Aller au contenu

jp9905

Membres
  • Compteur de contenus

    1 058
  • Inscription

  • Dernière visite

Tout ce qui a été posté par jp9905

  1. Salut Thanos, Tu a vu la capture d'écran d'hier? A te lire.
  2. Bonsoir Apollo, Merci de ton aide Le voila:Mon lien Je suis un peu long!!!
  3. Bonsoir Thanos, Je suis vraiment une banane!! j'arrive pas a faire une capture d'écran!!
  4. Salut Thanos, Sa marche pas! je vois bien le processus, c'est les onglets du haut qui manque seulement. A te lire
  5. Salut, J'ai effectuer et cocher les 9 lignes malheureusement guère de changement! Par contre avant quand j'ouvrai le gestionnaire de tache il y avait : application,processus,performance,mise en réseau,utilisateur, les onglés ont disparu!! Il y a vraiment quelque chose qui merde
  6. Re Bonjour a l'Équipe Sécurité, Serait il possible de contrôler ce que Antivir a découvert ainsi que le rapport Hijac? Je dois lui rendre samedi. Merci par avance pour lui
  7. Salut, Je sais pas ce qui se passe mais quelques choses utilise beaucoup de ressource et impossible de faire quoi que se soit a chaque démarrage!! Voili le rapport: Logfile of random's system information tool 1.08 (written by random/random) Run by JEAN CHRISTIAN at 2010-10-29 01:13:41 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 25 GB (32%) free of 76 GB Total RAM: 511 MB (13% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:14:16, on 29/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\JEAN CHRISTIAN\Bureau\RSIT.exe C:\Program Files\Trend Micro\HiJackThis\JEAN CHRISTIAN.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [sigmaTel StacMon] C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TFncKy] C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe O4 - HKLM\..\Run: [uSB-Set] wscript "C:\Program Files\USB-set\TSR.vbe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [NortonUpdateAgent] C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O4 - Global Startup: Norton AntiVirus.LNK = C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\uistub.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1272668199695 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 8610 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\User_Feed_Synchronization-{D93BD681-311B-46D3-9362-51DA70343E1D}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL [2010-05-14 79224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-14 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-10-14 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-09-24 4861952] "00THotkey"=C:\WINDOWS\System32\00THotkey.exe [2003-05-23 253952] "000StTHK"=C:\WINDOWS\system32\000StTHK.exe [2001-06-23 24576] "TFNF5"=C:\WINDOWS\system32\TFNF5.exe [2003-07-18 73728] "SigmaTel StacMon"=C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe [2003-08-03 86073] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-05-30 110592] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-05-30 614400] "TouchED"=C:\Program Files\TOSHIBA\TouchED\TouchED.Exe [2003-03-11 122880] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2003-10-02 266240] "TFncKy"=C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe [2003-09-18 102400] "USB-Set"=wscript C:\Program Files\USB-set\TSR.vbe [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NVIEW"=nview.dll,nViewLoadHook [] "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-04-14 1957888] "NortonUpdateAgent"=C:\Documents and Settings\All Users\Application Data\Norton\NUA.exe [2010-10-13 2603376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-10-23 443968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-03-01 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vdlDeamon] C:\Program Files\VIDAL\Communs\VIDAL.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk] C:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2005-06-13 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Menu Démarrer^Programmes^Démarrage^Secunia PSI.lnk] C:\PROGRA~1\Secunia\PSI\psi.exe [2009-08-21 900816] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Norton AntiVirus.LNK - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\uistub.exe C:\Documents and Settings\Menu Démarrer\Programmes\Démarrage ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=223 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=223 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer" "C:\eMule\emule.exe"="C:\eMule\emule.exe:*:Disabled:eMule" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Disabled:adsltv" "C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Disabled:Sony Ericsson Media Manager 1.1" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger" "C:\Documents and Settings\JEAN CHRISTIAN\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe"="C:\Documents and Settings\JEAN CHRISTIAN\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe:*:Disabled:java" "C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-10-29 00:33:43 ----A---- C:\Program Files\HomePlayer-1.5.9c-full.exe 2010-10-26 14:55:20 ----A---- C:\RootRepeal-$$$$$$.txt 2010-10-26 14:50:23 ----A---- C:\RootRepeal report 10-26-10 (14-50-23).txt 2010-10-26 14:22:10 ----D---- C:\RootRepeal 2010-10-14 01:32:17 ----A---- C:\WINDOWS\system32\javaws.exe 2010-10-14 01:32:17 ----A---- C:\WINDOWS\system32\javaw.exe 2010-10-14 01:32:17 ----A---- C:\WINDOWS\system32\java.exe 2010-10-14 01:23:27 ----A---- C:\Program Files\jre-6u22-windows-i586-s.exe 2010-10-14 00:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$ 2010-10-14 00:30:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$ 2010-10-14 00:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$ 2010-10-14 00:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$ 2010-10-14 00:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$ 2010-10-14 00:22:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$ 2010-10-14 00:19:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$ 2010-10-14 00:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$ 2010-10-14 00:18:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$ 2010-10-11 01:31:18 ----D---- C:\rsit 2010-09-30 00:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$ ======List of files/folders modified in the last 1 months====== 2010-10-29 01:13:47 ----D---- C:\WINDOWS\Prefetch 2010-10-29 00:54:41 ----RD---- C:\Program Files 2010-10-28 23:11:37 ----D---- C:\Program Files\Mozilla Firefox 2010-10-28 23:06:15 ----D---- C:\WINDOWS\Temp 2010-10-28 22:43:49 ----SHD---- C:\System Volume Information 2010-10-28 22:43:20 ----D---- C:\Documents and Settings\All Users\Application Data\usb-set 2010-10-28 22:42:48 ----D---- C:\WINDOWS\Registration 2010-10-28 15:37:20 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-10-26 14:29:58 ----D---- C:\WINDOWS\system32\drivers 2010-10-25 09:34:35 ----D---- C:\Documents and Settings\JEAN CHRISTIAN\Application Data\dvdcss 2010-10-24 23:19:05 ----D---- C:\Documents and Settings\All Users\Application Data\Norton 2010-10-24 02:30:00 ----A---- C:\WINDOWS\NeroDigital.ini 2010-10-23 09:26:40 ----D---- C:\Program Files\USB-set 2010-10-14 14:27:30 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-10-14 14:25:02 ----D---- C:\WINDOWS\system32\CatRoot2 2010-10-14 01:33:28 ----SHD---- C:\WINDOWS\Installer 2010-10-14 01:33:16 ----D---- C:\Config.Msi 2010-10-14 01:32:19 ----D---- C:\WINDOWS\system32 2010-10-14 01:31:07 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-10-14 00:46:31 ----D---- C:\WINDOWS 2010-10-14 00:45:38 ----D---- C:\Program Files\Internet Explorer 2010-10-14 00:31:59 ----A---- C:\WINDOWS\system32\MRT.exe 2010-10-14 00:31:24 ----HD---- C:\WINDOWS\inf 2010-10-14 00:31:22 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-10-14 00:31:13 ----HD---- C:\WINDOWS\$hf_mig$ 2010-10-14 00:31:10 ----A---- C:\WINDOWS\imsins.BAK 2010-10-14 00:20:24 ----D---- C:\WINDOWS\ie8updates 2010-10-14 00:19:32 ----D---- C:\WINDOWS\WinSxS 2010-10-06 12:13:46 ----D---- C:\WINDOWS\Microsoft.NET 2010-10-06 12:13:41 ----RSD---- C:\WINDOWS\assembly 2010-10-06 11:24:24 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-10-06 11:24:22 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-10-06 10:56:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-10-01 16:36:49 ----D---- C:\Documents and Settings\JEAN CHRISTIAN\Application Data\vlc ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368] R0 BsStor;B.H.A Storage Helper Driver; C:\WINDOWS\system32\drivers\BsStor.sys [2002-06-06 9344] R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2004-03-02 5504] R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2004-03-02 125184] R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-06 639224] R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-11-06 328752] R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-22 173104] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\System32\DRIVERS\TVALZ.SYS [2003-08-07 9216] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [] R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-26 501888] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1108000.005\SRTSPX.SYS [2010-04-22 43696] R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-29 116784] R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1108000.005\SYMTDI.SYS [2010-05-06 361904] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005] R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\System32\DRIVERS\netdevio.sys [2003-01-29 12032] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-09-25 140800] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20101027.001\IDSxpx86.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20101028.008\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20101028.008\NAVEX15.SYS [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-09-24 1370764] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-06-06 47360] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632] R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\System32\DRIVERS\smcirda.sys [2001-09-11 38425] R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1108000.005\SRTSP.SYS [2010-04-22 325680] R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-07-17 230416] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-05-30 271728] R3 TOSHIBASoftModem;TOSHIBA Software Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2002-09-17 809872] R3 tsdhd;TOSHIBA SD Card Host Controller Driver; C:\WINDOWS\System32\DRIVERS\tsdhd.sys [2003-05-14 25888] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w70n51;Pilote Intel® PRO/Wireless 7100 Adapter; C:\WINDOWS\System32\DRIVERS\w70n51.sys [2003-03-27 2379776] S1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [] S1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuDisk;EASEUS Disk Enumerator; C:\WINDOWS\system32\DRIVERS\EuDisk.sys [2009-12-02 122504] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-06-06 94080] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-06-22 13224] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-06-22 25512] S3 gv3;Pilote processeur Intel GV3; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-20 33792] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016] S3 pciSd;pciSd; C:\WINDOWS\System32\DRIVERS\tossdpci.sys [2003-02-12 15143] S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336] S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112] S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680] S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488] S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176] S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696] S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632] S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616] S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\WINDOWS\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-30 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\System32\DVDRAMSV.exe [2003-05-23 106496] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-14 153376] R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370] S3 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2003-09-03 28672] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-09-24 77824] S3 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- A te lire
  8. Bonjour a tous Depuis lundi j'ai un ami qui ma prêté son pc,suite a un problème avec le mien!! J'ai lancer un scan complet avec antivir chose qui n'a jamais fais!!(pas plus que les mises a jour de Windows vista depuis plusieurs mois) Et la antivir détecte un cheval de troie:TR/ransom.hexzaone.jhw (impossible de copier le rapport!) J'ai effectuer toutes les mises a jour pour Windows,ainsi que java,adobe flash player... Installer MBAM scan effectué il n'a rien detecté. Je vous poste le rapport Hijacthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:46:14, on 28/10/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\CANAL+ CANALSAT A LA DEMANDE.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\explorer.exe C:\Users\ Yves\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [CANAL+ CANALSAT A LA DEMANDE] "C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Configuration automatique de réseau câblé (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: Connexions réseau (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: Service de l’Assistant Compatibilité des programmes (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de configuration automatique WLAN (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: Centre de sécurité (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 21995 bytes Dans l'attente de vous lire
  9. Bonjour Thanos, J'ai plus de nouvelles? j'espère que tu ma pas oublié? A te lire
  10. Bonjour Mr Thanos Ouf!!le pc a redémarré Je viens de faire le scan avec RootRepeal le voici: ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2010/10/26 14:32 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: 00000074 Image Path: \Driver\00000074 Address: 0x00000000 Size: 0 File Visible: No Signed: - Status: - Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xEED97000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xEFA50000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB5789000 Size: 49152 File Visible: No Signed: - Status: - Name: SYMDS.SYS Image Path: SYMDS.SYS Address: 0xF82FB000 Size: 352256 File Visible: No Signed: - Status: - Name: SYMEFA.SYS Image Path: SYMEFA.SYS Address: 0xF82BC000 Size: 184320 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\Documents and Settings\JEAN CHRISTIAN\.homeplayer\imagecache\SantanaGuitar Heaven: Santana Performs The Greatest Guitar Classics Of All TimeWhole Lotta Love (featuring Chris Cornell).jpg Status: Visible to the Windows API, but not on disk. Path: c:\documents and settings\jean christian\local settings\application data\mozilla\firefox\profiles\en1yoccw.default\cache\_cache_001_ Status: Allocation size mismatch (API: 2293760, Raw: 2146304) Path: c:\documents and settings\jean christian\local settings\application data\mozilla\firefox\profiles\en1yoccw.default\cache\_cache_002_ Status: Allocation size mismatch (API: 2162688, Raw: 2088960) SSDT ------------------- #: 012 Function Name: NtAlertResumeThread Status: Hooked by "<unknown>" at address 0x8211b578 #: 013 Function Name: NtAlertThread Status: Hooked by "<unknown>" at address 0x8211c1f0 #: 017 Function Name: NtAllocateVirtualMemory Status: Hooked by "<unknown>" at address 0x820424d8 #: 019 Function Name: NtAssignProcessToJobObject Status: Hooked by "<unknown>" at address 0x81f39470 #: 031 Function Name: NtConnectPort Status: Hooked by "<unknown>" at address 0x81eb3688 #: 041 Function Name: NtCreateKey Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xf5406210 #: 043 Function Name: NtCreateMutant Status: Hooked by "<unknown>" at address 0x81f72e08 #: 052 Function Name: NtCreateSymbolicLinkObject Status: Hooked by "<unknown>" at address 0x81f875a8 #: 053 Function Name: NtCreateThread Status: Hooked by "<unknown>" at address 0x81f67108 #: 057 Function Name: NtDebugActiveProcess Status: Hooked by "<unknown>" at address 0x81f33848 #: 063 Function Name: NtDeleteKey Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xf5406490 #: 065 Function Name: NtDeleteValueKey Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xf54069f0 #: 068 Function Name: NtDuplicateObject Status: Hooked by "<unknown>" at address 0x82068f48 #: 071 Function Name: NtEnumerateKey Status: Hooked by "sptd.sys" at address 0xf844384c #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "sptd.sys" at address 0xf8443bec #: 083 Function Name: NtFreeVirtualMemory Status: Hooked by "<unknown>" at address 0x81f3b0a8 #: 089 Function Name: NtImpersonateAnonymousToken Status: Hooked by "<unknown>" at address 0x81f160c8 #: 091 Function Name: NtImpersonateThread Status: Hooked by "<unknown>" at address 0x82122308 #: 097 Function Name: NtLoadDriver Status: Hooked by "<unknown>" at address 0x81ed2a90 #: 108 Function Name: NtMapViewOfSection Status: Hooked by "<unknown>" at address 0x81fe3290 #: 114 Function Name: NtOpenEvent Status: Hooked by "<unknown>" at address 0x81f16ab0 #: 119 Function Name: NtOpenKey Status: Hooked by "sptd.sys" at address 0xf843e090 #: 122 Function Name: NtOpenProcess Status: Hooked by "<unknown>" at address 0x82041238 #: 123 Function Name: NtOpenProcessToken Status: Hooked by "<unknown>" at address 0x82123670 #: 125 Function Name: NtOpenSection Status: Hooked by "<unknown>" at address 0x81f230c8 #: 128 Function Name: NtOpenThread Status: Hooked by "<unknown>" at address 0x81f24558 #: 137 Function Name: NtProtectVirtualMemory Status: Hooked by "<unknown>" at address 0x81f8f9b0 #: 160 Function Name: NtQueryKey Status: Hooked by "sptd.sys" at address 0xf8443cc4 #: 177 Function Name: NtQueryValueKey Status: Hooked by "sptd.sys" at address 0xf8443b44 #: 206 Function Name: NtResumeThread Status: Hooked by "<unknown>" at address 0x82122468 #: 213 Function Name: NtSetContextThread Status: Hooked by "<unknown>" at address 0x82119b98 #: 228 Function Name: NtSetInformationProcess Status: Hooked by "<unknown>" at address 0x81e59158 #: 240 Function Name: NtSetSystemInformation Status: Hooked by "<unknown>" at address 0x81f285d8 #: 247 Function Name: NtSetValueKey Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xf5406c40 #: 253 Function Name: NtSuspendProcess Status: Hooked by "<unknown>" at address 0x81f291f8 #: 254 Function Name: NtSuspendThread Status: Hooked by "<unknown>" at address 0x82119620 #: 257 Function Name: NtTerminateProcess Status: Hooked by "<unknown>" at address 0x8212b348 #: 258 Function Name: NtTerminateThread Status: Hooked by "<unknown>" at address 0x82119730 #: 267 Function Name: NtUnmapViewOfSection Status: Hooked by "<unknown>" at address 0x8211e3a8 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "<unknown>" at address 0x81f24138 Stealth Objects ------------------- Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP] Process: System Address: 0x823651d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_CREATE] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_CLOSE] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_READ] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_WRITE] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_SET_INFORMATION] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_CLEANUP] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Udfsȅ剒敬ȁఅ敓䥶顬뒀齼⭘, IRP_MJ_PNP] Process: System Address: 0x81b021d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP] Process: System Address: 0x8209a1d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_CREATE] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_CLOSE] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_POWER] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: imagedrv, IRP_MJ_PNP] Process: System Address: 0x823661d8 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP] Process: System Address: 0x82131630 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP] Process: System Address: 0x823671d8 Size: 463 Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE] Process: System Address: 0x81ae1980 Size: 463 Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE] Process: System Address: 0x81ae1980 Size: 463 Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x81ae1980 Size: 463 Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x81ae1980 Size: 463 Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP] Process: System Address: 0x81ae1980 Size: 463 Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP] Process: System Address: 0x81ae1980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP] Process: System Address: 0x8212d980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP] Process: System Address: 0x81e5a980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_CREATE] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_CLOSE] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_READ] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_SET_INFORMATION] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_SHUTDOWN] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_CLEANUP] Process: System Address: 0x813ef980 Size: 463 Object: Hidden Code [Driver: winlogonrpc, IRP_MJ_PNP] Process: System Address: 0x813ef980 Size: 463 Shadow SSDT ------------------- #: 307 Function Name: NtUserAttachThreadInput Status: Hooked by "<unknown>" at address 0x82308118 #: 383 Function Name: NtUserGetAsyncKeyState Status: Hooked by "<unknown>" at address 0x81f3d420 #: 414 Function Name: NtUserGetKeyboardState Status: Hooked by "<unknown>" at address 0x820f8530 #: 416 Function Name: NtUserGetKeyState Status: Hooked by "<unknown>" at address 0x822d00e0 #: 428 Function Name: NtUserGetRawInputData Status: Hooked by "<unknown>" at address 0x81db3460 #: 460 Function Name: NtUserMessageCall Status: Hooked by "<unknown>" at address 0x813f99d0 #: 475 Function Name: NtUserPostMessage Status: Hooked by "<unknown>" at address 0x813f6ea8 #: 476 Function Name: NtUserPostThreadMessage Status: Hooked by "<unknown>" at address 0x82194f28 #: 549 Function Name: NtUserSetWindowsHookEx Status: Hooked by "<unknown>" at address 0x81f93ab0 #: 552 Function Name: NtUserSetWinEventHook Status: Hooked by "<unknown>" at address 0x81e9c170 ==EOF== Je suppose que je peux supprimer GMER ? A te lire
  11. Bonjour Thanos Je suis dans la m.... mon pc est tanker toujours sur la même page impossible de rien faire Actuellement je suis avec le pc d'un ami qui me la prêté le temps que le mien re fonctionne? Je compte sur toi!
  12. Re Thanos, J'ai fais ce que tu ma dit!Malheureusement mon pc est bloquer!! Fenetre bloquer a GMER l'analyse a commencer et puis plus rien,(fenetre toujours ouverte mais rien se passe) Actuellement je suis connecte chez un ami,je me demande comment je vais faire parceque j'ai q'un pc a la maison!
  13. Bonsoir/Bonjour Thanos, Je passe par celui de mon FAI(free)! Pour l'antivirus tu pense que Avira ou Kasperky consomme moins au démarrage que celui que j'ai actuellement? J'ai besoin de ton aide encore ,depuis ce soir au démarrage du pc le voyant du disque reste continuellement allumé!! Impossible de faire quoi que ce soit pendant au moins 15minutes,j'ai réussi a ouvrir le gestionnaire de tache et affiche 40 processus et UC utilisée 75. Et après pour ouvrir mon navigateur FF idem 5 bonne minutes!! Qu'est qui se passe mince alors A te lire
  14. Salut Thanos Après quelques jours de vacances me revoilà Donc pour les mails de la part de plan du web sa continue! Pour l'anti virus il me reste encore 35 jours,je me plein pas jusqu'à présent N.... a fait son travail!?(apparemment) A part au démarrage du pc quand mise a jour de l'anti virus un peu long quand même(5a10 minutes!) Tu dit que tu a une nette préférence pour Antivir Ok en version gratuite?(mieux que celui que j'ai) J'ai lu sur le net ainsi que sur l'excellent forum ci présent que beaucoup de gens conseil de changer pour Antivir ou Kaspersky? Je te poste le rapport de MBAM apparemment OK! Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4902 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 21/10/2010 21:55:16 mbam-log-2010-10-21 (21-55-16).txt Type d'examen: Examen complet (C:\|G:\|H:\|I:\|) Elément(s) analysé(s): 241268 Temps écoulé: 5 heure(s), 18 minute(s), 30 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) A te lire
  15. Salut Thanos, Oui toujours plan d web!! je me suis jamais inscrit a rien ni connecter a ce site(inconnu pour moi) Aujourd'hui je viens de recevoir 1 mail : leroymerlin par plan du web -Pour les supports(clé usb,dsq dur)il y a rien a faire? -Pour le démarrage du pc long qui est a l'origine de mon sujet?(croyant être infecté) Je peux supprimer Eset de l'ordi? Dans quelques semaines mon anti virus arrive a expiration tu me conseil quoi en payant? A te lire
  16. Bonjour Thanos, Au niveau de l'analyse il n'y a rien a faire d'autre? Pour les mails reçu je sais pas si il y a un lien?puisque je les ouvres pas!!(par contre j'en reçois au moins 4 a 5 par jours toujours le même PLDWeb
  17. Salut Thanos, Le seul rapport que j'ai trouver est la: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=731db76dfcc36240961c7a99d791f2b7 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-10-13 02:06:58 # local_time=2010-10-13 04:06:58 (+0100, Paris, Madrid (heure d'été)) # country="France" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 14087521 14087521 0 0 # compatibility_mode=1024 16777215 100 0 0 0 0 0 # compatibility_mode=3584 16777191 100 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 272 272 0 0 # scanned=71749 # found=0 # cleaned=0 # scan_time=5128 A te lire
  18. Bonjour Thanos Quand je clic sur le lien ESET Online Scanner Link,il s'affiche pas se que tu me dit de faire! Pas de case YES, I accept the Terms Of Use,ni start! Dans le doute je préfère attendre tes instructions? A te lire.
  19. Re ticlou, Après quelques jours d'absence!j'ai regarder le lien communiqué au dessus très bien, Bizarrement j'ai rien toucher et maintenant le Pc se met en veille!!! En tout cas merci de ton aide
  20. Bonjour Thanos, Merci par avance de m'aider J'ai pas afficher mon adresse mail sur aucun forum ou autre depuis bien longtemps! Je te joint le rapport demander: Logfile of random's system information tool 1.08 (written by random/random) Run by JEAN CHRISTIAN at 2010-10-11 01:31:18 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 34 GB (45%) free of 76 GB Total RAM: 511 MB (11% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:31:48, on 11/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\dllhost.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\JEAN CHRISTIAN\Bureau\RSIT.exe C:\Program Files\Trend Micro\HiJackThis\JEAN CHRISTIAN.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [sigmaTel StacMon] C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TFncKy] C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [uSB-Set] wscript "C:\Program Files\USB-set\TSR.vbe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user') O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe O4 - Global Startup: Norton AntiVirus.LNK = C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\uistub.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1272668199695 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 8029 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Maintenance en 1 clic.job C:\WINDOWS\tasks\User_Feed_Synchronization-{D93BD681-311B-46D3-9362-51DA70343E1D}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\IPSBHO.DLL [2010-05-14 79224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-20 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-09-24 4861952] "00THotkey"=C:\WINDOWS\System32\00THotkey.exe [2003-05-23 253952] "000StTHK"=C:\WINDOWS\system32\000StTHK.exe [2001-06-23 24576] "TFNF5"=C:\WINDOWS\system32\TFNF5.exe [2003-07-18 73728] "SigmaTel StacMon"=C:\Program Files\SigmaTel\Pilotes Audio SigmaTel AC97\stacmon.exe [2003-08-03 86073] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-05-30 110592] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-05-30 614400] "TouchED"=C:\Program Files\TOSHIBA\TouchED\TouchED.Exe [2003-03-11 122880] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2003-10-02 266240] "TFncKy"=C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe [2003-09-18 102400] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-14 248552] "USB-Set"=wscript C:\Program Files\USB-set\TSR.vbe [] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NVIEW"=nview.dll,nViewLoadHook [] "NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-04-14 1957888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-10-23 443968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-03-01 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vdlDeamon] C:\Program Files\VIDAL\Communs\VIDAL.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk] C:\PROGRA~1\PANASO~1\LUMIXS~1\PHLEAU~1.EXE [2005-06-13 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Menu Démarrer^Programmes^Démarrage^Secunia PSI.lnk] C:\PROGRA~1\Secunia\PSI\psi.exe [2009-08-21 900816] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Norton AntiVirus.LNK - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\uistub.exe C:\Documents and Settings\Menu Démarrer\Programmes\Démarrage ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=223 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveTypeAutoRun"=223 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer" "C:\eMule\emule.exe"="C:\eMule\emule.exe:*:Disabled:eMule" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Disabled:adsltv" "C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Disabled:Sony Ericsson Media Manager 1.1" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger" "C:\Documents and Settings\JEAN CHRISTIAN\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe"="C:\Documents and Settings\JEAN CHRISTIAN\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe:*:Disabled:java" "C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\adslTV\vlc.exe"="C:\Program Files\adslTV\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\HomePlayer\HomePlayer.exe"="C:\Program Files\HomePlayer\HomePlayer.exe:*:Enabled:HomePlayer" "C:\Program Files\HomePlayer\VLC\vlc.exe"="C:\Program Files\HomePlayer\VLC\vlc.exe:*:Enabled:VLC HomePlayer" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-10-11 01:31:18 ----D---- C:\rsit 2010-09-30 00:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$ 2010-09-15 23:30:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$ 2010-09-15 23:30:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$ 2010-09-15 23:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$ 2010-09-15 23:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$ 2010-09-15 23:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$ 2010-09-15 23:27:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$ 2010-09-15 23:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$ ======List of files/folders modified in the last 1 months====== 2010-10-11 01:31:23 ----D---- C:\WINDOWS\Prefetch 2010-10-11 01:31:13 ----D---- C:\WINDOWS\Temp 2010-10-10 22:58:03 ----SHD---- C:\System Volume Information 2010-10-10 22:57:25 ----D---- C:\Documents and Settings\All Users\Application Data\usb-set 2010-10-10 22:56:58 ----D---- C:\WINDOWS\Registration 2010-10-10 15:03:22 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-10-07 23:11:02 ----D---- C:\WINDOWS 2010-10-06 22:23:21 ----A---- C:\WINDOWS\NeroDigital.ini 2010-10-06 20:21:02 ----D---- C:\Config.Msi 2010-10-06 12:13:46 ----D---- C:\WINDOWS\Microsoft.NET 2010-10-06 12:13:41 ----RSD---- C:\WINDOWS\assembly 2010-10-06 11:26:26 ----SHD---- C:\WINDOWS\Installer 2010-10-06 11:24:24 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-10-06 11:24:22 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-10-06 11:20:37 ----D---- C:\WINDOWS\system32 2010-10-06 10:56:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-10-06 10:53:04 ----D---- C:\WINDOWS\WinSxS 2010-10-04 11:00:54 ----D---- C:\Documents and Settings\JEAN CHRISTIAN\Application Data\dvdcss 2010-10-01 16:36:49 ----D---- C:\Documents and Settings\JEAN CHRISTIAN\Application Data\vlc 2010-09-30 02:16:38 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-30 00:01:44 ----HD---- C:\WINDOWS\inf 2010-09-25 16:26:28 ----D---- C:\Program Files\USB-set 2010-09-21 22:57:08 ----D---- C:\WINDOWS\system32\drivers\NAV 2010-09-20 10:16:15 ----D---- C:\WINDOWS\Help 2010-09-17 07:28:15 ----D---- C:\Program Files\Mozilla Firefox 2010-09-15 23:30:31 ----A---- C:\WINDOWS\imsins.BAK 2010-09-15 23:30:21 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-15 23:30:16 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-15 23:19:43 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 agp440;Filtre de bus AGP Intel; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368] R0 BsStor;B.H.A Storage Helper Driver; C:\WINDOWS\system32\drivers\BsStor.sys [2002-06-06 9344] R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2004-03-02 5504] R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2004-03-02 125184] R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-06 639224] R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1108000.005\SYMDS.SYS [2009-11-06 328752] R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1108000.005\SYMEFA.SYS [2010-04-22 173104] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\System32\DRIVERS\TVALZ.SYS [2003-08-07 9216] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [] R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NAV\1108000.005\ccHPx86.sys [2010-02-26 501888] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2003-10-24 90416] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1108000.005\SRTSPX.SYS [2010-04-22 43696] R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1108000.005\Ironx86.SYS [2010-04-29 116784] R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1108000.005\SYMTDI.SYS [2010-05-06 361904] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005] R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\System32\DRIVERS\netdevio.sys [2003-01-29 12032] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-09-25 140800] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20101008.002\IDSxpx86.sys [] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20101010.003\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20101010.003\NAVEX15.SYS [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-09-24 1370764] R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-06-06 47360] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-20 21248] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632] R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\System32\DRIVERS\smcirda.sys [2001-09-11 38425] R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1108000.005\SRTSP.SYS [2010-04-22 325680] R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-07-17 230416] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-05-30 271728] R3 TOSHIBASoftModem;TOSHIBA Software Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2002-09-17 809872] R3 tsdhd;TOSHIBA SD Card Host Controller Driver; C:\WINDOWS\System32\DRIVERS\tsdhd.sys [2003-05-14 25888] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w70n51;Pilote Intel® PRO/Wireless 7100 Adapter; C:\WINDOWS\System32\DRIVERS\w70n51.sys [2003-03-27 2379776] S1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [] S1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuDisk;EASEUS Disk Enumerator; C:\WINDOWS\system32\DRIVERS\EuDisk.sys [2009-12-02 122504] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 ezplay;VSO Software ezplay; C:\WINDOWS\System32\Drivers\ezplay.sys [2007-06-06 94080] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-06-22 13224] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-06-22 25512] S3 gv3;Pilote processeur Intel GV3; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-20 33792] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016] S3 pciSd;pciSd; C:\WINDOWS\System32\DRIVERS\tossdpci.sys [2003-02-12 15143] S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336] S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112] S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680] S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488] S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176] S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696] S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632] S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616] S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\WINDOWS\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-30 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\System32\DVDRAMSV.exe [2003-05-23 106496] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370] S3 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2003-09-03 28672] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-09-24 77824] S3 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2010-10-11 01:31:54 ======Uninstall list====== -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin Adobe Photoshop 7.0.1-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Reader 9.4.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A94000000001} Adobe® Photoshop® Album Edition Découverte 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B} Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}\setup.exe" -l0x40c Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe" Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon EOS 5D Pilote WIA -->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BB3AB664-D92B-4CB5-8B3E-D841841F4E68} /l1036 CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon MOV Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "H:\CANON eos diital solution disk v21 2 500D\Canon MOV Decoder140\CanonMOVDecoderUnInstall.ini" Canon MOV Encoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "H:\CANON eos diital solution disk v21 2 500D\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Utilities CameraWindow-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini" Canon Utilities Digital Photo Professional 3.7-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini" Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini" Canon Utilities MyCamera-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini" Canon Utilities Original Data Security Tools-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\Original Data Security Tools\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities Picture Style Editor-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\Picture Style Editor\Uninst.ini" Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.6.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{7054ED85-498D-4D20-906F-14646AEC5581} Composant Hmk-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Vidal\Communs\Hmk.isu" Console TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\Setup.exe" -l0x40c Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Correctif pour Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9} DriveImage XML (Private Edition)-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u EASEUS Partition Master 5.5.1 Home Edition-->"C:\Program Files\EASEUS\EASEUS Partition Master 5.5.1 Home Edition\unins000.exe" ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" FileZilla Client 3.3.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe Formatage de carte mémoire SD TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe" -l0x40c Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Gestion d'énergie\Uninst.isu" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} HomePlayer 1.5.9-->C:\Program Files\HomePlayer\uninst.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Intel® PRO Network Adapters and Drivers-->Prounstl.exe Java 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF} Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LUMIX Simple Viewer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}\setup.exe" -l0x40c Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}\Setup.exe" -l0x40c Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Mise à jour de sécurité pour Lecteur Windows Media (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.6.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\A5E82D02\17.8.0.5\InstStub.exe /X NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvts.inf PDFCreator-->C:\Program Files\PDFCreator\unins000.exe pdfforge Toolbar v1.1.2-->MsiExec.exe /X{5791B7D3-8B34-4218-9750-6A8E45D0AD32} PENTAX Digital Camera Utility-->C:\PROGRA~1\PENTAX\DIGITA~1\UNINST.EXE C:\PROGRA~1\PENTAX\DIGITA~1\INSTALL.LOG PHOTOfunSTUDIO -viewer--->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe" -l0x40c Package Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe" Pilote du DVD-RAM-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" DVD-RAM Driver Pilotes Audio SigmaTel AC97-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x40c -nodialog -uninstall Recuva-->"F:\Recuva\uninst.exe" Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" Sélecteur d'installation de Microsoft Works 2004-->C:\Program Files\Microsoft Works Suite 2004\Setup\Launcher.exe /ARP D:\ Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log SIW version 2009.10.22-->"C:\Program Files\SIW\unins000.exe" Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{4A27B6AA-D139-4B69-97E0-B65B225E0673} Sony Ericsson PC Suite 6.009.00-->"C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x040c -removeonly Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\Setup.exe" -l0x40c UNINSTALL TOSHIBA Software Modem-->Tosmreg -U TOSHIBA Utilities-->tutildel.exe Unlocker 1.8.6-->C:\Program Files\Unlocker\uninst.exe Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update Service-->C:\Program Files\Sony Ericsson\Update Service\uninst.exe Usbfix By C_XX & El Desaparecido-->"C:\Usbfix\Un-Usbfix.exe" USB-set 1.4.1-->"C:\Program Files\USB-set\unins000.exe" Utilitaire Activer/désactiver la tablette tactile TOSHIBA V2.05.00-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\TouchED\Uninst.isu" -c"C:\Program Files\TOSHIBA\TouchED\tpedinst.dll" Utilitaire de sauvegarde Windows-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} Utilitaire TOSHIBA d'accès direct aux périphériques d’affichage-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5 Utilitaire TOSHIBA de changement d'écran-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,DefaultUninstall,5 VLC media player 1.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" =====HijackThis Backups===== O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') [2010-05-03] O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) [2010-05-03] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2010-05-03] O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe [2010-05-03] O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') [2010-05-03] O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') [2010-05-03] O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-05-03] O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-03] O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') [2010-05-03] O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) [2010-05-03] O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2010-05-21] O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2010-05-21] ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Norton AntiVirus ======System event log====== Computer Name: JEAN Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Symantec Real Time Storage Protection. Record Number: 146363 Source Name: Service Control Manager Time Written: 20100915065221.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: JEAN Event Code: 2003 Message: Symantec Antivirus minifilter successfully loaded. Record Number: 146362 Source Name: SRTSP Time Written: 20100915065220.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 7036 Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté. Record Number: 146361 Source Name: Service Control Manager Time Written: 20100915065143.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{BAC0A733-9C72-46F0-9C0C-CF92E2CA395B} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 146360 Source Name: Tcpip Time Written: 20100915065142.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 7036 Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution. Record Number: 146359 Source Name: Service Control Manager Time Written: 20100915065141.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: JEAN Event Code: 0 Message: Record Number: 14174 Source Name: gusvc Time Written: 20091018234153.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 0 Message: Record Number: 14173 Source Name: gusvc Time Written: 20091018234053.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 14172 Source Name: SecurityCenter Time Written: 20091018114656.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 1 Message: Record Number: 14171 Source Name: avg9emc Time Written: 20091018114642.000000+120 Event Type: Informations User: Computer Name: JEAN Event Code: 2 Message: Record Number: 14170 Source Name: Diskeeper Time Written: 20091018114626.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Fichiers communs\Teleca Shared "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=0905 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO -----------------EOF----------------- A te lire
  21. Bonjour/soir a l'équipe Sécurité Juste un petit UP pour m'aider a faire une analyse. Mon lienhttp://forum.zebulon.fr/demande-danalyse-t179904.html Dans l'attente de vous lire.
  22. Salut ticlou, Malheureusement non j'ai pas Antivir mais Norton (plus pour longtemps) L'opération fonctionne avec N.... A te lire
  23. Bonjour/soir Depuis la nouvelle mise a jour de Windows xp hier,quand je veux mettre le pc en veille pour quelques minutes(30a40minutes)il m'affiche: Le service Microsoft.net Framework v1.1.4322 Update empêche l'ordi de se mettre en veille. Que faire Dans l'attente de vous lire.
  24. Re bonjour a l'équipe sécurité J'ai vraiment besoin de votre aide Je reçois constamment plusieurs mails par jour de la part de plan du web alors que je me suis jamais inscrit Dans l'attente de vous lire
  25. Re bonjour, Maintenant quand je veux écouter la radio RMC il s'affiche en attente de vipicecast.yacast.net et j'ai aucun son Est ce vraiment normal! Avant jamais eu de problème pour la radio
×
×
  • Créer...