|13:35] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Sun [20/02/2006|17:17] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Talkback [24/06/2006|17:13] C:\DOCUME~1\JEAN-L~1\APPLIC~1\TaoUSign [15/10/2007|23:04] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Teleca [01/06/2005|14:11] C:\DOCUME~1\JEAN-L~1\APPLIC~1\Thunderbird [14/04/2007|17:34] C:\DOCUME~1\JEAN-L~1\APPLIC~1\U3 [25/05/2005|23:32] C:\DOCUME~1\JEAN-L~1\APPLIC~1\vlc [17/10/2005|23:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe [17/10/2005|23:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\AdobeUM [02/04/2008|13:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [17/10/2005|23:20] C:\DOCUME~1\LOCALS~1\APPLIC~1\PDFcreator [02/04/2008|13:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [11/07/2009 19:41][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job [29/07/2009 20:00][--a------] C:\WINDOWS\tasks\HPpromotions journeysoftware.job [29/07/2009 21:45][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 16:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [18/05/2006|21:32] C:\Program Files\A.S.C [15/09/2008|09:30] C:\Program Files\Adobe [20/09/2008|15:00] C:\Program Files\Apple Software Update [25/05/2005|22:28] C:\Program Files\ArcSoft [27/04/2009|08:42] C:\Program Files\Ask Search Assistant [23/02/2007|20:11] C:\Program Files\Astonsoft [27/07/2009|18:42] C:\Program Files\Avira [09/04/2008|15:52] C:\Program Files\AxBx [11/11/2006|17:05] C:\Program Files\BitTorrent [15/07/2009|16:34] C:\Program Files\Bonjour [16/10/2005|23:03] C:\Program Files\Borland [09/06/2005|20:58] C:\Program Files\calimco [15/09/2008|09:27] C:\Program Files\Canon [26/10/2005|14:43] C:\Program Files\ClassportSH [02/05/2008|17:07] C:\Program Files\Dictionnaire [09/05/2006|18:44] C:\Program Files\DIFX [25/05/2005|22:51] C:\Program Files\DivX [07/06/2009|19:33] C:\Program Files\Dofus [22/07/2009|21:51] C:\Program Files\eMule [27/02/2008|09:24] C:\Program Files\Everest Poker [17/12/2008|21:35] C:\Program Files\Fichiers communs [23/02/2007|19:10] C:\Program Files\Free Audio Pack [17/06/2008|12:00] C:\Program Files\GALA-NET [23/02/2007|19:11] C:\Program Files\GIMP-2.0 [29/02/2008|01:07] C:\Program Files\Gpotato [07/04/2008|20:59] C:\Program Files\Gpotato.eu [30/06/2009|13:15] C:\Program Files\Hewlett-Packard [03/06/2007|11:52] C:\Program Files\HP [01/02/2007|20:57] C:\Program Files\hp deskjet 3420 series [27/02/2008|01:47] C:\Program Files\Hypermule [08/01/2007|22:01] C:\Program Files\Illustrate [20/02/2009|01:30] C:\Program Files\InstallShield Installation Information [29/07/2009|17:13] C:\Program Files\Internet Explorer [15/07/2009|16:43] C:\Program Files\iPod [14/09/2008|23:15] C:\Program Files\iPod(2) [25/02/2007|15:14] C:\Program Files\iVisit [15/02/2006|11:24] C:\Program Files\Jasc Software Inc [15/07/2009|16:10] C:\Program Files\Java [06/10/2005|19:19] C:\Program Files\ListeCd2 [08/01/2007|19:45] C:\Program Files\LitexMedia [12/07/2009|17:49] C:\Program Files\Malwarebytes' Anti-Malware [28/06/2008|11:08] C:\Program Files\MediaInfo [28/07/2009|23:12] C:\Program Files\Messenger [29/07/2009|20:22] C:\Program Files\Messenger Plus! Live [28/06/2008|11:26] C:\Program Files\MessengerDiscovery [09/05/2006|19:19] C:\Program Files\MessengerPlus! 3 [17/12/2008|22:13] C:\Program Files\Microsoft [18/11/2007|23:01] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [25/05/2005|22:15] C:\Program Files\microsoft frontpage [27/07/2005|11:21] C:\Program Files\Microsoft Games [18/04/2008|23:32] C:\Program Files\Microsoft Office [25/07/2009|03:36] C:\Program Files\Microsoft Silverlight [18/11/2007|17:56] C:\Program Files\Microsoft SQL Server Compact Edition [17/12/2008|22:10] C:\Program Files\Microsoft Sync Framework [25/05/2005|23:23] C:\Program Files\Microsoft Visual Studio [28/10/2005|17:51] C:\Program Files\Microsoft Windows Script [28/07/2009|23:10] C:\Program Files\Movie Maker [29/07/2009|21:54] C:\Program Files\Mozilla Firefox [18/04/2008|23:28] C:\Program Files\MSECache [25/05/2005|22:09] C:\Program Files\MSN [30/06/2006|09:21] C:\Program Files\MSN Games [25/05/2005|22:09] C:\Program Files\MSN Gaming Zone [28/06/2008|11:25] C:\Program Files\MSN Messenger [18/11/2007|22:48] C:\Program Files\MSXML 4.0 [29/07/2009|20:51] C:\Program Files\Navilog1 [28/07/2009|23:03] C:\Program Files\NetMeeting [28/07/2009|23:03] C:\Program Files\Outlook Express [01/02/2007|23:36] C:\Program Files\PDFCreator [07/11/2005|21:16] C:\Program Files\PE Explorer [30/07/2006|23:02] C:\Program Files\PHILIPS [15/04/2007|12:36] C:\Program Files\PhotoCite Collection [15/07/2009|16:33] C:\Program Files\QuickTime [23/05/2006|19:42] C:\Program Files\Real [03/09/2007|21:03] C:\Program Files\SAGEM [25/05/2005|22:29] C:\Program Files\ScanSoft [24/12/2005|13:11] C:\Program Files\Scatlaws [08/05/2006|13:43] C:\Program Files\ScreensaverSource-Bikini [25/05/2005|22:11] C:\Program Files\Services en ligne [01/04/2006|17:37] C:\Program Files\Siber Systems [10/12/2006|14:52] C:\Program Files\Split and Tile Trial [01/05/2008|10:56] C:\Program Files\Spybot - Search & Destroy [29/02/2008|11:28] C:\Program Files\The KMPlayer [03/09/2007|21:00] C:\Program Files\Thomson [06/03/2007|21:04] C:\Program Files\TRELLIAN [29/07/2009|11:03] C:\Program Files\trend micro [11/10/2005|18:32] C:\Program Files\Trymedia [12/03/2008|15:58] C:\Program Files\Ubi Soft [27/12/2006|12:34] C:\Program Files\Ubisoft [10/12/2006|14:08] C:\Program Files\Ulead Systems [25/05/2005|22:13] C:\Program Files\Uninstall Information [10/04/2007|17:46] C:\Program Files\Usability Sciences [25/05/2005|23:06] C:\Program Files\VIA Technologies, INC [27/02/2008|09:58] C:\Program Files\VideoLAN [23/07/2009|15:21] C:\Program Files\Wanadoo [08/04/2006|14:36] C:\Program Files\Wanadoo Jeux [19/02/2009|02:47] C:\Program Files\Windows Live [17/12/2008|22:05] C:\Program Files\Windows Live SkyDrive [03/01/2008|19:04] C:\Program Files\Windows Media Connect 2 [28/07/2009|23:03] C:\Program Files\Windows Media Player [28/07/2009|23:03] C:\Program Files\Windows NT [26/05/2005|22:35] C:\Program Files\WindowsUpdate [07/11/2005|21:48] C:\Program Files\WinPcap [22/01/2006|22:27] C:\Program Files\WinRAR [27/12/2005|16:23] C:\Program Files\WordBiz [25/05/2005|22:15] C:\Program Files\xerox [25/05/2005|22:52] C:\Program Files\XviD [04/06/2005|14:25] C:\Program Files\Yahoo! [09/06/2005|20:58] C:\Program Files\Zero G Registry [23/10/2005|19:27] C:\Program Files\Zylom Games --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [15/09/2008|09:30] C:\Program Files\Fichiers communs\Adobe [15/07/2009|16:43] C:\Program Files\Fichiers communs\Apple [08/06/2005|13:14] C:\Program Files\Fichiers communs\BOONTY Shared [25/05/2005|23:23] C:\Program Files\Fichiers communs\Designer [03/06/2007|11:52] C:\Program Files\Fichiers communs\HP [28/02/2008|18:08] C:\Program Files\Fichiers communs\InstallShield [02/08/2006|10:42] C:\Program Files\Fichiers communs\Knowledge Adventure [24/06/2005|20:36] C:\Program Files\Fichiers communs\Macrovision Shared [19/02/2009|02:41] C:\Program Files\Fichiers communs\Microsoft Shared [25/05/2005|22:10] C:\Program Files\Fichiers communs\MSSoap [15/04/2006|14:50] C:\Program Files\Fichiers communs\muvee Technologies [16/04/2006|19:13] C:\Program Files\Fichiers communs\Nikon [25/05/2005|23:02] C:\Program Files\Fichiers communs\ODBC [30/07/2006|23:06] C:\Program Files\Fichiers communs\PhilipsMM [28/02/2008|01:37] C:\Program Files\Fichiers communs\Real [15/09/2008|09:33] C:\Program Files\Fichiers communs\ScanSoft Shared [25/05/2005|22:11] C:\Program Files\Fichiers communs\Services [25/05/2005|23:02] C:\Program Files\Fichiers communs\SpeechEngines [02/07/2005|09:48] C:\Program Files\Fichiers communs\SWF Studio [28/07/2009|23:03] C:\Program Files\Fichiers communs\System [28/02/2008|02:28] C:\Program Files\Fichiers communs\Teleca Shared [17/12/2008|21:35] C:\Program Files\Fichiers communs\Windows Live [18/11/2007|17:19] C:\Program Files\Fichiers communs\WindowsLiveInstaller --------------------\\ Process ( 47 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-29 22:01:35 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 1222 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:6][D:1]-> C:\DOCUME~1\Bertrand\LOCALS~1\Temp [F:9][D:0]-> C:\DOCUME~1\Bertrand\Cookies [F:6][D:4]-> C:\DOCUME~1\Bertrand\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 29/07/2009|22:07 - Option : [1] --------------------\\ Fin du rapport a 22:07:40

Voila le rapport après nettoyage : SmitFraudFix v2.423 Rapport fait à 21:33:44,42, 29/07/2009 Executé à partir de C:\Documents and Settings\Bertrand\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C1A2FDA2-1A5B-2A8F-F3A2-B22DA1A3C41D}"="NetWrap for Windows" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\Tasks\At?.job supprimé C:\WINDOWS\system32\ncompat.tlb supprimé C:\WINDOWS\system32\1024\ supprimé C:\Program Files\HQvideo\ supprimé »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{3EA50D2E-9997-41F3-9D48-4164331251CF}: NameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{69998F6E-FEC5-425E-B4B8-A3A915CA7612}: NameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK.2 »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Voici le rapport après recherche de SmitfraudFix : SmitFraudFix v2.423 Rapport fait à 21:18:56,34, 29/07/2009 Executé à partir de C:\Program Files\Mozilla Firefox\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\Program Files\Borland\InterBase\bin\ibguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Borland\InterBase\bin\ibserver.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\system32\devldr32.exe D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Java\jre6\bin\jusched.exe D:\Itunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\Messenger\Msmsgs.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe D:\pictureproject\NkbMonitor.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\Tasks\At?.job PRESENT ! C:\WINDOWS\Tasks\At??.job PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\ncompat.tlb PRESENT ! C:\WINDOWS\system32\1024\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Bertrand »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Bertrand\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Bertrand\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Bertrand\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files C:\Program Files\HQvideo\ PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C1A2FDA2-1A5B-2A8F-F3A2-B22DA1A3C41D}"="NetWrap for Windows" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," »»»»»»»»»»»»»»»»»»»»»»»» RK [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: ADI USB Remote NDIS Network Device - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 Description: Carte de bouclage Microsoft DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{3EA50D2E-9997-41F3-9D48-4164331251CF}: NameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{69998F6E-FEC5-425E-B4B8-A3A915CA7612}: NameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Rapport deuxième session : Fix Navipromo version 4.0.1 commencé le 29/07/2009 19:51:29,53 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 18.07.2009 à 11h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : Version 1.00 USER : Jean-Loup ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.30 (Activated) C:\ (Local Disk) - NTFS - Total:19 Go (Free:1 Go) D:\ (Local Disk) - NTFS - Total:18 Go (Free:4 Go) E:\ (CD or DVD) F:\ (CD or DVD) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Jean-Loup\locals~1\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! *** Scan terminé 29/07/2009 20:32:08,45 ***

Navilog rapport première session : Fix Navipromo version 4.0.1 commencé le 29/07/2009 18:27:07,43 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 18.07.2009 à 11h00 par IL-MAFIOSO Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Duron Processor ) BIOS : Version 1.00 USER : Bertrand ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.30 (Not Activated) C:\ (Local Disk) - NTFS - Total:19 Go (Free:1 Go) D:\ (Local Disk) - NTFS - Total:18 Go (Free:4 Go) E:\ (CD or DVD) F:\ (CD or DVD) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\WINDOWS\system32\mcwgc_navfx.dat supprimé ! C:\WINDOWS\system32\qsmqqkw.dat supprimé ! Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Bertrand\locals~1\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! *** Scan terminé 29/07/2009 19:10:25,60 ***

Oups j'ai posté deux messages et en plus je ne sais pas comment faire pour supprimé le second help

Voici le contenu de log.txt: Logfile of random's system information tool 1.06 (written by random/random) Run by Bertrand at 2009-07-29 11:01:36 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 2 GB (9%) free of 20 GB Total RAM: 255 MB (6% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:03:23, on 29/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Windows Live\Family Safety\fsssvc.exe C:\Program Files\Borland\InterBase\bin\ibguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Borland\InterBase\bin\ibserver.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\system32\devldr32.exe D:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Windows Live\Family Safety\fsui.exe C:\Program Files\Java\jre6\bin\jusched.exe D:\Itunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\Messenger\Msmsgs.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe D:\pictureproject\NkbMonitor.exe D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Bertrand\Bureau\RSIT.exe C:\Program Files\trend micro\Bertrand.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: HomepageBHO - {27150f81-0877-42e9-af13-55e5a3439a26} - C:\WINDOWS\System32\hpE3DF.tmp (file missing) O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\System32\msmsgs.exe O4 - HKLM\..\Run: [MSN Sniffer] C:\Program Files\MsnSniffer\MsnSniffer.exe O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Wanadoo\EspaceWanadoo.exe O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\System32\hgqhp.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [simp] C:\Program Files\Secway\SimpLite-MSN 2.1\SimpLite-MSN.exe O4 - HKCU\..\Run: [qjnevzmsd] c:\windows\system32\qjnevzmsd.exe qjnevzmsd O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [wininet.dll] mscornet.exe O4 - HKLM\..\Policies\Explorer\Run: [nvctrl.exe] nvctrl.exe O4 - HKLM\..\Policies\Explorer\Run: [kernel32.dll] C:\WINDOWS\System32\mssearchnet.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Startup: WireChanger.lnk = C:\Program Files\WiredPlane\WireChanger\WireChanger.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: NkbMonitor.exe.lnk = D:\pictureproject\NkbMonitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {10000000-1000-0000-0000-000000000000} - file://C:\\Recycler\\Q678341.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/Data...6-6D5536C585C9} O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6AA85413-165C-4200-8154-71166077B22E} - http://scripts.dlv4.com/binaries/IA/sysiasvc32_FR_XP.cab O16 - DPF: {71DA2A4E-ACB3-4065-9E41-8BC42EABE427} - http://scripts.dlv4.com/binaries/IA/svcia32_FR_XP.cab O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/...svc32_FR_XP.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA50D2E-9997-41F3-9D48-4164331251CF}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{69998F6E-FEC5-425E-B4B8-A3A915CA7612}: NameServer = 192.168.1.1 O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O22 - SharedTaskScheduler: NetWrap for Windows - {C1A2FDA2-1A5B-2A8F-F3A2-B22DA1A3C41D} - (no file) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 13504 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\At1.job C:\WINDOWS\tasks\At2.job C:\WINDOWS\tasks\At3.job C:\WINDOWS\tasks\At4.job C:\WINDOWS\tasks\At5.job C:\WINDOWS\tasks\At6.job C:\WINDOWS\tasks\HPpromotions journeysoftware.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27150f81-0877-42e9-af13-55e5a3439a26}] HomepageBHO - C:\WINDOWS\System32\hpE3DF.tmp [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe [2002-04-29 188416] "RegSvr32"=C:\WINDOWS\System32\msmsgs.exe [] "MSN Sniffer"=C:\Program Files\MsnSniffer\MsnSniffer.exe [] "WOOKIT"=C:\Program Files\Wanadoo\EspaceWanadoo.exe [] "hgqhp.exe"=C:\WINDOWS\System32\hgqhp.exe [] "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [] "HP Software Update"=D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472] "fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-15 148888] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696] "iTunesHelper"=D:\Itunes\iTunesHelper.exe [2009-06-05 292136] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "wininet.dll"=mscornet.exe [] "nvctrl.exe"=nvctrl.exe [] "kernel32.dll"=C:\WINDOWS\System32\mssearchnet.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "NCLaunch"=C:\WINDOWS\NCLAUNCH.EXe [2005-10-22 40960] "Simp"=C:\Program Files\Secway\SimpLite-MSN 2.1\SimpLite-MSN.exe [] "qjnevzmsd"=c:\windows\system32\qjnevzmsd.exe qjnevzmsd [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408] "BitTorrent"=C:\Program Files\BitTorrent\bittorrent.exe --force_start_minimized [] "MSMSGS"=C:\Program Files\Messenger\Msmsgs.exe [2005-08-31 1658592] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE NkbMonitor.exe.lnk - D:\pictureproject\NkbMonitor.exe C:\Documents and Settings\Bertrand\Menu Démarrer\Programmes\Démarrage Anti-Pub.lnk - C:\Program Files\Antipub\antipub.exe WireChanger.lnk - C:\Program Files\WiredPlane\WireChanger\WireChanger.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\System32\WgaLogon.dll [2006-06-27 3584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] NetWrap for Windows - {C1A2FDA2-1A5B-2A8F-F3A2-B22DA1A3C41D} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLUA"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "AllowLegacyWebView"= "AllowUnhashedWebView"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Hypermule\emule.exe"="C:\Program Files\Hypermule\emule.exe:*:Enabled:eMule" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "D:\Itunes\iTunes.exe"="D:\Itunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-07-29 11:02:30 ----D---- C:\Program Files\trend micro 2009-07-29 11:01:36 ----D---- C:\rsit 2009-07-29 10:47:49 ----SHD---- C:\Config.Msi 2009-07-29 10:29:32 ----D---- C:\WINDOWS\Prefetch 2009-07-28 23:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-07-28 23:36:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-07-28 23:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2009-07-28 23:35:12 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-07-28 23:34:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-07-28 23:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-07-28 23:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$ 2009-07-28 23:33:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-07-28 23:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-07-28 23:33:11 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-07-28 23:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-07-28 23:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-07-28 23:32:24 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-07-28 23:32:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-07-28 23:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-07-28 23:30:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-07-28 23:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-07-28 23:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-07-28 23:27:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-07-28 23:27:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-07-28 23:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-07-28 23:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-07-28 23:25:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-07-28 23:24:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-07-28 23:24:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-07-28 23:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-07-28 23:23:28 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-07-28 23:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-07-28 23:21:15 ----D---- C:\WINDOWS\LastGood.Tmp 2009-07-28 23:10:59 ----D---- C:\WINDOWS\l2schemas 2009-07-28 23:10:57 ----D---- C:\WINDOWS\system32\fr 2009-07-28 19:56:23 ----A---- C:\TCleaner.txt 2009-07-28 19:46:22 ----D---- C:\WINDOWS\ie8updates 2009-07-27 21:15:55 ----HDC---- C:\WINDOWS\ie8 2009-07-27 18:42:10 ----D---- C:\Program Files\Avira 2009-07-27 18:42:10 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-07-27 12:03:28 ----D---- C:\_OTM 2009-07-25 03:29:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2009-07-25 03:29:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2009-07-25 03:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ 2009-07-25 03:27:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2009-07-25 03:24:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2009-07-25 03:20:10 ----HDC---- C:\WINDOWS\$NtUninstallKB961503_0$ 2009-07-25 03:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2009-07-25 03:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$ 2009-07-25 03:17:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$ 2009-07-25 03:16:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$ 2009-07-25 03:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$ 2009-07-25 03:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2_0$ 2009-07-25 03:15:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971633_0$ 2009-07-25 03:15:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-07-25 03:14:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$ 2009-07-25 03:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2009-07-25 03:13:44 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$ 2009-07-25 03:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$ 2009-07-25 03:13:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2009-07-25 03:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$ 2009-07-25 03:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$ 2009-07-25 03:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2009-07-25 03:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$ 2009-07-25 03:06:12 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$ 2009-07-25 03:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968537_0$ 2009-07-25 03:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$ 2009-07-25 03:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2009-07-25 03:05:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961371_0$ 2009-07-25 03:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2009-07-25 03:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ 2009-07-25 03:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$ 2009-07-25 01:36:58 ----N---- C:\WINDOWS\system32\wlanapi.dll 2009-07-25 01:36:40 ----N---- C:\WINDOWS\system32\tspkg.dll 2009-07-25 01:36:39 ----N---- C:\WINDOWS\system32\tsgqec.dll 2009-07-25 01:35:57 ----N---- C:\WINDOWS\system32\setupn.exe 2009-07-25 01:35:52 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2009-07-25 01:35:51 ----N---- C:\WINDOWS\system32\rasqec.dll 2009-07-25 01:35:50 ----N---- C:\WINDOWS\system32\qutil.dll 2009-07-25 01:35:47 ----N---- C:\WINDOWS\system32\qcliprov.dll 2009-07-25 01:35:47 ----N---- C:\WINDOWS\system32\qagentrt.dll 2009-07-25 01:35:47 ----N---- C:\WINDOWS\system32\qagent.dll 2009-07-25 01:35:40 ----N---- C:\WINDOWS\system32\onex.dll 2009-07-25 01:35:05 ----N---- C:\WINDOWS\system32\napstat.exe 2009-07-25 01:35:05 ----N---- C:\WINDOWS\system32\napmontr.dll 2009-07-25 01:35:05 ----N---- C:\WINDOWS\system32\napipsec.dll 2009-07-25 01:35:03 ----N---- C:\WINDOWS\system32\msxml6r.dll 2009-07-25 01:35:03 ----N---- C:\WINDOWS\system32\msxml6.dll 2009-07-25 01:34:59 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2009-07-25 01:34:59 ----N---- C:\WINDOWS\system32\mssha.dll 2009-07-25 01:34:36 ----N---- C:\WINDOWS\system32\mmcperf.exe 2009-07-25 01:34:36 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2009-07-25 01:34:36 ----N---- C:\WINDOWS\system32\mmcex.dll 2009-07-25 01:34:35 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2009-07-25 01:33:58 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2009-07-25 01:33:57 ----N---- C:\WINDOWS\system32\kmsvc.dll 2009-07-25 01:33:57 ----N---- C:\WINDOWS\system32\kbdpash.dll 2009-07-25 01:33:57 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2009-07-25 01:33:56 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2009-07-25 01:33:56 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2009-07-25 01:33:51 ----N---- C:\WINDOWS\system32\smtpapi.dll 2009-07-25 01:33:51 ----N---- C:\WINDOWS\system32\rwnh.dll 2009-07-25 01:33:45 ----N---- C:\WINDOWS\system32\ieencode.dll 2009-07-25 01:33:35 ----A---- C:\WINDOWS\006015_.tmp 2009-07-25 01:33:33 ----N---- C:\WINDOWS\system32\eapsvc.dll 2009-07-25 01:33:33 ----N---- C:\WINDOWS\system32\eapqec.dll 2009-07-25 01:33:32 ----N---- C:\WINDOWS\system32\eappprxy.dll 2009-07-25 01:33:32 ----N---- C:\WINDOWS\system32\eapphost.dll 2009-07-25 01:33:32 ----N---- C:\WINDOWS\system32\eappgnui.dll 2009-07-25 01:33:32 ----N---- C:\WINDOWS\system32\eappcfg.dll 2009-07-25 01:33:32 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2009-07-25 01:33:32 ----N---- C:\WINDOWS\system32\eapolqec.dll 2009-07-25 01:33:22 ----N---- C:\WINDOWS\system32\dot3ui.dll 2009-07-25 01:33:22 ----N---- C:\WINDOWS\system32\dot3svc.dll 2009-07-25 01:33:22 ----N---- C:\WINDOWS\system32\dot3msm.dll 2009-07-25 01:33:22 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2009-07-25 01:33:22 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2009-07-25 01:33:21 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2009-07-25 01:33:21 ----N---- C:\WINDOWS\system32\dot3api.dll 2009-07-25 01:33:14 ----N---- C:\WINDOWS\system32\dimsroam.dll 2009-07-25 01:33:14 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2009-07-25 01:33:12 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2009-07-25 01:32:59 ----N---- C:\WINDOWS\system32\credssp.dll 2009-07-25 01:32:47 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2009-07-25 01:32:46 ----N---- C:\WINDOWS\system32\azroles.dll 2009-07-25 01:32:34 ----N---- C:\WINDOWS\system32\aaclient.dll 2009-07-24 19:19:31 ----A---- C:\FindyKill.txt 2009-07-23 14:41:52 ----D---- C:\FindyKill 2009-07-15 16:43:42 ----D---- C:\Program Files\iPod 2009-07-15 16:42:12 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-07-15 16:34:45 ----D---- C:\Program Files\Bonjour 2009-07-15 16:12:17 ----A---- C:\WINDOWS\system32\javaws.exe 2009-07-15 16:12:17 ----A---- C:\WINDOWS\system32\javaw.exe 2009-07-15 16:12:17 ----A---- C:\WINDOWS\system32\java.exe 2009-07-15 16:12:17 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-07-15 16:10:44 ----D---- C:\Program Files\Java 2009-07-12 19:29:14 ----D---- C:\Avenger 2009-07-12 17:49:35 ----D---- C:\Documents and Settings\Bertrand\Application Data\Malwarebytes 2009-07-12 17:49:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-07-12 17:49:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware ======List of files/folders modified in the last 1 months====== 2009-07-29 11:02:30 ----AD---- C:\Program Files 2009-07-29 10:57:04 ----D---- C:\Program Files\Mozilla Firefox 2009-07-29 10:54:32 ----D---- C:\WINDOWS\Temp 2009-07-29 10:54:19 ----AC---- C:\WINDOWS\OEWABLog.txt 2009-07-29 10:50:20 ----SHD---- C:\WINDOWS\Installer 2009-07-29 10:32:20 ----AD---- C:\WINDOWS\system32 2009-07-29 10:30:59 ----AC---- C:\WINDOWS\setuplog.txt 2009-07-29 10:30:03 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-29 10:30:01 ----AD---- C:\WINDOWS 2009-07-29 10:28:58 ----D---- C:\WINDOWS\system32\Setup 2009-07-29 10:28:58 ----D---- C:\WINDOWS\AppPatch 2009-07-29 10:28:57 ----D---- C:\WINDOWS\system32\wbem 2009-07-29 10:28:55 ----RSD---- C:\WINDOWS\Fonts 2009-07-29 10:28:42 ----HD---- C:\WINDOWS\system32\drivers 2009-07-29 01:56:09 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-28 23:37:28 ----HD---- C:\WINDOWS\inf 2009-07-28 23:37:23 ----D---- C:\WINDOWS\system32\CatRoot 2009-07-28 23:37:20 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-07-28 23:26:59 ----D---- C:\WINDOWS\security 2009-07-28 23:23:31 ----D---- C:\WINDOWS\WinSxS 2009-07-28 23:12:03 ----D---- C:\WINDOWS\ServicePackFiles 2009-07-28 23:12:01 ----D---- C:\Program Files\Messenger 2009-07-28 23:12:00 ----D---- C:\WINDOWS\EHome 2009-07-28 23:11:56 ----D---- C:\WINDOWS\system32\inetsrv 2009-07-28 23:11:55 ----D---- C:\WINDOWS\network diagnostic 2009-07-28 23:11:55 ----D---- C:\WINDOWS\ime 2009-07-28 23:11:54 ----D---- C:\WINDOWS\Help 2009-07-28 23:11:07 ----D---- C:\WINDOWS\system32\fr-fr 2009-07-28 23:11:06 ----D---- C:\WINDOWS\system32\usmt 2009-07-28 23:10:57 ----D---- C:\WINDOWS\system32\bits 2009-07-28 23:10:56 ----D---- C:\WINDOWS\peernet 2009-07-28 23:10:56 ----D---- C:\Program Files\Movie Maker 2009-07-28 23:03:46 ----D---- C:\WINDOWS\system32\Restore 2009-07-28 23:03:46 ----D---- C:\WINDOWS\system32\npp 2009-07-28 23:03:43 ----D---- C:\WINDOWS\msagent 2009-07-28 23:03:41 ----D---- C:\WINDOWS\srchasst 2009-07-28 23:03:39 ----D---- C:\Program Files\NetMeeting 2009-07-28 23:03:29 ----D---- C:\WINDOWS\system32\Com 2009-07-28 23:03:18 ----D---- C:\Program Files\Windows Media Player 2009-07-28 23:03:17 ----D---- C:\Program Files\Windows NT 2009-07-28 23:03:17 ----D---- C:\Program Files\Outlook Express 2009-07-28 23:03:11 ----D---- C:\Program Files\Fichiers communs\System 2009-07-28 23:02:34 ----D---- C:\WINDOWS\system32\oobe 2009-07-28 23:02:24 ----D---- C:\WINDOWS\system 2009-07-28 22:54:42 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-07-28 22:54:03 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-07-28 21:27:23 ----SHD---- C:\System Volume Information 2009-07-28 19:47:25 ----D---- C:\Program Files\Internet Explorer 2009-07-28 19:43:27 ----HD---- C:\WINDOWS\$hf_mig$ 2009-07-27 23:17:06 ----D---- C:\WINDOWS\Media 2009-07-27 21:02:18 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-07-27 20:19:28 ----SD---- C:\WINDOWS\Tasks 2009-07-27 12:03:56 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-07-25 03:36:48 ----D---- C:\Program Files\Microsoft Silverlight 2009-07-25 03:07:29 ----D---- C:\WINDOWS\ie7updates 2009-07-25 00:49:05 ----D---- C:\WINDOWS\Debug 2009-07-23 17:47:32 ----SHD---- C:\RECYCLER 2009-07-23 15:21:42 ----D---- C:\Program Files\Wanadoo 2009-07-22 22:00:09 ----A---- C:\playout.txt 2009-07-22 21:52:03 ----D---- C:\Documents and Settings\Bertrand\Application Data\eMule 2009-07-22 21:51:59 ----D---- C:\Program Files\eMule 2009-07-15 23:52:10 ----AC---- C:\WINDOWS\cdplayer.ini 2009-07-15 16:45:16 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-07-15 16:43:39 ----D---- C:\Program Files\Fichiers communs\Apple 2009-07-15 16:33:30 ----D---- C:\Program Files\QuickTime 2009-07-12 21:58:28 ----D---- C:\Program Files\Messenger Plus! Live 2009-07-07 08:10:58 ----A---- C:\WINDOWS\system32\MRT.exe 2009-07-02 11:06:00 ----D---- C:\Documents and Settings\Bertrand\Application Data\Canon 2009-06-30 13:15:33 ----D---- C:\Program Files\Hewlett-Packard ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-27 28520] R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-18 3279] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\System32\drivers\CdaC15BA.SYS [] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2008-12-08 55136] R3 ctljystk;Creative SBLive! Port de jeux; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712] R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904] R3 emu10k1;Pilote du Gestionnaire d'interface Creative (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2005-10-21 49920] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2005-10-21 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2005-10-21 21568] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 msloop;Pilote de carte de bouclage Microsoft; C:\WINDOWS\System32\DRIVERS\loop.sys [2001-08-17 4992] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] R3 sfman;Pilote du Gestionnaire SoundFont Creative (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480] R3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2008-04-13 12800] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [] S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [2003-12-08 53600] S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [2003-12-08 70688] S3 cdiskdun;cdiskdun; \??\C:\DOCUME~1\Bertrand\LOCALS~1\Temp\cdiskdun.sys [] S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [] S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS [] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016] S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-05-14 32896] S3 NTACCESS;NTACCESS; \??\H:\NTACCESS.sys [] S3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] S3 se57bus;Sony Ericsson Device 087 driver (WDM); C:\WINDOWS\System32\DRIVERS\se57bus.sys [2006-11-30 61536] S3 se57mdfl;Sony Ericsson Device 087 USB WMC Modem Filter; C:\WINDOWS\System32\DRIVERS\se57mdfl.sys [2006-11-30 9360] S3 se57mdm;Sony Ericsson Device 087 USB WMC Modem Driver; C:\WINDOWS\System32\DRIVERS\se57mdm.sys [2006-11-30 97088] S3 se57mgmt;Sony Ericsson Device 087 USB WMC Device Management Drivers (WDM); C:\WINDOWS\System32\DRIVERS\se57mgmt.sys [2006-11-30 88624] S3 se57nd5;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (NDIS); C:\WINDOWS\System32\DRIVERS\se57nd5.sys [2006-11-30 18704] S3 se57obex;Sony Ericsson Device 087 USB WMC OBEX Interface; C:\WINDOWS\System32\DRIVERS\se57obex.sys [2006-11-30 86432] S3 se57unic;Sony Ericsson Device 087 USB Ethernet Emulation SEMC57 (WDM); C:\WINDOWS\System32\DRIVERS\se57unic.sys [2006-11-30 90800] S3 SetupNTGLM7X;SetupNTGLM7X; \??\H:\NTGLM7X.sys [] S3 STIrUsb;STIrUsb.sys USB-IrDA Adapter; C:\WINDOWS\System32\DRIVERS\irstusb.sys [2001-08-17 26624] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-27 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-27 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\System32\drivers\CDAC11BA.EXE [2005-06-24 54784] R2 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R2 InterBaseGuardian;InterBase Guardian; C:\Program Files\Borland\InterBase\bin\ibguard.exe [2001-01-05 22016] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-15 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2007-08-09 73728] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R3 InterBaseServer;InterBase Server; C:\Program Files\Borland\InterBase\bin\ibserver.exe [2001-01-05 1701888] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2005-06-08 69120] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016] S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- Et ensuite le contenu de info.txt : info.txt logfile of random's system information tool 1.06 2009-07-29 11:03:39 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Panorama Maker 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5F68DC8-0278-4AD8-B413-861509B5F25B}\Setup.exe" -l0x40c ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2261C4B-4D9B-4149-8472-31B7A2FEAB91}\setup.exe" -l0x40c Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CanoScan Toolbox 4.6-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{088A077A-8028-408C-AE7B-4512AE2A65A0}\setup.exe" -l0x40c anything Cda Product Service - shared component-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} ColorNick v2 plugin for Messenger Plus!-->"C:\Program Files\MessengerPlus! 3\Plugins\ColorNick\CNuninst.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log" DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC Driver de clavier Occitan-->MsiExec.exe /I{1FD2CE26-0C6E-4B6B-B737-135813B35643} Favorit-->"c:\windows\system32\qsmqqkw.exe" -uninstall GTK+ 2.6.7 runtime environment-->"D:\2.0\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Deskjet 5900 series-->D:\Program Files\HP\Digital Imaging\{79546A5F-AE7C-4693-8670-A3401B43ABD2}\setup\hpzscr01.exe -datfile hpfscr05.dat HP Imaging Device Functions 5.0-->D:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC} HP Solution Center & Imaging Support Tools 5.0-->D:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB} Ink-->MsiExec.exe /I{9FCB2876-554D-491D-A2CD-58F8252D6C64} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} InterBase-->"C:\Program Files\Borland\InterBase\ibuninst.exe" "C:\Program Files\Borland\InterBase\ibuninst.000" iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD} Java 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB3F9176-E74A-4F28-9A09-4F22349B145E}\Setup.exe" -l0x40c Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Manual CanoScan 4200F-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9C54C44-BB5A-4B03-8907-C01A9790195A}\setup.exe" -l0x40c Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (2.0.0.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x40c UNINSTALL OmniPage SE-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDFCreator-->"C:\Program Files\PDFCreator\unins000.exe" PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x40c UNINSTALL QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Select CashBack-->C:\WINDOWS\40vothrv.exe SolSuite-->D:\PROGRA~1\SolSuite\UNWISE.EXE D:\PROGRA~1\SolSuite\INSTALL.LOG WebIQ Technology Engine-->C:\WINDOWS\System32\WebIQEngineSetup.exe u Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Messenger 5.1-->MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPcap 3.1 beta3-->"C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log" XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe" ======Hosts File====== ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: NIMPORTE Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution. Record Number: 59366 Source Name: Service Control Manager Time Written: 20090714183911.000000+120 Event Type: Informations User: Computer Name: NIMPORTE Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12. Record Number: 59365 Source Name: Service Control Manager Time Written: 20090714183911.000000+120 Event Type: Informations User: NIMPORTE\Bertrand Computer Name: NIMPORTE Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté. Record Number: 59364 Source Name: Service Control Manager Time Written: 20090714183711.000000+120 Event Type: Informations User: Computer Name: NIMPORTE Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution. Record Number: 59363 Source Name: Service Control Manager Time Written: 20090714183711.000000+120 Event Type: Informations User: Computer Name: NIMPORTE Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12. Record Number: 59362 Source Name: Service Control Manager Time Written: 20090714183711.000000+120 Event Type: Informations User: NIMPORTE\Bertrand =====Application event log===== Computer Name: NIMPORTE Event Code: 251 Message: Record Number: 4278 Source Name: InterBase Guardian Time Written: 20081103191448.000000+060 Event Type: Informations User: Computer Name: NIMPORTE Event Code: 1 Message: Record Number: 4277 Source Name: Bonjour Service Time Written: 20081103191442.000000+060 Event Type: Informations User: Computer Name: NIMPORTE Event Code: 1516 Message: Windows a déchargé le Registre utilisateur S-1-5-21-842925246-287218729-1801674531-1003 lorsqu'il a reçu une notification qu'aucune application ou aucun service n'utilisait le profil. Record Number: 4276 Source Name: Userenv Time Written: 20081103154729.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: NIMPORTE Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur NIMPORTE\Jean-Loup alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 4275 Source Name: Userenv Time Written: 20081103154726.000000+060 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: NIMPORTE Event Code: 0 Message: Record Number: 4274 Source Name: iPod Service Time Written: 20081103153653.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\WINDOWS\System32;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;D:\2.0\bin;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 7 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=0701 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Petite question : Es que deux sessions marche séprément? Par exemple si je lance une analyse antivirus sur une dois-je la lancer sur l'autre pour être sur que l'analyse soit corectement effectuée ?

Re, Rien dans la corbeille a croire que ToolsCleaner2 n'a rien supprimé... Au redémarrage après installation de la SP3 un message m'indique encore que Power Point et Exel ont rencontré un problème je n'y comprends rien :'( ++

Bonjour a vous deux, Non celle-ci est intacte En ce qui concerne OTM c'est pear qui m'avait demandé de l'utiliser. ++

Alors pourquoi la cocher maintenant si c'est pour la décocher Voici le rapport de ToolsCleaner2: [ Rapport ToolsCleaner version 2.3.9 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\FindyKill.txt: trouvé ! C:\avenger: trouvé ! C:\_OTM: trouvé ! C:\FindyKill: trouvé ! A ne pas comprendre pourquoi Avenger est sur cet ordinateur :s je vais faire mon enquête... Mark si tu reviens sur cette page je veux bien que tu me fasse trouver quand Avenger a été utilisé parce que j'avouerais ne rien comprendre :s

Tu ne déranges pas Mark.... Ils sont peu êtres partis seuls Sérieusement je ne vois pas du tout mais bon laissons place au doute et a l'imaginaire Pour Microsoft Exel et Power Point tout est rentré dans l'ordre plus de messages au démarrage et ils fonctionnent tous deux parfaitement Et la SP3 doit être installée ou non?