toscabriane
-
Compteur de contenus
74 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par toscabriane
-
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
[merci pour ta réponse, en effet, je n ai pas beaucoup de temps, je m en excuse, il est vrai que j ai essayé plusieurs fois de lancer gmer et il se plantait au bout de six voire sept heures après, cela m'énervait. je ne rencontre pas de problème particulier, à part que je le trouve long. je vais m absenter jusqu'à jeudi, je ne pourrais donc pas faire ce que tu me demandes avant jeudi. je te remercie encore de t occuper de moi bon dimanche et bonne semaine -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
voici le rapport Diaghelp, gmer s'étant encore bloque sur un ecran bleu DiagHelp version v1.4 - http://www.malekal.com excute le 12/02/2010 à 8:34:34,94 System information for \\joelle: Uptime: Error reading uptime Kernel version: Microsoft Windows XP, Multiprocessor Free Product type: Professional Product version: 5.1 Service pack: 3 Kernel build number: 2600 Registered organization: Registered owner: robert Install date: 10/01/2007, 18:14:30 Activation status: Error reading status IE version: 8.0000 System root: C:\WINDOWS Processors: 2 Processor speed: 2.7 GHz Processor type: Intel® Pentium® D CPU Physical memory: 2046 MB Video driver: NVIDIA GeForce 7300 SE/7200 GS Volume Type Format Label Size Free Free C: Fixed NTFS HDD 290.28 GB 103.31 GB 35.6% D: CD-ROM 0.0% E: CD-ROM 0.0% G: Removable 0.0% C:\WINDOWS\prefetch\FSDC32.EXE-1ACD7010.pf -->12/02/2010 08:34:49 C:\WINDOWS\prefetch\PSINFO.EXE-180648FA.pf -->12/02/2010 08:34:45 C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->12/02/2010 08:34:32 C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->12/02/2010 08:34:26 C:\WINDOWS\prefetch\EXPLORER.EXE-02121B1A.pf -->12/02/2010 08:34:01 C:\WINDOWS\prefetch\ALAUTH.EXE-35EDE8DF.pf -->12/02/2010 08:33:41 C:\WINDOWS\prefetch\ALBNCOLLECTOR.EXE-203FE8BD.pf -->12/02/2010 08:33:34 C:\WINDOWS\prefetch\ALUPDATE.EXE-0611F9BA.pf -->12/02/2010 08:33:32 C:\WINDOWS\prefetch\ALZIP.EXE-272162D8.pf -->12/02/2010 08:33:29 C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->12/02/2010 08:33:02 C:\WINDOWS\System32\drivers\srv.sys -->31/12/2009 17:50:03 C:\WINDOWS\System32\drivers\mrxsmb.sys -->04/12/2009 19:22:22 C:\WINDOWS\System32\drivers\fsbts.sys -->13/11/2009 09:40:51 C:\WINDOWS\System32\drivers\http.sys -->20/10/2009 17:20:16 C:\WINDOWS\System32\drivers\fssfltr_tdi.sys -->05/08/2009 21:48:42 C:\WINDOWS\System32\drivers\fsdfw.sys -->05/08/2009 16:57:20 C:\WINDOWS\System32\drivers\pavboot.sys -->30/06/2009 09:37:16 C:\WINDOWS\System32\wpa.dbl -->11/02/2010 08:15:12 C:\WINDOWS\System32\nvapps.xml -->11/02/2010 08:11:33 C:\WINDOWS\System32\MRT.exe -->01/02/2010 20:26:20 C:\WINDOWS\System32\afasrv32.exe -->16/01/2010 15:27:57 C:\WINDOWS\System32\FNTCACHE.DAT -->29/12/2009 11:16:45 C:\WINDOWS\System32\wininet.dll -->21/12/2009 20:07:01 C:\WINDOWS\System32\urlmon.dll -->21/12/2009 20:07:01 C:\WINDOWS\System32\occache.dll -->21/12/2009 20:07:00 C:\WINDOWS\System32\mshtml.dll -->21/12/2009 20:07:00 C:\WINDOWS\System32\msfeedsbs.dll -->21/12/2009 20:06:58 C:\WINDOWS\System32\msfeeds.dll -->21/12/2009 20:06:58 C:\WINDOWS\System32\jsproxy.dll -->21/12/2009 20:06:58 C:\WINDOWS\System32\inetcpl.cpl -->21/12/2009 20:06:58 C:\WINDOWS\System32\iertutil.dll -->21/12/2009 20:06:57 C:\WINDOWS\System32\iepeers.dll -->21/12/2009 20:06:56 C:\WINDOWS\System32\ieframe.dll -->21/12/2009 20:06:56 C:\WINDOWS\System32\iedkcs32.dll -->21/12/2009 20:06:52 C:\WINDOWS\System32\ie4uinit.exe -->21/12/2009 14:20:15 C:\WINDOWS\System32\javaws.exe -->20/12/2009 18:01:22 C:\WINDOWS\System32\javaw.exe -->20/12/2009 18:01:22 C:\WINDOWS\System32\javacpl.cpl -->20/12/2009 18:01:22 C:\WINDOWS\System32\java.exe -->20/12/2009 18:01:22 C:\WINDOWS\System32\deploytk.dll -->20/12/2009 18:01:22 C:\WINDOWS\System32\perfh00C.dat -->20/12/2009 18:00:31 C:\WINDOWS\System32\perfh009.dat -->20/12/2009 18:00:31 C:\WINDOWS\Twain001.Mtx -->12/02/2010 08:29:25 C:\WINDOWS\TWAIN.LOG -->12/02/2010 08:29:25 C:\WINDOWS\Twunk001.MTX -->12/02/2010 08:29:24 C:\WINDOWS\WindowsUpdate.log -->12/02/2010 03:40:12 C:\WINDOWS\wiadebug.log -->11/02/2010 11:06:56 C:\WINDOWS\0.log -->11/02/2010 07:53:23 C:\WINDOWS\wiaservc.log -->11/02/2010 07:53:07 C:\WINDOWS\bootstat.dat -->11/02/2010 07:52:21 C:\WINDOWS\SchedLgU.Txt -->10/02/2010 22:09:09 C:\WINDOWS\tsoc.log -->10/02/2010 22:05:57 C:\WINDOWS\tabletoc.log -->10/02/2010 22:05:57 C:\WINDOWS\ocmsn.log -->10/02/2010 22:05:57 C:\WINDOWS\ntdtcsetup.log -->10/02/2010 22:05:57 C:\WINDOWS\MedCtrOC.log -->10/02/2010 22:05:57 C:\WINDOWS\imsins.log -->10/02/2010 22:05:57 Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\WINDOWS 10/02/2010 22:05 <REP> $hf_mig$ 23/11/2006 03:46 <REP> $MSI31Uninstall_KB893803v2$ 25/10/2008 06:30 <REP> $NtServicePackUninstall$ 24/01/2007 08:00 <REP> $NtServicePackUninstallIDNMitigationAPIs$ 24/01/2007 08:00 <REP> $NtServicePackUninstallNLSDownlevelMapping$ 23/11/2006 03:46 <REP> $NtUninstallKB873339$ 23/11/2006 03:46 <REP> $NtUninstallKB885250$ 23/11/2006 03:46 <REP> $NtUninstallKB885835$ 23/11/2006 03:46 <REP> $NtUninstallKB885836$ 23/11/2006 03:46 <REP> $NtUninstallKB886185$ 23/11/2006 03:46 <REP> $NtUninstallKB887472$ 23/11/2006 03:46 <REP> $NtUninstallKB887742$ 23/11/2006 03:46 <REP> $NtUninstallKB887998$ 23/11/2006 03:41 <REP> $NtUninstallKB888111WXPSP2$ 23/11/2006 03:46 <REP> $NtUninstallKB888113$ 23/11/2006 03:46 <REP> $NtUninstallKB888302$ 23/11/2006 03:46 <REP> $NtUninstallKB888795$ 23/11/2006 03:46 <REP> $NtUninstallKB890046$ 23/11/2006 03:46 <REP> $NtUninstallKB890859$ 23/11/2006 03:46 <REP> $NtUninstallKB891593$ 23/11/2006 03:46 <REP> $NtUninstallKB891781$ 23/11/2006 03:43 <REP> $NtUninstallKB893756$ 23/11/2006 03:43 <REP> $NtUninstallKB894391$ 23/11/2006 03:43 <REP> $NtUninstallKB895961$ 23/11/2006 03:43 <REP> $NtUninstallKB896256$ 23/11/2006 03:43 <REP> $NtUninstallKB896358$ 23/11/2006 03:43 <REP> $NtUninstallKB896422$ 23/11/2006 03:44 <REP> $NtUninstallKB896423$ 23/11/2006 03:44 <REP> $NtUninstallKB896424$ 23/11/2006 03:44 <REP> $NtUninstallKB896428$ 23/11/2006 03:41 <REP> $NtUninstallKB898458$ 23/11/2006 03:41 <REP> $NtUninstallKB898461$ 23/11/2006 03:44 <REP> $NtUninstallKB899337$ 23/11/2006 03:41 <REP> $NtUninstallKB899510$ 23/11/2006 03:44 <REP> $NtUninstallKB899587$ 23/11/2006 03:44 <REP> $NtUninstallKB899589$ 23/11/2006 03:44 <REP> $NtUninstallKB899591$ 23/11/2006 03:44 <REP> $NtUninstallKB900325$ 23/11/2006 03:44 <REP> $NtUninstallKB900485$ 23/11/2006 03:44 <REP> $NtUninstallKB900725$ 23/11/2006 03:44 <REP> $NtUninstallKB901017$ 23/11/2006 03:44 <REP> $NtUninstallKB901190$ 23/11/2006 03:44 <REP> $NtUninstallKB901214$ 23/11/2006 03:44 <REP> $NtUninstallKB902400$ 23/11/2006 03:41 <REP> $NtUninstallKB902841$ 23/11/2006 03:45 <REP> $NtUninstallKB903157$ 23/11/2006 03:45 <REP> $NtUninstallKB904706$ 24/01/2007 07:58 <REP> $NtUninstallKB904942$ 23/11/2006 03:45 <REP> $NtUninstallKB905414$ 23/11/2006 03:45 <REP> $NtUninstallKB905749$ 23/11/2006 03:45 <REP> $NtUninstallKB908246$ 23/11/2006 03:45 <REP> $NtUninstallKB908519$ 23/11/2006 03:45 <REP> $NtUninstallKB908531$ 23/11/2006 03:45 <REP> $NtUninstallKB910393$ 23/11/2006 03:45 <REP> $NtUninstallKB910437$ 23/11/2006 03:45 <REP> $NtUninstallKB910728$ 23/11/2006 03:45 <REP> $NtUninstallKB911280$ 23/11/2006 03:45 <REP> $NtUninstallKB911562$ 23/11/2006 03:41 <REP> $NtUninstallKB911564$ 23/11/2006 03:45 <REP> $NtUninstallKB911565$ 23/11/2006 03:45 <REP> $NtUninstallKB911567$ 23/11/2006 03:45 <REP> $NtUninstallKB911927$ 23/11/2006 03:45 <REP> $NtUninstallKB912024$ 23/11/2006 03:41 <REP> $NtUninstallKB912067$ 23/11/2006 03:45 <REP> $NtUninstallKB912919$ 07/12/2009 22:24 <REP> $NtUninstallKB913446$ 23/11/2006 03:45 <REP> $NtUninstallKB913580$ 23/11/2006 03:45 <REP> $NtUninstallKB913800$ 23/11/2006 03:45 <REP> $NtUninstallKB914388$ 23/11/2006 03:46 <REP> $NtUninstallKB914389$ 24/01/2007 07:58 <REP> $NtUninstallKB914440$ 23/11/2006 03:46 <REP> $NtUninstallKB914548$ 29/06/2009 21:46 <REP> $NtUninstallKB915800-v4$ 24/01/2007 07:59 <REP> $NtUninstallKB915865$ 23/11/2006 03:46 <REP> $NtUninstallKB916595$ 23/11/2006 03:46 <REP> $NtUninstallKB917159$ 23/11/2006 03:46 <REP> $NtUninstallKB917344$ 23/11/2006 03:46 <REP> $NtUninstallKB917422$ 23/11/2006 03:46 <REP> $NtUninstallKB917734_WMP10$ 23/11/2006 03:46 <REP> $NtUninstallKB917953$ 14/02/2007 22:41 <REP> $NtUninstallKB918118$ 23/11/2006 03:46 <REP> $NtUninstallKB918439$ 23/11/2006 03:46 <REP> $NtUninstallKB918899$ 23/11/2006 03:46 <REP> $NtUninstallKB919007$ 23/11/2006 03:46 <REP> $NtUninstallKB919803$ 12/01/2007 03:00 <REP> $NtUninstallKB920213$ 23/11/2006 03:46 <REP> $NtUninstallKB920214$ 23/11/2006 03:46 <REP> $NtUninstallKB920670$ 23/11/2006 03:46 <REP> $NtUninstallKB920683$ 23/11/2006 03:46 <REP> $NtUninstallKB920685$ 23/11/2006 03:46 <REP> $NtUninstallKB920872$ 23/11/2006 03:46 <REP> $NtUninstallKB921398$ 15/08/2007 17:41 <REP> $NtUninstallKB921503$ 23/11/2006 03:46 <REP> $NtUninstallKB921883$ 23/11/2006 03:46 <REP> $NtUninstallKB922582$ 23/11/2006 03:46 <REP> $NtUninstallKB922616$ 12/01/2007 03:03 <REP> $NtUninstallKB922819$ 11/01/2007 07:58 <REP> $NtUninstallKB923191$ 12/01/2007 03:03 <REP> $NtUninstallKB923414$ 17/04/2009 02:02 <REP> $NtUninstallKB923561$ 12/01/2007 03:01 <REP> $NtUninstallKB923689$ 12/01/2007 03:00 <REP> $NtUninstallKB923694$ 12/01/2007 03:03 <REP> $NtUninstallKB923980$ 12/01/2007 03:03 <REP> $NtUninstallKB924191$ 12/01/2007 03:02 <REP> $NtUninstallKB924270$ 18/01/2010 10:30 <REP> $NtUninstallKB924496$ 14/02/2007 22:42 <REP> $NtUninstallKB924667$ 12/01/2007 03:03 <REP> $NtUninstallKB925398_WMP64$ 12/01/2007 03:03 <REP> $NtUninstallKB925454$ 25/04/2007 16:23 <REP> $NtUninstallKB925766$ 08/04/2007 17:57 <REP> $NtUninstallKB925902$ 25/04/2007 16:27 <REP> $NtUninstallKB926239$ 11/01/2007 07:57 <REP> $NtUninstallKB926251$ 12/01/2007 03:00 <REP> $NtUninstallKB926255$ 14/02/2007 22:42 <REP> $NtUninstallKB926436$ 14/02/2007 22:42 <REP> $NtUninstallKB927779$ 14/02/2007 22:42 <REP> $NtUninstallKB927802$ 24/05/2007 02:05 <REP> $NtUninstallKB927891$ 18/02/2007 21:53 <REP> $NtUninstallKB928090$ 14/02/2007 22:42 <REP> $NtUninstallKB928255$ 14/02/2007 22:41 <REP> $NtUninstallKB928843$ 14/06/2007 02:02 <REP> $NtUninstallKB929123$ 15/03/2007 03:00 <REP> $NtUninstallKB929338$ 27/04/2007 02:01 <REP> $NtUninstallKB929399$ 12/01/2007 03:03 <REP> $NtUninstallKB929969$ 11/04/2007 02:00 <REP> $NtUninstallKB930178$ 12/07/2007 02:01 <REP> $NtUninstallKB930494$ 11/05/2007 02:01 <REP> $NtUninstallKB930916$ 11/04/2007 02:00 <REP> $NtUninstallKB931261$ 11/04/2007 02:00 <REP> $NtUninstallKB931784$ 14/02/2007 22:42 <REP> $NtUninstallKB931836$ 11/04/2007 02:00 <REP> $NtUninstallKB932168$ 28/05/2008 03:13 <REP> $NtUninstallKB932823-v3$ 30/08/2007 02:00 <REP> $NtUninstallKB933360$ 10/10/2007 06:34 <REP> $NtUninstallKB933729$ 11/04/2007 02:00 <REP> $NtUninstallKB935448$ 14/06/2007 02:00 <REP> $NtUninstallKB935839$ 14/06/2007 02:02 <REP> $NtUninstallKB935840$ 15/08/2007 17:42 <REP> $NtUninstallKB936021$ 12/07/2007 02:04 <REP> $NtUninstallKB936357$ 15/08/2007 17:36 <REP> $NtUninstallKB936782_WMP11$ 13/12/2007 03:04 <REP> $NtUninstallKB937894$ 25/10/2008 07:40 <REP> $NtUninstallKB938464$ 11/03/2009 03:02 <REP> $NtUninstallKB938464-v2$ 10/09/2008 02:53 <REP> $NtUninstallKB938464_0$ 15/08/2007 17:41 <REP> $NtUninstallKB938828$ 15/08/2007 17:41 <REP> $NtUninstallKB938829$ 04/09/2007 23:05 <REP> $NtUninstallKB939683$ 29/06/2009 21:47 <REP> $NtUninstallKB940157$ 10/10/2007 06:32 <REP> $NtUninstallKB941202$ 13/12/2007 03:00 <REP> $NtUninstallKB941568$ 13/12/2007 03:02 <REP> $NtUninstallKB941569$ 10/01/2008 03:00 <REP> $NtUninstallKB941644$ 09/04/2008 02:03 <REP> $NtUninstallKB941693$ 13/12/2007 03:02 <REP> $NtUninstallKB942763$ 13/02/2008 03:00 <REP> $NtUninstallKB943055$ 15/11/2007 03:02 <REP> $NtUninstallKB943460$ 10/01/2008 03:00 <REP> $NtUninstallKB943485$ 13/12/2007 03:00 <REP> $NtUninstallKB944653$ 09/04/2008 02:00 <REP> $NtUninstallKB945553$ 13/02/2008 03:01 <REP> $NtUninstallKB946026$ 25/10/2008 07:41 <REP> $NtUninstallKB946648$ 14/08/2008 02:22 <REP> $NtUninstallKB946648_0$ 09/04/2008 02:03 <REP> $NtUninstallKB948590$ 09/04/2008 02:05 <REP> $NtUninstallKB948881$ 14/05/2008 02:01 <REP> $NtUninstallKB950749$ 11/06/2008 08:13 <REP> $NtUninstallKB950760$ 25/10/2008 07:41 <REP> $NtUninstallKB950762$ 11/06/2008 08:14 <REP> $NtUninstallKB950762_0$ 25/10/2008 07:41 <REP> $NtUninstallKB950974$ 14/08/2008 02:21 <REP> $NtUninstallKB950974_0$ 25/10/2008 07:42 <REP> $NtUninstallKB951066$ 14/08/2008 02:17 <REP> $NtUninstallKB951066_0$ 14/08/2008 02:18 <REP> $NtUninstallKB951072-v2$ 25/10/2008 07:42 <REP> $NtUninstallKB951376$ 25/10/2008 07:42 <REP> $NtUninstallKB951376-v2$ 21/06/2008 03:45 <REP> $NtUninstallKB951376-v2_0$ 11/06/2008 08:13 <REP> $NtUninstallKB951376_0$ 25/10/2008 07:42 <REP> $NtUninstallKB951698$ 11/06/2008 08:14 <REP> $NtUninstallKB951698_0$ 25/10/2008 07:42 <REP> $NtUninstallKB951748$ 10/07/2008 02:57 <REP> $NtUninstallKB951748_0$ 26/10/2008 02:00 <REP> $NtUninstallKB951978$ 17/04/2009 22:23 <REP> $NtUninstallKB952004$ 11/12/2008 22:39 <REP> $NtUninstallKB952069_WM9$ 25/10/2008 07:42 <REP> $NtUninstallKB952287$ 14/08/2008 02:18 <REP> $NtUninstallKB952287_0$ 25/10/2008 07:43 <REP> $NtUninstallKB952954$ 14/08/2008 02:22 <REP> $NtUninstallKB952954_0$ 19/10/2009 08:33 <REP> $NtUninstallKB953295$ 14/08/2008 02:22 <REP> $NtUninstallKB953839$ 10/09/2008 02:52 <REP> $NtUninstallKB954154_WM11$ 19/10/2009 08:37 <REP> $NtUninstallKB954155_WM9$ 10/09/2008 02:53 <REP> $NtUninstallKB954156_WM9L$ 25/10/2008 07:43 <REP> $NtUninstallKB954211$ 16/10/2008 06:10 <REP> $NtUninstallKB954211_0$ 13/11/2008 07:07 <REP> $NtUninstallKB954459$ 11/12/2008 22:38 <REP> $NtUninstallKB954600$ 13/11/2008 07:06 <REP> $NtUninstallKB955069$ 11/12/2009 17:09 <REP> $NtUninstallKB955759$ 11/12/2008 22:43 <REP> $NtUninstallKB955839$ 16/10/2008 06:11 <REP> $NtUninstallKB956391$ 17/04/2009 02:05 <REP> $NtUninstallKB956572$ 12/08/2009 12:51 <REP> $NtUninstallKB956744$ 11/12/2008 22:38 <REP> $NtUninstallKB956802$ 25/10/2008 07:43 <REP> $NtUninstallKB956803$ 16/10/2008 06:11 <REP> $NtUninstallKB956803_0$ 25/10/2008 07:43 <REP> $NtUninstallKB956841$ 16/10/2008 06:10 <REP> $NtUninstallKB956841_0$ 10/09/2009 02:24 <REP> $NtUninstallKB956844$ 25/10/2008 07:43 <REP> $NtUninstallKB957095$ 16/10/2008 06:11 <REP> $NtUninstallKB957095_0$ 13/11/2008 07:07 <REP> $NtUninstallKB957097$ 25/10/2008 07:43 <REP> $NtUninstallKB958644$ 25/10/2008 02:00 <REP> $NtUninstallKB958644_0$ 19/01/2009 04:17 <REP> $NtUninstallKB958687$ 11/03/2009 03:02 <REP> $NtUninstallKB958690$ 16/10/2009 02:13 <REP> $NtUninstallKB958869$ 17/04/2009 22:23 <REP> $NtUninstallKB959426$ 11/03/2009 03:01 <REP> $NtUninstallKB959772_WM11$ 11/03/2009 03:02 <REP> $NtUninstallKB960225$ 11/02/2009 03:02 <REP> $NtUninstallKB960715$ 17/04/2009 02:02 <REP> $NtUninstallKB960803$ 12/08/2009 12:51 <REP> $NtUninstallKB960859$ 24/08/2009 03:10 <REP> $NtUninstallKB961118$ 18/07/2009 02:02 <REP> $NtUninstallKB961371$ 17/04/2009 22:23 <REP> $NtUninstallKB961373$ 13/06/2009 05:02 <REP> $NtUninstallKB961501$ 02/05/2009 05:31 <REP> $NtUninstallKB961503$ 30/06/2009 02:01 <REP> $NtUninstallKB963093$ 09/03/2009 03:58 <REP> $NtUninstallKB967715$ 29/08/2009 06:06 <REP> $NtUninstallKB968389$ 13/06/2009 05:01 <REP> $NtUninstallKB968537$ 10/09/2009 02:25 <REP> $NtUninstallKB968816_WM9$ 19/10/2009 08:38 <REP> $NtUninstallKB969059$ 12/06/2009 05:58 <REP> $NtUninstallKB969898$ 13/11/2009 03:01 <REP> $NtUninstallKB969947$ 21/12/2009 18:03 <REP> $NtUninstallKB970238$ 11/12/2009 17:07 <REP> $NtUninstallKB970430$ 27/08/2009 02:03 <REP> $NtUninstallKB970653-v3$ 10/02/2010 22:05 <REP> $NtUninstallKB971468$ 19/10/2009 08:34 <REP> $NtUninstallKB971486$ 12/08/2009 12:51 <REP> $NtUninstallKB971557$ 18/07/2009 02:11 <REP> $NtUninstallKB971633$ 12/08/2009 12:51 <REP> $NtUninstallKB971657$ 11/12/2009 17:08 <REP> $NtUninstallKB971737$ 14/01/2010 03:05 <REP> $NtUninstallKB972270$ 18/07/2009 02:11 <REP> $NtUninstallKB973346$ 12/08/2009 12:49 <REP> $NtUninstallKB973354$ 12/08/2009 12:49 <REP> $NtUninstallKB973507$ 19/10/2009 08:34 <REP> $NtUninstallKB973525$ 12/08/2009 12:49 <REP> $NtUninstallKB973540_WM9$ 25/11/2009 15:23 <REP> $NtUninstallKB973687$ 10/09/2009 02:10 <REP> $NtUninstallKB973768$ 12/08/2009 12:44 <REP> $NtUninstallKB973815$ 12/08/2009 12:50 <REP> $NtUninstallKB973869$ 09/12/2009 03:05 <REP> $NtUninstallKB973904$ 19/10/2009 08:37 <REP> $NtUninstallKB974112$ 11/12/2009 17:08 <REP> $NtUninstallKB974318$ 11/12/2009 17:08 <REP> $NtUninstallKB974392$ 19/10/2009 08:37 <REP> $NtUninstallKB974571$ 19/10/2009 08:30 <REP> $NtUninstallKB975467$ 10/02/2010 22:00 <REP> $NtUninstallKB975560$ 10/02/2010 22:01 <REP> $NtUninstallKB975713$ 25/11/2009 15:23 <REP> $NtUninstallKB976098-v2$ 10/02/2010 21:57 <REP> $NtUninstallKB977165$ 10/02/2010 21:58 <REP> $NtUninstallKB977914$ 10/02/2010 22:01 <REP> $NtUninstallKB978037$ 10/02/2010 22:01 <REP> $NtUninstallKB978251$ 10/02/2010 22:05 <REP> $NtUninstallKB978262$ 10/02/2010 21:58 <REP> $NtUninstallKB978706$ 25/04/2007 16:27 <REP> $NtUninstallMSCompPackV1$ 17/08/2007 21:25 <REP> $NtUninstallQ828026$ 09/11/2007 11:53 <REP> $NtUninstallWIC$ 25/04/2007 16:25 <REP> $NtUninstallWMFDist11$ 25/04/2007 16:26 <REP> $NtUninstallwmp11$ 25/04/2007 16:24 <REP> $NtUninstallWudf01000$ 30/06/2007 06:21 <REP> $NtUninstallWudf01005$ 08/11/2008 15:07 <REP> ftpcache 27/02/2007 14:53 <REP> ie7 01/12/2009 07:49 <REP> ie8 10/02/2010 22:00 <REP> Installer 01/12/2009 07:50 <REP> msdownld.tmp 23/01/2007 22:36 <REP> PIF 09/02/2010 10:47 8 192 Thumbs.db 10/08/2004 14:00 49 102 winnt.bmp 10/08/2004 14:00 49 102 winnt256.bmp 4 fichier(s) 107 145 octets 284 Rép(s) 110 933 426 176 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\WINDOWS\system32 10/02/2010 22:05 <REP> dllcache 29/06/2009 21:47 <REP> GroupPolicy 28/10/2009 22:05 174 624 mlfcache.dat 8 fichier(s) 179 345 octets 2 Rép(s) 110 933 393 408 octets libres winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed userinit.exe kernel32.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 2244 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76610000 0x84000 5.131.2600.5512 C:\WINDOWS\system32\CRYPTUI.dll 0x404a0000 0xe6000 8.00.6001.18876 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x45180000 0x132000 8.00.6001.18876 C:\WINDOWS\system32\urlmon.dll 0x40b40000 0x1e8000 8.00.6001.18876 C:\WINDOWS\system32\iertutil.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\comctl32.dll 0x0ff00000 0x51000 2.20.0146.0000 \\?\c:\program files\antivirusfirewall\hips\fshook32.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x661d0000 0x21f000 12.00.6421.1000 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll 0x68ef0000 0xf2000 12.00.6423.1000 C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL 0x78130000 0x9b000 8.00.50727.4053 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll 0x68ff0000 0x7000 12.00.6413.1000 C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL 0x7c630000 0x1b000 8.00.50727.4053 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL 0x65e50000 0x2d000 12.00.6421.1000 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll 0x748f0000 0x123000 8.100.1051.0000 C:\WINDOWS\system32\msxml3.dll 0x76ac0000 0x11000 3.05.2284.0002 C:\WINDOWS\system32\ATL.DLL 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x40d30000 0xa93000 8.00.6001.18876 C:\WINDOWS\system32\ieframe.dll 0x02480000 0x3d000 8.00.6001.18702 C:\WINDOWS\system32\webcheck.dll 0x164a0000 0x23000 5.02.5721.5145 C:\WINDOWS\system32\WPDShServiceObj.dll 0x7d200000 0x2bc000 3.01.4001.5512 C:\WINDOWS\system32\msi.dll 0x10000000 0x91000 6.83.0074.0009 C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll 0x023c0000 0xa4000 6.83.0092.0011 C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\WINDOWS\system32\MSVCP71.dll 0x7c340000 0x56000 7.10.3052.0004 C:\WINDOWS\system32\MSVCR71.dll 0x02af0000 0xb000 6.83.0047.0001 C:\Program Files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_fre.nlr 0x02b00000 0x87000 6.83.0015.0001 C:\Program Files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr 0x109c0000 0x2c000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceTypes.dll 0x10930000 0x49000 5.02.5721.5145 C:\WINDOWS\system32\PortableDeviceApi.dll 0x69270000 0x8d000 5.02.2600.5512 C:\WINDOWS\system32\fxsst.dll 0x61410000 0x72000 5.02.2600.5512 C:\WINDOWS\system32\FXSAPI.dll 0x03430000 0xb000 1.01.0000.0000 C:\Program Files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll 0x03440000 0xe000 C:\Apps\Softex\OmniPass\SCUREDLL.dll 0x03680000 0x7000 9.79.0025.0001 C:\Program Files\Logitech\MouseWare\System\LgWndHk.dll 0x03690000 0x3f000 1.02.7380.0000 C:\Program Files\AntivirusFirewall\Spam Control\fsscoepl.dll 0x66b50000 0x17f000 12.00.6421.1000 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll 0x03900000 0xe1000 12.00.6413.1000 C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll 0x4b4f0000 0x86000 5.41.0015.1515 C:\WINDOWS\system32\MSFTEDIT.DLL 0x4eb80000 0x1ab000 5.02.6001.22319 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x05650000 0xa5000 6.14.0011.8250 C:\WINDOWS\system32\nvapi.dll 0x17360000 0x2e000 6.24.0103.0000 C:\Program Files\AntivirusFirewall\FWES\Program\fsdc32.dll 0x01280000 0x174000 1.01.0001.0001 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL 0x00ea0000 0x5b000 9.01.0000.0163 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll 0x03fe0000 0xc3000 7.00.6001.16503 C:\Program Files\Windows Desktop Search\wdsShell.dll 0x00f80000 0x9000 7.00.6001.16503 C:\Program Files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui 0x40590000 0x5ae000 8.00.6001.18876 C:\WINDOWS\system32\mshtml.dll 0x03480000 0x29000 3.10.0349.0000 C:\WINDOWS\system32\msls31.dll 0x736b0000 0x4b000 5.03.2600.5512 C:\WINDOWS\system32\DDRAW.dll 0x403e0000 0xb4000 5.08.6001.22886 C:\WINDOWS\system32\jscript.dll 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.DLL 0x73890000 0xd0000 5.03.2600.5512 C:\WINDOWS\system32\D3DIM700.DLL 0x60510000 0x19000 2.00.50727.3053 c:\WINDOWS\system32\dfshim.dll 0x79000000 0x46000 2.00.50727.3053 c:\WINDOWS\system32\mscoree.dll 0x79e70000 0x590000 2.00.50727.3603 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x07f00000 0xd37000 6.14.0011.8250 C:\WINDOWS\system32\nvcpl.dll 0x01150000 0x45000 6.14.0011.8250 C:\WINDOWS\system32\NVRSFR.DLL 0x040b0000 0x73000 6.14.0010.12095 C:\WINDOWS\system32\nvshell.dll 0x01aa0000 0x4d000 7.00.6001.18260 C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll 0x6bd10000 0x10000 12.00.6413.1000 C:\Program Files\Microsoft Office\Office12\msohevi.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 1064 Command line: winlogon.exe Base Size Version Path 0x01000000 0x82000 \??\C:\WINDOWS\system32\winlogon.exe 0x77be0000 0x58000 7.00.2600.5512 C:\WINDOWS\system32\msvcrt.dll 0x779e0000 0x97000 5.131.2600.5512 C:\WINDOWS\system32\CRYPT32.dll 0x76be0000 0x2e000 5.131.2600.5512 C:\WINDOWS\system32\WINTRUST.dll 0x753c0000 0x6b000 1.420.2600.5512 C:\WINDOWS\system32\USP10.dll 0x58b50000 0x9a000 5.82.2900.5512 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1132.0000 C:\WINDOWS\system32\ODBC32.dll 0x1f840000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x10000000 0xe000 C:\Apps\Softex\OmniPass\opxpgina.dll 0x012b0000 0x3b000 1.07.0018.0005 C:\WINDOWS\system32\WgaLogon.dll 0x76f80000 0x7f000 2001.12.4414.0700 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0700 C:\WINDOWS\system32\COMRes.dll 0x0ff00000 0x51000 2.20.0146.0000 \\?\c:\program files\antivirusfirewall\hips\fshook32.dll 0x17360000 0x2e000 6.24.0103.0000 C:\Program Files\AntivirusFirewall\FWES\Program\fsdc32.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x748f0000 0x123000 8.100.1051.0000 C:\WINDOWS\system32\msxml3.dll Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\WINDOWS\Downloaded Program Files 11/02/2010 07:52 <REP> . 11/02/2010 07:52 <REP> .. 04/08/2009 14:06 132 352 as2stubie.dll 04/08/2009 11:44 288 as2stubie.inf 27/02/2008 15:59 290 816 auc_lib.dll 27/02/2008 15:59 541 ca.pub 28/09/2007 17:11 <REP> CONFLICT.1 22/11/2009 10:41 <REP> CONFLICT.2 20/12/2009 18:58 <REP> CONFLICT.3 13/01/2005 14:59 233 Crusher.inf 27/02/2008 15:59 495 616 daas_s.dll 18/09/2007 09:29 172 default.inf 23/09/2004 19:09 65 desktop.ini 25/07/2002 17:13 24 576 dwusplay.dll 25/07/2002 17:13 196 608 dwusplay.exe 26/09/2008 18:08 3 204 368 EPUWALcontrol.dll 11/04/2007 14:55 1 292 erma.inf 20/11/2007 16:04 1 523 536 FP_AX_CAB_INSTALLER.exe 27/02/2008 16:00 262 144 fscax.dll 27/02/2008 15:59 614 fscax.inf 13/04/2007 02:14 382 344 GAME_UNO1.dll 17/01/2007 15:44 316 GAME_UNO1.INF 27/02/2008 15:59 588 392 gatelauncher.exe 17/12/2009 18:59 397 hardwaredetection.inf 05/12/2008 16:29 812 hcImpl.inf 18/07/2006 16:45 248 IaLdr32.inf 08/09/2008 11:58 204 800 InstallerControl.dll 27/07/2004 15:48 323 584 isusweb.dll 22/02/2008 04:50 1 060 jinstall-6u5.inf 06/02/2009 11:26 367 LegitCheckControl.inf 22/02/2007 23:41 304 544 MessengerStatsPAClient.dll 28/02/2007 14:21 131 472 msgrchkr.dll 20/06/2006 15:44 379 704 MsnPUpld.dll 02/08/2007 14:47 569 MSNPUpld.inf 19/05/2003 15:30 205 880 MsnUpld.dll 19/05/2003 15:32 406 MsnUpld.inf 30/04/2009 11:33 579 OCS.inf 26/10/2009 15:34 172 OnlineScanner.inf 19/08/2009 09:32 3 308 OrangeInstaller.inf 08/09/2008 11:58 507 OSDC5.OSD 10/10/2008 15:43 335 PhotoUploader5.inf 10/10/2008 15:44 3 536 384 PhotoUploader5.ocx 29/07/2009 02:00 338 PhotoUploader55.inf 29/07/2009 20:21 3 540 488 PhotoUploader55.ocx 20/06/2006 15:44 117 560 PURen-us.dll 31/05/2002 09:20 117 328 purfr-fr.dll 17/06/2008 14:26 144 swdir.inf 19/05/2003 15:32 51 712 UCRen-us.dll 15/04/2004 14:58 52 736 ucrFR-FR.dll 18/09/2007 10:20 878 072 UploaderX.dll 14/10/2009 22:32 452 488 wlscBase.dll 14/10/2009 22:34 321 wlscBase.inf 47 fichier(s) 17 410 588 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 28/09/2007 17:11 <REP> . 28/09/2007 17:11 <REP> .. 02/08/2007 10:31 360 320 MsnPUpld.dll 02/08/2007 10:31 67 456 PURen-us.dll 06/08/2007 11:10 68 992 PURfr-fr.dll 3 fichier(s) 496 768 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2 22/11/2009 10:41 <REP> . 22/11/2009 10:41 <REP> .. 15/09/2009 14:04 172 default.inf 15/09/2009 14:06 1 001 032 UploaderX.dll 2 fichier(s) 1 001 204 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.3 20/12/2009 18:58 <REP> . 20/12/2009 18:58 <REP> .. 27/10/2009 20:31 1 956 816 FP_AX_CAB_INSTALLER.exe 27/10/2009 20:22 247 swflash.inf 2 fichier(s) 1 957 063 octets Total des fichiers listés : 54 fichier(s) 20 865 623 octets 11 Rép(s) 110 933 270 528 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Disabled:Bonjour" "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\\Program Files\\ma-config.com\\maconfservice.exe"="C:\\Program Files\\ma-config.com\\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" Export de la clef SharedTaskScheduler [sharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\ 63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\ 6d,73,73,74,79,6c,65,73,00 "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\ 73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00 "ConsentPromptBehaviorAdmin"=dword:00000002 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... 127.0.0.1 activexupdate.com 127.0.0.1 www.activexupdate.com 127.0.0.1 www.antispywareupdates.net 127.0.0.1 antispywareupdates.net 127.0.0.1 aviupdate.com 127.0.0.1 www.aviupdate.com 127.0.0.1 avpcheckupdate.com 127.0.0.1 www.avpcheckupdate.com 127.0.0.1 www.bsplupdate.com 127.0.0.1 bsplupdate.com 127.0.0.1 client.exeupdate.com 127.0.0.1 dl765.privacy-update.com 127.0.0.1 www.eupdatepage.com 127.0.0.1 eupdatepage.com 127.0.0.1 www.exeupdate.com 127.0.0.1 exeupdate.com 127.0.0.1 www.flwupdate.com 127.0.0.1 flwupdate.com 127.0.0.1 www.hotwinupdates.com 127.0.0.1 hotwinupdates.com 127.0.0.1 www.lavasoftupdate.com 127.0.0.1 lavasoftupdate.com 127.0.0.1 www.liveprotectionupdate.cn 127.0.0.1 liveprotectionupdate.cn 127.0.0.1 www.malwarewipeupdate.com 127.0.0.1 malwarewipeupdate.com 127.0.0.1 www.movupdate.com 127.0.0.1 movupdate.com 127.0.0.1 www.mpegupdate.com 127.0.0.1 mpegupdate.com 127.0.0.1 www.msupdate.net 127.0.0.1 msupdate.net 127.0.0.1 www.msupdater.net 127.0.0.1 msupdater.net 127.0.0.1 www.necessaryupdates.com 127.0.0.1 necessaryupdates.com 127.0.0.1 newupdates.lzio.com 127.0.0.1 plupdate.com 127.0.0.1 www.plupdate.com 127.0.0.1 www.privacy-update.com 127.0.0.1 privacy-update.com 127.0.0.1 redirect.msupdate.net 127.0.0.1 www.registryupdate.org 127.0.0.1 registryupdate.org 127.0.0.1 search.keyword.exeupdate.com 127.0.0.1 www.securityupdatesite.com 127.0.0.1 securityupdatesite.com 127.0.0.1 settings.updatemysettings.com 127.0.0.1 www.spyaxeupdate.com 127.0.0.1 spyaxeupdate.com 127.0.0.1 www.spyfalconupdate.com 127.0.0.1 spyfalconupdate.com 127.0.0.1 www.systemupdates.net 127.0.0.1 systemupdates.net 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 update.680180.net 127.0.0.1 update.shareaza.com 127.0.0.1 www.updatemics.com 127.0.0.1 updatemics.com 127.0.0.1 www.updatemysettings.com 127.0.0.1 updatemysettings.com 127.0.0.1 updates.spywarequake.com 127.0.0.1 www.updatesantivirus.com 127.0.0.1 updatesantivirus.com 127.0.0.1 www.urgentsystemupdate.biz 127.0.0.1 urgentsystemupdate.biz 127.0.0.1 www.urgentsystemupdate.com 127.0.0.1 urgentsystemupdate.com 127.0.0.1 windupdates.com 127.0.0.1 xp-vista-update.net 127.0.0.1 www.xp-vista-update.net 127.0.0.1 pandaantivirus-2007.com 127.0.0.1 www.pandaantivirus-2007.com 127.0.0.1 www.pandadownload-now.com 127.0.0.1 pandadownload-now.com 127.0.0.1 www.panda-hq.com 127.0.0.1 panda-hq.com catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-12 08:37:26 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\KnownDeviceClasses\Mass Storage] "DeviceInterface"="{53F5630D-B6BF-11D0-94F2-00A0C91EFB8B}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\KnownDeviceClasses\Portable Audio Players] "DeviceInterface"="{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE}" "FilterParameter"="UseExtendedWmdm" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\KnownDeviceClasses\Windows CE] "DeviceInterface"="{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\KnownDeviceClasses\Windows CE RNDIS] "DeviceInterface"="{ad498944-762f-11d0-8dcb-00c04fc3358c}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\KnownDevices\WinCEDevice] "DeviceInterface"="{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}" "WMDMSPCLSID"="{067B4B81-B1EC-489f-B111-940EBDC44EBE}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\KnownDevices\WinCEDeviceRNDIS] "DeviceInterface"="{ad498944-762f-11d0-8dcb-00c04fc3358c}" "WMDMSPCLSID"="{067B4B81-B1EC-489f-B111-940EBDC44EBE}" scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 388 - alg.exe 408 - HPZipm12.exe 432 - iPodService.exe 484 - jusched.exe 580 - mDNSResponder.e 740 - svchost.exe 776 - FSMA32.EXE 788 - CDCtr.exe 840 - fsgk32.exe 856 - csrss.exe 888 - RTHDCPL.EXE 992 - FSHDLL32.EXE 1064 - winlogon.exe 1144 - services.exe 1156 - lsass.exe 1160 - nvsvc32.exe 1272 - jqs.exe 1364 - svchost.exe 1416 - OmniServ.exe 1440 - svchost.exe 1504 - fsav32.exe 1536 - svchost.exe 1588 - svchost.exe 1612 - scureapp.exe 1768 - svchost.exe 1812 - ehtray.exe 1952 - spoolsv.exe 2060 - ooneclockv65.ex 2244 - explorer.exe 2376 - EM_EXEC.EXE 2460 - msnmsgr.exe 2876 - iTunesHelper.ex 3044 - GrooveMonitor.e 3076 - iconcs80354875. 3088 - ATSwpNav.exe 3256 - svchost.exe 3268 - MailNotifier.ex 3288 - svchost.exe 3324 - ModHIDKey.exe 3332 - ctfmon.exe 3456 - X10nets.exe 3492 - SMPSYS.EXE 3508 - mcrdsvc.exe 3548 - mHotkey.exe 3716 - DriveIcon.exe 3764 - CALMAIN.exe 3824 - dllhost.exe 3832 - OPXPApp.exe 3848 - fssm32.exe 3928 - fsorsp.exe 3960 - fsdfwd.exe 3984 - apdproxy.exe 4024 - FSM32.EXE 4256 - iexplore.exe 4740 - cmd.exe 5504 - thunderbird.exe 5628 - iexplore.exe Total number of processes = 58 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntkrnlpa.exe 806E4000 - \WINDOWS\system32\hal.dll BA5A8000 - \WINDOWS\system32\KDCOM.DLL BA4B8000 - \WINDOWS\system32\BOOTVID.dll B9F78000 - ACPI.sys BA5AA000 - \WINDOWS\system32\DRIVERS\WMILIB.SYS B9F67000 - pci.sys BA0A8000 - isapnp.sys BA0B8000 - sshrmd.sys BA0C8000 - ssfs0bbc.sys B9F39000 - ssidrv.sys B9F0C000 - \WINDOWS\system32\DRIVERS\NDIS.SYS BA328000 - \WINDOWS\system32\DRIVERS\TDI.SYS BA670000 - pciide.sys BA330000 - \WINDOWS\system32\DRIVERS\PCIIDEX.SYS BA5AC000 - aliide.sys BA5AE000 - cmdide.sys BA5B0000 - toside.sys BA5B2000 - viaidexp.sys BA5B4000 - intelide.sys BA0D8000 - MountMgr.sys B9EED000 - ftdisk.sys BA5B6000 - dmload.sys B9EC7000 - dmio.sys BA338000 - PartMgr.sys BA340000 - pavboot.sys BA0E8000 - VolSnap.sys BA4BC000 - cpqarray.sys B9EAF000 - \WINDOWS\system32\DRIVERS\SCSIPORT.SYS B9E97000 - atapi.sys BA4C0000 - aha154x.sys BA348000 - sparrow.sys BA4C4000 - symc810.sys BA0F8000 - aic78xx.sys BA4C8000 - dac960nt.sys BA108000 - ql10wnt.sys BA4CC000 - amsint.sys BA350000 - asc.sys BA4D0000 - asc3550.sys BA358000 - mraid35x.sys BA360000 - i2omp.sys BA4D4000 - ini910u.sys BA118000 - ql1240.sys BA128000 - aic78u2.sys BA368000 - symc8xx.sys BA370000 - sym_hi.sys BA378000 - sym_u3.sys BA380000 - ABP480N5.SYS BA388000 - asc3350p.sys BA5B8000 - cd20xrnt.sys BA138000 - ultra.sys B9E7E000 - adpu160m.sys BA390000 - dpti2o.sys BA148000 - ql1080.sys BA158000 - ql1280.sys BA168000 - ql12160.sys BA398000 - perc2.sys BA5BA000 - perc2hib.sys BA3A0000 - hpn.sys BA4D8000 - cbidf2k.sys B9E52000 - dac2w2k.sys B9E3B000 - viamraid.sys BA178000 - disk.sys BA188000 - \WINDOWS\system32\DRIVERS\CLASSPNP.SYS B9E1B000 - fltmgr.sys B9E09000 - sr.sys BA198000 - PxHelp20.sys B9DF2000 - KSecDD.sys B9DDF000 - WudfPf.sys B9D52000 - Ntfs.sys B9D40000 - fsdfw.sys BA1A8000 - sisagp.sys BA1B8000 - viaagp.sys BA1C8000 - ohci1394.sys BA1D8000 - \WINDOWS\system32\DRIVERS\1394BUS.SYS B9D26000 - Mup.sys BA1E8000 - fsbts.sys BA1F8000 - alim1541.sys BA208000 - amdagp.sys BA218000 - agp440.sys BA228000 - agpCPQ.sys BA268000 - \SystemRoot\system32\DRIVERS\nic1394.sys B94AE000 - \SystemRoot\system32\DRIVERS\intelppm.sys B8408000 - \SystemRoot\system32\DRIVERS\nv4_mini.sys B83F4000 - \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS B831C000 - \SystemRoot\system32\DRIVERS\3xHybrid.sys B82F9000 - \SystemRoot\system32\DRIVERS\ks.sys B9C52000 - \SystemRoot\system32\DRIVERS\BdaSup.SYS B947E000 - \SystemRoot\system32\DRIVERS\imapi.sys BA408000 - \SystemRoot\system32\drivers\ASAPIW2k.sys B9C4A000 - \SystemRoot\system32\drivers\pfc.sys B945E000 - \SystemRoot\system32\DRIVERS\cdrom.sys B944E000 - \SystemRoot\system32\DRIVERS\redbook.sys BA410000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys BA418000 - \SystemRoot\system32\DRIVERS\usbuhci.sys B82D5000 - \SystemRoot\system32\DRIVERS\USBPORT.SYS BA428000 - \SystemRoot\system32\DRIVERS\usbehci.sys BA298000 - \SystemRoot\system32\DRIVERS\fetnd5bv.sys B82AD000 - \SystemRoot\system32\DRIVERS\HDAudBus.sys BA5F2000 - \SystemRoot\System32\Drivers\x10hid.sys BA2A8000 - \SystemRoot\System32\Drivers\HIDCLASS.SYS BA430000 - \SystemRoot\System32\Drivers\HIDPARSE.SYS BA684000 - \SystemRoot\system32\DRIVERS\audstub.sys BA2B8000 - \SystemRoot\system32\DRIVERS\rasl2tp.sys B9C3A000 - \SystemRoot\system32\DRIVERS\ndistapi.sys B8296000 - \SystemRoot\system32\DRIVERS\ndiswan.sys BA2D8000 - \SystemRoot\system32\DRIVERS\raspppoe.sys BA2E8000 - \SystemRoot\system32\DRIVERS\raspptp.sys B8285000 - \SystemRoot\system32\DRIVERS\psched.sys BA308000 - \SystemRoot\system32\DRIVERS\msgpc.sys BA448000 - \SystemRoot\system32\DRIVERS\ptilink.sys BA458000 - \SystemRoot\system32\DRIVERS\raspti.sys B8A4E000 - \SystemRoot\system32\DRIVERS\wanatw4.sys B8255000 - \SystemRoot\system32\DRIVERS\rdpdr.sys B9D06000 - \SystemRoot\system32\DRIVERS\termdd.sys B8A46000 - \SystemRoot\system32\DRIVERS\kbdclass.sys B8A36000 - \SystemRoot\system32\DRIVERS\mouclass.sys BA5F6000 - \SystemRoot\system32\DRIVERS\swenum.sys B81F7000 - \SystemRoot\system32\DRIVERS\update.sys B9C22000 - \SystemRoot\system32\DRIVERS\mssmbios.sys B81C9000 - \SystemRoot\system32\DRIVERS\MarvinBus.sys B7D75000 - \SystemRoot\system32\drivers\RtkHDAud.sys B7D51000 - \SystemRoot\system32\drivers\portcls.sys B9CD6000 - \SystemRoot\system32\drivers\drmk.sys B9C16000 - \SystemRoot\system32\DRIVERS\kbdhid.sys B9CB6000 - \SystemRoot\System32\Drivers\NDProxy.SYS B9A97000 - \SystemRoot\system32\DRIVERS\usbhub.sys BA636000 - \SystemRoot\system32\DRIVERS\USBD.SYS B7D41000 - \SystemRoot\System32\Drivers\i2omgmt.SYS BA640000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS BA775000 - \SystemRoot\System32\Drivers\Null.SYS BA644000 - \SystemRoot\System32\Drivers\Beep.SYS BA470000 - \SystemRoot\System32\drivers\vga.sys BA648000 - \SystemRoot\System32\Drivers\mnmdd.SYS BA64C000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys BA478000 - \SystemRoot\System32\Drivers\Msfs.SYS BA488000 - \SystemRoot\System32\Drivers\Npfs.SYS B7D39000 - \SystemRoot\system32\DRIVERS\rasacd.sys B5706000 - \SystemRoot\system32\DRIVERS\ipsec.sys B56AD000 - \SystemRoot\system32\DRIVERS\tcpip.sys B5685000 - \SystemRoot\system32\DRIVERS\netbt.sys B565F000 - \SystemRoot\system32\DRIVERS\ipnat.sys B9A47000 - \SystemRoot\system32\DRIVERS\wanarp.sys BA570000 - \SystemRoot\System32\drivers\ws2ifsl.sys B5615000 - \SystemRoot\System32\drivers\afd.sys B9A27000 - \SystemRoot\system32\DRIVERS\netbios.sys B94BE000 - \SystemRoot\system32\DRIVERS\arp1394.sys B55EA000 - \SystemRoot\system32\DRIVERS\rdbss.sys BA580000 - \??\C:\WINDOWS\system32\drivers\pclepci.sys B557A000 - \SystemRoot\system32\DRIVERS\mrxsmb.sys BA2F8000 - \SystemRoot\System32\Drivers\Fips.SYS B9D16000 - \??\C:\Program Files\AntivirusFirewall\HIPS\drivers\fshs.sys B9CE6000 - \SystemRoot\System32\Drivers\Cdfs.SYS BA4B0000 - \SystemRoot\system32\DRIVERS\usbccgp.sys BA3E0000 - \SystemRoot\system32\drivers\RTSTOR.SYS B5562000 - \SystemRoot\System32\Drivers\dump_atapi.sys BA5BE000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys B7D35000 - \SystemRoot\System32\drivers\Dxapi.sys BA3F8000 - \SystemRoot\System32\watchdog.sys BF000000 - \SystemRoot\System32\drivers\dxg.sys BA6E3000 - \SystemRoot\System32\drivers\dxgthk.sys B5653000 - \SystemRoot\system32\DRIVERS\hidusb.sys B564B000 - \SystemRoot\system32\DRIVERS\usbscan.sys BA440000 - \SystemRoot\system32\DRIVERS\usbprint.sys BA460000 - \SystemRoot\system32\DRIVERS\HPZius12.sys B8A2E000 - \SystemRoot\system32\DRIVERS\USBSTOR.SYS B9A87000 - \SystemRoot\system32\DRIVERS\HPZid412.sys B5637000 - \SystemRoot\system32\DRIVERS\HPZipr12.sys B9A77000 - \SystemRoot\system32\drivers\usbaudio.sys B52BA000 - \SystemRoot\system32\DRIVERS\camdrv41.sys B9A37000 - \SystemRoot\system32\DRIVERS\STREAM.SYS BA480000 - \SystemRoot\system32\DRIVERS\USBCAMD.SYS BF012000 - \SystemRoot\System32\nv4_disp.dll BFFA0000 - \SystemRoot\System32\ATMFD.DLL BA258000 - \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys B5156000 * --[Hidden]-- B5025000 - \SystemRoot\System32\Drivers\ATSwpDrv.sys B54B1000 - \SystemRoot\system32\DRIVERS\LHidFlt2.Sys B5282000 - \SystemRoot\system32\DRIVERS\mouhid.sys B50CA000 - \SystemRoot\system32\DRIVERS\LMouFlt2.Sys B4EE0000 - \SystemRoot\system32\DRIVERS\mrxdav.sys B4D87000 - \SystemRoot\System32\Drivers\HTTP.sys B4C18000 - \SystemRoot\system32\DRIVERS\srv.sys B48AF000 - \??\C:\WINDOWS\system32\drivers\tmcomm.sys B4689000 - \??\C:\Program Files\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys B396C000 - \SystemRoot\system32\drivers\wdmaud.sys B46DF000 - \SystemRoot\system32\drivers\sysaudio.sys B31BE000 - \SystemRoot\system32\DRIVERS\asyncmac.sys BA66E000 - \??\C:\DOCUME~1\robert\LOCALS~1\Temp\mbr.sys BA7B0000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 191 Liste des programmes installes 2570 2570_Help 2570Trb Acrobat.com Acrobat.com Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Recommended Settings Adobe Color JA Extra Settings Adobe Color NA Extra Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Photoshop CS3 Adobe Reader 9.2 Adobe Setup Adobe Shockwave Player 11.5 Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 Adobe® Photoshop® Album Edition Découverte 3.0 AiO_Scan_CDA AiOSoftwareNPI ALTools Update ALZip Anti-virus firewall Apple Application Support Apple Mobile Device Support Apple Software Update ATNavigation ATNavigation Auslogics Disk Defrag AVS Update Manager 1.0 AVS Video Converter 6 AVS4YOU Software Navigator 1.3 barre d'outils Orange BufferChm Canon Camera Access Library Canon Camera Support Core Library Canon Camera Window DC_DV 5 for ZoomBrowser EX Canon Camera Window DC_DV 6 for ZoomBrowser EX Canon Camera Window MC 6 for ZoomBrowser EX Canon G.726 WMP-Decoder CANON iMAGE GATEWAY Task Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities EOS Utility Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX CCleaner CDBurnerXP Codeur Windows Media Série 9 Codeur Windows Media Série 9 Correctif n° 2 pour Windows XP Édition Media Center 2005 Correctif pour Lecteur Windows Media 11 (KB939683) Correctif pour Windows Internet Explorer 7 (KB947864) Correctif pour Windows XP (KB952287) Correctif pour Windows XP (KB961118) Correctif pour Windows XP (KB970653-v3) Correctif pour Windows XP (KB976098-v2) CP_AtenaShokunin1Config CP_CalendarTemplates1 CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config CueTour CustomerResearchQFolder Destinations DeviceFunctionQFolder DeviceManagementQFolder DocProc DocumentViewer DocumentViewerQFolder DVD Solution Electronic Arts Product Registration Electronic Arts Product Registration eSupportQFolder F-Secure PSC Prerequisites Fax_CDA Firebird SQL Server - MAGIX Edition Free Window Registry Repair FullDPAppQFolder Garmin City Navigator Europe NT v9 Garmin MapSource Garmin POI Loader Garmin WebUpdater Google Update Helper Générations® 4.2 High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB954550-v5) HP Document Viewer 5.3 HP Extended Capabilities 5.3 HP Image Zone 5.3 HP Imaging Device Functions 5.3 HP Product Assistant HP PSC & OfficeJet 5.3.A HP Solution Center & Imaging Support Tools 5.3 HP Update HPProductAssistant Installation Windows Live Installation Windows Live InstantShareDevices iTunes Java 6 Update 17 JourneySoftwarePromo Junk Mail filter update K-Lite Codec Pack 5.5.1 (Full) Lecteur Windows Media 11 LightScribe 1.4.44.1 livebox Logitech MouseWare 9.79.1 Macromedia Flash Player 8 Macromedia Shockwave Player MAGIX 3D Maker (embeded) MAGIX Photo Manager 2008 5.0.3.356 (F) MAGIX Photos sur CD & DVD 8 8.0.3.2 (F) MAGIX Screenshare 4.3.6.1987 (F) MarketResearch MCE Software Encoder 1.0 Messenger Plus! Live Micro Application - Super Casse-Briques Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 French Language Pack Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Language Pack - FRA Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money 2000 Suite Financière Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access MUI (French) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office InfoPath MUI (French) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office PowerPoint Viewer 2007 (French) Microsoft Office Professional Plus 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft Software Update for Web Folders (French) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Tool Web Package : EXCTRLST.EXE Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Zoo Tycoon Mise à jour critique pour Lecteur Windows Media 11 (KB959772) Mise à jour de sécurité pour le Codeur Windows Media (KB954156) Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media (KB952069) Mise à jour de sécurité pour Lecteur Windows Media (KB954155) Mise à jour de sécurité pour Lecteur Windows Media (KB968816) Mise à jour de sécurité pour Lecteur Windows Media (KB973540) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154) Mise à jour de sécurité pour Step by Step Interactive Training (KB898458) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260) Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961) Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455) Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325) Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207) Mise à jour de sécurité pour Windows XP (KB923561) Mise à jour de sécurité pour Windows XP (KB938464-v2) Mise à jour de sécurité pour Windows XP (KB938464) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB946648) Mise à jour de sécurité pour Windows XP (KB950760) Mise à jour de sécurité pour Windows XP (KB950762) Mise à jour de sécurité pour Windows XP (KB950974) Mise à jour de sécurité pour Windows XP (KB951066) Mise à jour de sécurité pour Windows XP (KB951376-v2) Mise à jour de sécurité pour Windows XP (KB951376) Mise à jour de sécurité pour Windows XP (KB951698) Mise à jour de sécurité pour Windows XP (KB951748) Mise à jour de sécurité pour Windows XP (KB952004) Mise à jour de sécurité pour Windows XP (KB952954) Mise à jour de sécurité pour Windows XP (KB953839) Mise à jour de sécurité pour Windows XP (KB954211) Mise à jour de sécurité pour Windows XP (KB954459) Mise à jour de sécurité pour Windows XP (KB954600) Mise à jour de sécurité pour Windows XP (KB955069) Mise à jour de sécurité pour Windows XP (KB956391) Mise à jour de sécurité pour Windows XP (KB956572) Mise à jour de sécurité pour Windows XP (KB956744) Mise à jour de sécurité pour Windows XP (KB956802) Mise à jour de sécurité pour Windows XP (KB956803) Mise à jour de sécurité pour Windows XP (KB956841) Mise à jour de sécurité pour Windows XP (KB956844) Mise à jour de sécurité pour Windows XP (KB957095) Mise à jour de sécurité pour Windows XP (KB957097) Mise à jour de sécurité pour Windows XP (KB958644) Mise à jour de sécurité pour Windows XP (KB958687) Mise à jour de sécurité pour Windows XP (KB958690) Mise à jour de sécurité pour Windows XP (KB958869) Mise à jour de sécurité pour Windows XP (KB959426) Mise à jour de sécurité pour Windows XP (KB960225) Mise à jour de sécurité pour Windows XP (KB960715) Mise à jour de sécurité pour Windows XP (KB960803) Mise à jour de sécurité pour Windows XP (KB960859) Mise à jour de sécurité pour Windows XP (KB961371) Mise à jour de sécurité pour Windows XP (KB961373) Mise à jour de sécurité pour Windows XP (KB961501) Mise à jour de sécurité pour Windows XP (KB968537) Mise à jour de sécurité pour Windows XP (KB969059) Mise à jour de sécurité pour Windows XP (KB969898) Mise à jour de sécurité pour Windows XP (KB969947) Mise à jour de sécurité pour Windows XP (KB970238) Mise à jour de sécurité pour Windows XP (KB970430) Mise à jour de sécurité pour Windows XP (KB971468) Mise à jour de sécurité pour Windows XP (KB971486) Mise à jour de sécurité pour Windows XP (KB971557) Mise à jour de sécurité pour Windows XP (KB971633) Mise à jour de sécurité pour Windows XP (KB971657) Mise à jour de sécurité pour Windows XP (KB972270) Mise à jour de sécurité pour Windows XP (KB973346) Mise à jour de sécurité pour Windows XP (KB973354) Mise à jour de sécurité pour Windows XP (KB973507) Mise à jour de sécurité pour Windows XP (KB973525) Mise à jour de sécurité pour Windows XP (KB973869) Mise à jour de sécurité pour Windows XP (KB973904) Mise à jour de sécurité pour Windows XP (KB974112) Mise à jour de sécurité pour Windows XP (KB974318) Mise à jour de sécurité pour Windows XP (KB974392) Mise à jour de sécurité pour Windows XP (KB974571) Mise à jour de sécurité pour Windows XP (KB975467) Mise à jour de sécurité pour Windows XP (KB975560) Mise à jour de sécurité pour Windows XP (KB975713) Mise à jour de sécurité pour Windows XP (KB977165) Mise à jour de sécurité pour Windows XP (KB977914) Mise à jour de sécurité pour Windows XP (KB978037) Mise à jour de sécurité pour Windows XP (KB978251) Mise à jour de sécurité pour Windows XP (KB978262) Mise à jour de sécurité pour Windows XP (KB978706) Mise à jour pour Lecteur Windows Media 10 (KB910393) Mise à jour pour Lecteur Windows Media 10 (KB913800) Mise à jour pour Lecteur Windows Media 10 (KB926251) Mise à jour pour Windows Internet Explorer 8 (KB976749) Mise à jour pour Windows XP (KB951072-v2) Mise à jour pour Windows XP (KB951978) Mise à jour pour Windows XP (KB955759) Mise à jour pour Windows XP (KB955839) Mise à jour pour Windows XP (KB961503) Mise à jour pour Windows XP (KB967715) Mise à jour pour Windows XP (KB968389) Mise à jour pour Windows XP (KB971737) Mise à jour pour Windows XP (KB973687) Mise à jour pour Windows XP (KB973815) Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA Mozilla Thunderbird (2.0.0.23) MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero Suite NewCopy_CDA Nokia Connectivity Cable Driver Nokia PC Suite Nokia PC Suite Notification Mail NVIDIA Drivers OFFICE One 150 Modèles de documents OFFICE One 6.5 OFFICE One 6.5 Bureautique désinstallation complète 6.5 OFFICE One Clock 6.5 OFFICE One Coffre Fort v6 OFFICE One Color Picker 6.5 OFFICE One Comptes Bancaires v6 OFFICE One Guide 6.5 OFFICE One Notes 6.5 OFFICE One PDF Manager 6.5 OFFICE One Zip v6 Orange WebTV Player 1.28971 OrangeInstaller version 1.0.0.0 Outil de téléchargement Windows Live Package de pilotes Windows - Nokia Modem (11/03/2006 6.82.0.1) Packard Bell Data Secure Packard Bell ImageWriter v1.1 Packard Bell Piano Keyboard PanoStandAlone PC Connectivity Solution PDF Settings PDFTiger PDFTiger Kernel PDFTigerDriver Philips SPC 900NC PC Camera Philips VLounge PhotoFiltre PhotoGallery Picasa 3 Pinnacle Instant DVD Recorder PowerDirector Express PowerDVD PowerProducer ProductContextNPI QSuite Ver2.1 QuickTime RandMap Readme RealPlayer Realtek High Definition Audio Driver Revo Uninstaller 1.85 Scan ScannerCopy Secunia PSI Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for 2007 Microsoft Office System (KB973704) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Windows Search 4 - KB963093 Segoe UI Sierra Utilities SkinsHP1 SmartSound Quicktracks Plugin SmartSound Quicktracks Plugin SolutionCenter Sonic Encoders Sonic_PrimoSDK SPC 900NC PC Camera Spelling Dictionaries Support For Adobe Reader 9 Spy Sweeper Core Status TrayApp Ulead PhotoImpact 10 SE Ulead VideoStudio 9.0 SE DVD Unload Unlocker 1.8.8 Update for 2007 Microsoft Office System (KB967642) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Outlook 2007 Junk Email Filter (kb977719) Update for Outlook 2007 Junk Email Filter (kb977719) VIA Rhine-Family Fast-Ethernet Adapter VideoEgg Publisher Visionneuse Journal Windows Microsoft WebFldrs XP WebReg Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) Windows Driver Package - Nokia Modem (02/15/2007 3.1) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/26/2007 5.10.0.5391) Windows Imaging Component Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Contrôle parental Windows Live Mail Windows Live Messenger Windows Live OneCare safety scanner Windows Live Writer Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB925766 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 WinZip Self-Extractor X10 Hardware Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\Program Files 12/02/2010 08:32 <REP> . 12/02/2010 08:32 <REP> .. 16/11/2009 08:32 <REP> Adobe 19/12/2009 18:15 <REP> Ahead 18/11/2009 19:20 <REP> AntivirusFirewall 26/08/2008 07:24 <REP> Apple Software Update 26/12/2009 14:13 <REP> Auslogics 16/11/2009 08:32 <REP> AuthenTec 18/01/2010 13:16 <REP> AVS4YOU 10/02/2010 21:33 <REP> Bonjour 02/03/2008 11:45 <REP> Canon 04/12/2009 08:22 <REP> CCleaner 17/07/2009 21:02 <REP> CDBurnerXP 16/11/2009 08:32 <REP> Common Files 16/11/2009 08:32 <REP> ComPlus Applications 14/05/2008 20:08 <REP> CyberLink 14/05/2008 20:11 <REP> CyberLink DVD Solution 07/06/2007 06:25 <REP> DIFX 16/11/2009 08:32 <REP> directx 20/12/2009 12:01 <REP> DivX 10/02/2010 14:00 <REP> Electronic Arts 29/07/2009 09:09 <REP> eMule 12/02/2010 08:32 <REP> ESTsoft 16/01/2010 09:22 <REP> Fichiers communs 01/08/2008 13:05 <REP> Fingerprint Sensor 13/12/2009 23:26 <REP> Flash Video Studio 2.0 16/01/2010 17:54 <REP> Free Window Registry Repair 20/12/2009 18:05 <REP> Full Pack Codecs 16/11/2009 08:32 <REP> GeoVid 14/01/2010 15:47 <REP> Google 09/12/2008 04:35 <REP> HP 16/11/2009 08:32 <REP> Icone 10/12/2008 21:09 <REP> IKEA HomePlanner 16/11/2009 08:32 <REP> Illustrate 23/01/2010 03:01 <REP> Internet Explorer 09/02/2010 17:57 <REP> iPod 23/01/2007 17:46 <REP> ISSENDIS 09/02/2010 17:58 <REP> iTunes 16/12/2007 21:21 <REP> Jasc Software Inc 21/12/2009 22:32 <REP> Java 18/01/2010 13:17 <REP> K-Lite Codec Pack 16/11/2009 08:32 <REP> Learn2.com 16/11/2009 08:32 <REP> LETMIN 16/11/2009 08:32 <REP> LETMIN2 13/12/2009 23:41 <REP> Logitech 10/02/2010 21:39 <REP> ma-config.com 22/11/2009 10:12 <REP> MAGIX 04/02/2010 13:38 <REP> Malwarebytes' Anti-Malware 16/11/2009 08:32 <REP> Messenger 22/08/2009 16:46 <REP> Messenger Plus! Live 02/06/2007 10:55 <REP> Micro Application 16/11/2009 08:32 <REP> Microsoft 16/11/2009 08:32 <REP> microsoft frontpage 25/12/2009 16:37 <REP> Microsoft Games 16/01/2010 15:09 <REP> Microsoft GIF Animator 23/08/2009 21:27 <REP> Microsoft Money 01/02/2007 14:26 <REP> Microsoft Money(2) 16/11/2009 08:32 <REP> Microsoft Office 22/01/2010 00:29 <REP> Microsoft Silverlight 16/11/2009 08:32 <REP> Microsoft SQL Server Compact Edition 16/11/2009 08:32 <REP> Microsoft Visual Studio 16/11/2009 08:32 <REP> Microsoft Visual Studio 8 19/10/2009 11:10 <REP> Microsoft Works 16/11/2009 08:32 <REP> Microsoft.NET 23/04/2009 05:59 <REP> MioNet 16/11/2009 08:32 <REP> Movie Maker 12/02/2010 08:39 <REP> Mozilla Thunderbird 16/11/2009 08:32 <REP> MSBuild 16/11/2009 08:32 <REP> MSECache 16/11/2009 08:32 <REP> MSN 23/11/2006 03:41 <REP> MSN Gaming Zone 16/11/2009 08:32 <REP> MSXML 4.0 17/07/2009 19:30 <REP> myBabylon_English 16/11/2009 08:32 <REP> NetMeeting 15/07/2007 01:50 <REP> Nokia 16/11/2009 08:32 <REP> OFFICE One6.5 23/11/2006 03:45 <REP> Online Services 16/11/2009 08:32 <REP> Orange 16/11/2009 08:32 <REP> Outlook Express 30/11/2009 13:37 <REP> Packard Bell 18/11/2009 12:31 <REP> Packard Bell ImageWriter 30/07/2007 07:25 <REP> Packard Bell Keyboard 18/01/2010 14:18 <REP> PDFTiger 09/05/2007 17:13 <REP> Philips 04/05/2008 17:13 <REP> PhotoFiltre 19/10/2009 16:16 <REP> Pinnacle 19/12/2009 17:57 <REP> QSuite 12/01/2010 19:58 <REP> QuickTime 18/01/2010 14:19 <REP> qvPDF 23/11/2006 03:41 <REP> Real 23/11/2006 03:41 <REP> Realtek 16/11/2009 08:32 <REP> Reference Assemblies 16/01/2010 17:31 <REP> RegCleaner 16/01/2010 19:17 <REP> Resource Kit 09/11/2007 21:26 <REP> RssReader 10/02/2010 21:46 <REP> Seagate 27/12/2009 13:45 <REP> Secunia 16/11/2009 08:32 <REP> Securitoo 16/11/2009 08:32 <REP> Services en ligne 05/02/2009 18:32 <REP> Sierra Online 16/11/2009 08:32 <REP> SmartSound Software 23/11/2009 15:26 <REP> Sonic 24/01/2010 14:45 <REP> trend micro 09/08/2004 22:30 40 960 Uninstall_CDS.exe 16/01/2010 15:57 <REP> Unlocker 16/11/2009 08:32 <REP> USBESTDI 16/11/2009 08:32 <REP> user 16/11/2009 08:32 <REP> Viewpoint 05/11/2009 18:33 <REP> VS Revo Group 16/11/2009 08:32 <REP> Windows Desktop Search 08/10/2007 17:12 <REP> Windows Journal Viewer 22/08/2009 17:10 <REP> Windows Live 26/12/2009 18:36 <REP> Windows Live Safety Center 16/11/2009 08:32 <REP> Windows Live SkyDrive 29/12/2007 22:29 <REP> Windows Live Toolbar 23/11/2006 03:41 <REP> Windows Media Components 25/04/2007 16:27 <REP> Windows Media Connect 2 16/11/2009 08:32 <REP> Windows Media Player 16/11/2009 08:32 <REP> Windows NT 23/11/2006 03:41 <REP> Windows Plus 04/02/2010 13:44 <REP> WinRAR 10/01/2008 14:43 <REP> WinZip Self-Extractor 17/07/2009 17:46 <REP> X10 Hardware 16/11/2009 08:33 <REP> xerox 1 fichier(s) 40 960 octets 123 Rép(s) 110 914 596 864 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\Program Files\fichiers communs 16/01/2010 09:22 <REP> . 16/01/2010 09:22 <REP> .. 29/10/2009 07:45 <REP> Adobe 12/09/2008 07:32 <REP> Adobe AIR 01/02/2007 14:26 <REP> Adobe(2) 19/12/2009 18:02 <REP> Ahead 16/12/2007 21:21 <REP> AOL 16/12/2007 21:21 <REP> aolshare 09/02/2010 17:57 <REP> Apple 09/05/2007 17:13 <REP> ArcSoft 18/01/2010 13:15 <REP> AVSMedia 15/12/2007 18:10 <REP> Borland Shared 13/01/2008 10:43 <REP> Canon 07/02/2008 12:08 <REP> DESIGNER 23/01/2007 16:34 <REP> Hewlett-Packard 23/01/2007 16:38 <REP> HP 23/11/2006 03:41 <REP> InstallShield 18/11/2009 14:24 <REP> LightScribe 07/02/2007 17:15 <REP> Logitech 19/10/2009 18:36 <REP> Macrovision Shared 15/11/2009 19:30 <REP> MAGIX Shared 13/12/2009 23:12 <REP> Microsoft Shared 23/11/2006 03:41 <REP> MSSoap 18/11/2009 14:21 <REP> Nero 15/07/2007 01:55 <REP> Nokia 23/11/2006 03:41 <REP> Nullsoft 16/12/2007 21:21 <REP> ODBC 15/07/2007 01:56 <REP> PCSuite 10/11/2009 14:42 <REP> Real 23/11/2006 03:44 <REP> Services 23/11/2009 15:29 <REP> Sonic Shared 23/11/2006 03:41 <REP> SpeechEngines 16/12/2007 21:21 <REP> SWF Studio 10/01/2007 20:27 <REP> Symantec Shared 19/10/2009 11:08 <REP> System 23/11/2006 03:44 <REP> Ulead Systems 23/10/2008 11:58 <REP> Windows Live 06/06/2009 14:01 <REP> Wise Installation Wizard 08/11/2009 10:15 <REP> xara 10/11/2009 14:43 <REP> xing shared 0 fichier(s) 0 octets 40 Rép(s) 110 914 592 768 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 13/12/2009 16:20 <REP> . 13/12/2009 16:20 <REP> .. 13/12/2009 16:21 <REP> 1033 07/02/2008 12:04 <REP> 1036 20/11/2008 22:58 972 632 MSONSEXT.DLL 26/10/2006 20:12 40 256 MSOSV.DLL 03/06/1999 12:09 122 937 MSOWS409.DLL 07/03/2001 07:00 127 033 MSOWS40c.DLL 18/03/1999 05:37 593 977 RAGENT.DLL 5 fichier(s) 1 856 835 octets 4 Rép(s) 110 914 592 768 octets libres Le volume dans le lecteur C s'appelle HDD Le numéro de série du volume est A0F0-21B4 Répertoire de C:\Program Files\common files 16/11/2009 08:32 <REP> . 16/11/2009 08:32 <REP> .. 23/11/2006 03:41 <REP> X10 0 fichier(s) 0 octets 3 Rép(s) 110 914 592 768 octets libres c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\Administrateur\Application Data\Microsoft\Installer\{FB159DD9-6E5F-4C94-B288-E9D1D9FAFBA1}\ARPPRODUCTICON.exe c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\All Users\Application Data\MAGIX\Photos_sur_CD_DVD_8\Default\fcdummy.exe c:\Documents and Settings\All Users\Application Data\MAGIX\Photos_sur_CD_DVD_8\Default\Validation.exe c:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\GoogleToolbarInstaller_en32_signed.exe c:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe c:\Documents and Settings\All Users\Application Data\SymplisIT\DriverMagic\Data\59A159LF.exe c:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\DifXInstall32.exe c:\Documents and Settings\carolel\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\carolel\Application Data\Microsoft\Installer\{FB159DD9-6E5F-4C94-B288-E9D1D9FAFBA1}\ARPPRODUCTICON.exe c:\Documents and Settings\Default User\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\Default User\Application Data\Microsoft\Installer\{FB159DD9-6E5F-4C94-B288-E9D1D9FAFBA1}\ARPPRODUCTICON.exe c:\Documents and Settings\NetworkService\ZNW2\filehashfixup.exe c:\Documents and Settings\robert\Application Data\Canneverbe_Limited\cdbxpp.exe_Url_nfryvllqiqb1hla4nzefaejvhwflc2o0 c:\Documents and Settings\robert\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe c:\Documents and Settings\robert\Application Data\Microsoft\Installer\{441780BD-483E-4C54-A759-02143E87FF4C}\ARPPRODUCTICON.exe c:\Documents and Settings\robert\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe c:\Documents and Settings\robert\Application Data\Microsoft\Installer\{FB159DD9-6E5F-4C94-B288-E9D1D9FAFBA1}\ARPPRODUCTICON.exe c:\Documents and Settings\robert\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe c:\Documents and Settings\robert\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe c:\Documents and Settings\robert\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe c:\Documents and Settings\robert\Application Data\Simply Super Software\Trojan Remover\huu5D88.exe c:\Documents and Settings\robert\Application Data\Simply Super Software\Trojan Remover\pkh962E.exe c:\Documents and Settings\robert\Application Data\Simply Super Software\Trojan Remover\wdg962F.exe c:\Documents and Settings\robert\Application Data\U3\02213B606252294A\cleanup.exe c:\Documents and Settings\robert\Application Data\U3\02213B606252294A\Launchpad.exe c:\Documents and Settings\robert\Application Data\U3\temp\cleanup.exe c:\Documents and Settings\robert\Bureau\iyie7dup.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\gzip.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\mbr.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\md5sums.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\Psinfo.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\sigcheck.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\robert\Bureau\DiagHelp\DiagHelp\tar.exe c:\Documents and Settings\robert\Bureau\winxp\instmsia.exe c:\Documents and Settings\robert\Bureau\winxp\instmsiw.exe c:\Documents and Settings\robert\Bureau\winxp\setup.exe c:\Documents and Settings\robert\Local Settings\Apps\2.0\RH1PP7DY.LX1\ZN7JJKOM.KQB\clic...exe_9a8dfcd080ccb114_0001.0002_none_e863ce46e32d43b6\GoogleUpdateSetup.exe c:\Documents and Settings\robert\Local Settings\Apps\2.0\RH1PP7DY.LX1\ZN7JJKOM.KQB\prog...app_9a8dfcd080ccb114_0001.0002_067a109a96935c74\clickonce_bootstrap.exe c:\Documents and Settings\robert\Local Settings\Apps\2.0\RH1PP7DY.LX1\ZN7JJKOM.KQB\prog...app_9a8dfcd080ccb114_0001.0002_067a109a96935c74\GoogleUpdateSetup.exe c:\Documents and Settings\robert\Local Settings\Temporary Internet Files\Content.IE5\TWAR8HKZ\ALZip[1].exe c:\Documents and Settings\robert\Mes documents\191.07_desktop_winxp_32bit_international_whql.exe c:\Documents and Settings\robert\Mes documents\AVSVideoConverter.exe c:\Documents and Settings\robert\Mes documents\Adobe CS3\Photoshop\Adobe CS3\Setup.exe c:\Documents and Settings\robert\Mes documents\Adobe CS3\Photoshop\Adobe CS3\redist\WindowsInstaller-KB893803-v2-x86.exe c:\Documents and Settings\robert\Mes documents\Adobe CS3\Photoshop\Adobe CS3\redist\WindowsServer2003-KB898715-ia64-enu.exe c:\Documents and Settings\robert\Mes documents\Adobe CS3\Photoshop\Adobe CS3\redist\WindowsServer2003-KB898715-x64-enu.exe c:\Documents and Settings\robert\Mes documents\Adobe CS3\Photoshop\Adobe CS3\redist\WindowsServer2003-KB898715-x86-enu.exe c:\Documents and Settings\robert\Mes documents\Adobe CS3\Photoshop\Adobe CS3\redist\WindowsXP-KB898715-x64-enu.exe c:\Documents and Settings\robert\Mes documents\drivers\driver ge force.exe c:\Documents and Settings\robert\Mes documents\joelle\magix_brennroutinen_2009_8.1.0.185_de.exe c:\Documents and Settings\robert\Mes documents\joelle\photos_sur_cd___dvd_8_8.0.5.3_fr.exe c:\Documents and Settings\robert\Mes documents\joelle\JavaRa\JavaRa.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\gzip.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\mbr.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\md5sums.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\Psinfo.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\sigcheck.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\DiagHelp\DiagHelp\tar.exe c:\Documents and Settings\robert\Mes documents\OFFICE One Zip\RootRepeal\RootRepeal.exe c:\Documents and Settings\robert\Mes documents\robert\Mon Garmin\eurocampingcar.exe c:\Documents and Settings\All Users\Application Data\MGS\cache\a\advancedslots1.0a55799429d83e0cb0c51c4f8800bb5c.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.8a06ca9368d87091bc18256214f0ffe1.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx.515b62c381b162125cd165ff444a9767.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_temp.5e88daf7f878d5efd2174cb92d6c65e0.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\e\euroroulette.fa2b524975a5d8bbc30203d094e2b084.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\g\gamble.212eaf21a4805f8521d0d0c57b6a933b.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\g\gamble2.04f884d96aad7f5c7b941fdd39ed766d.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\g\gambleplugin.c4d8c6f5542066f894b7f2e575038afb.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.dad3e798b84695090d062c8c8b26aca2.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\m\mpvslotxxx.276f1f991ac5dec544df1ecad38bbc9a.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus.bb69121ba26b8b09500f7448266e3542.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_temp.ccad7e5a940d5494ce317984dbb504e2.dll c:\Documents and Settings\All Users\Application Data\MGS\cache\x\xmlparserplugin.57e9fd94cbd592ad475a3ca59462730f.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\DIFxAPI.dll c:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\x86\GEARAspi.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-2a7d0fd9-n\decora-d3d.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-2a7d0fd9-n\decora-sse.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-2a7d0fd9-n\jmc.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-2a7d0fd9-n\msvcp71.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-2a7d0fd9-n\msvcr71.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\21\14e5d595-797a2546-n\decora-d3d.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\21\14e5d595-797a2546-n\decora-sse.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\21\14e5d595-797a2546-n\jmc.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\21\14e5d595-797a2546-n\msvcp71.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\21\14e5d595-797a2546-n\msvcr71.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\45\4f710eed-5636387d-n\gluegen-rt.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-69e9e2aa-n\jogl.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-69e9e2aa-n\jogl_awt.dll c:\Documents and Settings\LocalService\Application Data\Sun\Java\Deployment\cache\6.0\62\6baea4fe-69e9e2aa-n\jogl_cg.dll c:\Documents and Settings\robert\Application Data\init.dll c:\Documents and Settings\robert\Application Data\sound.dll c:\Documents and Settings\robert\Application Data\SYSTEM32.dll c:\Documents and Settings\robert\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings\robert\Application Data\Microsoft\IdentityCRL\Production\ppcrlconfig.dll c:\Documents and Settings\robert\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll c:\Documents and Settings\robert\Application Data\Sun\Java\Deployment\cache\6.0\17\6d0ad391-7a6f6d7c-n\decora-d3d.dll c:\Documents and Settings\robert\Application Data\Sun\Java\Deployment\cache\6.0\17\6d0ad391-7a6f6d7c-n\decora-sse.dll c:\Documents and Settings\robert\Application Data\Sun\Java\Deployment\cache\6.0\54\1a209876-16815700-n\jmc.dll c:\Documents and Settings\robert\Application Data\Sun\Java\Deployment\cache\6.0\54\1a209876-16815700-n\msvcp71.dll c:\Documents and Settings\robert\Application Data\Sun\Java\Deployment\cache\6.0\54\1a209876-16815700-n\msvcr71.dll c:\Documents and Settings\robert\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll c:\Documents and Settings\robert\Application Data\Sun\Java\jre1.6.0_17\lzma.dll c:\Documents and Settings\robert\Application Data\U3\02213B606252294A\LPSecurityExtension.dll c:\Documents and Settings\robert\Application Data\U3\02213B606252294A\u3dapi10.dll c:\Documents and Settings\robert\Local Settings\Application Data\Microsoft\Messenger\Brands\FT01\fr-FR\wlmbrand.dll c:\Documents and Settings\robert\Local Settings\Application Data\Microsoft\Silverlight\DRM\agdrm000.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_joelle.tar.gz a l'adresse http://upload.malekal.com -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonjour, j ai réussi à lancer gmer, celui ci a tourné toute une journée, ensuite j ai enregistré le rapport et là le sablier ne s arretait plus, j ai du perdre le rapport car j ai arreté l ordi brutalement. je relance gmer ce soir bonne soirée -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonjour, voila j ai téléchargé rootrepeal il est dans le dossier systeme crée mais quand je clique dessus j ai un message en anglais ( patienter initialisation) j attends mais il ne se passe rien, et se message ne veut plus s effacer, je suis obliger d étiendre l ordinateur pour ne plus l avoir, je ne comprends pas , -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonsoir, je répète mon message j avais oublié d effacer comme je disais j ai du m absenter précipitamment et je rentre ce soir, je reprends donc mon pc en main, et je vais effectuer la procédure du dernier message je te remercie pour ta patience A plus tard -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonsoir, je suis toujours avec vous j ai du m absenter et je rentre seulement, je vais donc reprendre en main mon pc et faire la procédure du dernier message je te remercie pour ta patience moi aussi -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonsoir, je viens de prendre connaissance de ton message, je vais essayer de lancer le scan demain matin avant de partir je te remercie et te souhaite une bonne soirée -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonjour le scan GMER ne peu etre executer l'ecran bleu au bout de trois heures mëme erreur que signalé plus haut Le scan ESET voir rapport ci-joint C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP1121\A0300461.dll Win32/Adware.AntiMalwarePro.AA application cleaned by deleting - quarantined Bonne journée à bientot de te lire et merci pour ton support -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
le scan Prevx a trouvé : 2 infections : THREAT hijackthis-2.0.2.75917 exe in c:\document and setting robert THREAT cdctr.exe in c:\windows -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
-
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
j ai repris à zero, j ai donc relancé rsit ci-joint le rapport mais pour gmer j ai toujours mon écran bleu avec comme erreur 0x0000004e (0x0000007 - 0x0000c3a2 0x0000001 - 0x 0000000 ) N_list_corrupt Logfile of random's system information tool 1.06 (written by random/random) Run by robert at 2010-01-21 08:45:04 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 112 GB (38%) free of 297 GB Total RAM: 2046 MB (65% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:45:28, on 21/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\afasrv32.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Common\FSHDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\MHotkey.exe C:\Program Files\USBESTDI\iconcs80354875.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Orange\MailNotifier\MailNotifier.exe C:\WINDOWS\CDCtr.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\ModHidKey.exe C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe C:\Program Files\Secunia\PSI\psi.exe C:\Documents and Settings\robert\Bureau\RSIT.exe C:\Program Files\trend micro\robert.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?referrer=ign_n R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [OmniPass] "C:\Apps\Softex\OmniPass\scureapp.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE" O4 - HKLM\..\Run: [Alcmtr] "ALCMTR.EXE" O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" O4 - HKLM\..\Run: [synchronization Manager] "%SystemRoot%\system32\mobsync.exe" /logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [LchMHotkey] LchMHKey.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [uSBestCR] C:\Program Files\USBESTDI\iconcs80354875.exe RunFromReg O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'Default user') O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://logicielsgratuits.orange.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.fr/s/v/57.09/uploader2.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/30.61/uploader2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://joellerobert3.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8942.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://joellerobert3.spaces.live.com/Photo...ad/MsnPUpld.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfi...fig_4_0_1_3.cab O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - Logitech, Inc. - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Unknown owner - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (file missing) O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 15937 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\HPpromotions journeysoftware.job C:\WINDOWS\tasks\Scheduled scanning task.job C:\WINDOWS\tasks\User_Feed_Synchronization-{C3D361CC-FAC9-4004-85B3-377BD2D0B24A}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-12-20 321312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}] Browsing Protection Class - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll [2010-01-12 535288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-20 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-20 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} Locked {D3028143-6145-4318-99D3-3EDCE54A95A9} - barre d'outils Orange - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll [2009-08-05 2268464] {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll [2010-01-12 535288] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736] "ATSwpNav"=C:\Program Files\Fingerprint Sensor\ATSwpNav -run [] "OmniPass"=C:\Apps\Softex\OmniPass\scureapp.exe [2005-08-12 1859584] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016] "USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2005-12-21 73728] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] "nwiz"=nwiz.exe /install [] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952] "DriveIcons"=C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe [2005-12-09 656896] "Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143872] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "LchMHotkey"=C:\WINDOWS\LchMHKey.exe [2007-01-22 36864] "F-Secure Manager"=C:\Program Files\AntivirusFirewall\Common\FSM32.EXE [2009-08-05 199264] "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-20 149280] "Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "USBestCR"=C:\Program Files\USBESTDI\iconcs80354875.exe [2009-10-27 4218880] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MailNotifier"=C:\Program Files\Orange\MailNotifier\MailNotifier.exe [2009-10-12 692224] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DetectorApp] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB] C:\Program Files\AntivirusFirewall\FSGUI\TNBUtil.exe [2009-08-05 2349664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe [1999-08-03 127040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe [2008-01-11 493568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe [2009-11-10 222728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-06-28 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-11-10 198160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2005-05-12 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^OFFICE One Notes v6.5.lnk] C:\PROGRA~1\OFFICE~1.5\OFFICE~3\OONOTE~1.EXE [2003-10-20 559104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^robert^Menu Démarrer^Programmes^Démarrage^OFFICE One 6.5.lnk] C:\PROGRA~1\OFFICE~1.5\program\QUICKS~1.EXE [2004-03-08 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "ehRecvr"=2 "Apple Mobile Device"=2 "AOL ACS"=2 "WRConsumerService"=2 "WebrootSpySweeperService"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe C:\Documents and Settings\robert\Menu Démarrer\Programmes\Démarrage Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OPXPGina] C:\Apps\Softex\OmniPass\opxpgina.dll [2005-08-12 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutorun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0f49fbc1-ef5f-11db-a544-00038a000015}] shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9e0ce10-cc3e-11de-a726-00038a000015}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe ======List of files/folders created in the last 1 months====== 2010-01-20 09:30:42 ----D---- C:\Program Files\trend micro 2010-01-18 14:21:56 ----D---- C:\tmp 2010-01-18 14:20:19 ----A---- C:\Documents and Settings\robert\Application Data\SYSTEM32.dll 2010-01-18 14:20:19 ----A---- C:\Documents and Settings\robert\Application Data\init.dll 2010-01-18 14:20:08 ----A---- C:\Documents and Settings\robert\Application Data\sound.dll 2010-01-18 14:19:15 ----A---- C:\WINDOWS\system32\redmonnt.dll 2010-01-18 14:19:02 ----D---- C:\Program Files\qvPDF 2010-01-18 14:19:02 ----A---- C:\WINDOWS\system32\HPDOMON.DLL 2010-01-18 14:19:02 ----A---- C:\WINDOWS\system32\HPBMMON.DLL 2010-01-18 14:19:02 ----A---- C:\WINDOWS\system32\HPBHEALR.DLL 2010-01-18 14:18:51 ----D---- C:\Program Files\PDFTiger 2010-01-18 10:51:48 ----A---- C:\WINDOWS\system32\unrar.dll 2010-01-18 10:51:47 ----A---- C:\WINDOWS\avisplitter.ini 2010-01-18 10:51:44 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2010-01-18 10:51:43 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2010-01-18 10:51:43 ----A---- C:\WINDOWS\system32\xvidcore.dll 2010-01-18 10:51:41 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2010-01-18 10:51:41 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2010-01-18 10:51:38 ----D---- C:\Program Files\K-Lite Codec Pack 2010-01-16 19:24:51 ----A---- C:\WINDOWS\exctrlst.INI 2010-01-16 19:17:58 ----D---- C:\Program Files\Resource Kit 2010-01-16 17:40:25 ----D---- C:\Program Files\Free Window Registry Repair 2010-01-16 17:31:22 ----D---- C:\Program Files\RegCleaner 2010-01-16 15:52:37 ----D---- C:\Program Files\Unlocker 2010-01-16 09:24:50 ----D---- C:\Documents and Settings\robert\Application Data\AVS4YOU 2010-01-16 09:24:49 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2010-01-16 09:22:32 ----D---- C:\Program Files\Fichiers communs\AVSMedia 2010-01-16 09:22:17 ----D---- C:\Program Files\AVS4YOU 2010-01-14 03:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-12 20:03:29 ----D---- C:\Program Files\iPod 2010-01-12 20:02:47 ----D---- C:\Program Files\iTunes 2010-01-12 20:02:47 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-27 13:45:45 ----D---- C:\Program Files\Secunia 2009-12-26 14:14:04 ----D---- C:\Documents and Settings\robert\Application Data\Auslogics 2009-12-26 14:13:58 ----D---- C:\Program Files\Auslogics 2009-12-24 14:11:12 ----D---- C:\Documents and Settings\robert\Application Data\TERMINAL Studio 2009-12-24 14:11:04 ----A---- C:\WINDOWS\system32\bass.dll ======List of files/folders modified in the last 1 months====== 2010-01-21 08:13:55 ----D---- C:\WINDOWS\Temp 2010-01-21 08:13:54 ----D---- C:\WINDOWS 2010-01-21 08:08:28 ----SHD---- C:\WINDOWS\Installer 2010-01-21 08:08:28 ----HD---- C:\Config.Msi 2010-01-21 08:07:57 ----D---- C:\Program Files\Microsoft Silverlight 2010-01-21 08:05:15 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-21 08:04:31 ----D---- C:\WINDOWS\Registration 2010-01-20 20:53:01 ----D---- C:\WINDOWS\PREFETCH 2010-01-20 20:40:49 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-20 19:58:17 ----D---- C:\Program Files\Mozilla Thunderbird 2010-01-20 19:45:09 ----D---- C:\WINDOWS\Minidump 2010-01-20 11:47:09 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-20 10:25:17 ----D---- C:\WINDOWS\system32 2010-01-20 09:30:42 ----RD---- C:\Program Files 2010-01-18 14:34:50 ----D---- C:\DRIVERS 2010-01-18 14:19:39 ----D---- C:\WINDOWS\inf 2010-01-18 14:19:21 ----D---- C:\WINDOWS\Fonts 2010-01-18 10:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$ 2010-01-18 10:30:18 ----D---- C:\WINDOWS\system32\drivers 2010-01-16 16:34:34 ----RASH---- C:\BOOT.INI 2010-01-16 16:34:34 ----N---- C:\WINDOWS\win.ini 2010-01-16 16:34:34 ----N---- C:\WINDOWS\system.ini 2010-01-16 15:27:57 ----A---- C:\WINDOWS\system32\afasrv32.exe 2010-01-16 15:09:39 ----D---- C:\Program Files\Microsoft GIF Animator 2010-01-16 14:55:03 ----D---- C:\Program Files\Bonjour 2010-01-16 09:33:49 ----D---- C:\MyWorks 2010-01-16 09:22:32 ----D---- C:\Program Files\Fichiers communs 2010-01-14 15:47:34 ----D---- C:\Program Files\Google 2010-01-14 08:40:37 ----D---- C:\WINDOWS\Debug 2010-01-14 03:07:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-14 03:05:08 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-14 03:04:08 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-12 20:45:02 ----D---- C:\Documents and Settings\robert\Application Data\U3 2010-01-12 20:07:10 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-12 20:03:11 ----D---- C:\Program Files\Fichiers communs\Apple 2010-01-12 19:58:14 ----D---- C:\Program Files\QuickTime 2010-01-12 19:53:16 ----D---- C:\WINDOWS\WinSxS 2010-01-12 19:40:24 ----A---- C:\WINDOWS\gen4.ini 2010-01-10 19:09:47 ----A---- C:\WINDOWS\PhotoSnapViewer.INI 2010-01-10 10:35:28 ----D---- C:\WINDOWS\Downloaded Program Files 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2009-12-31 12:55:01 ----D---- C:\WINDOWS\Tasks 2009-12-30 21:56:37 ----D---- C:\WINDOWS\network diagnostic 2009-12-30 17:49:54 ----D---- C:\Documents and Settings\robert\Application Data\Google 2009-12-27 11:46:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-26 18:36:14 ----D---- C:\Program Files\Windows Live Safety Center 2009-12-26 18:26:59 ----D---- C:\Documents and Settings 2009-12-25 16:37:56 ----D---- C:\Program Files\Microsoft Games ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\AntivirusFirewall\HIPS\drivers\fshs.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys [] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 882688] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-02-23 11264] R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\System32\Drivers\ATSwpDrv.sys [2005-03-29 116594] R3 camvid40;Philips SPC 900NC PC Camera; C:\WINDOWS\system32\DRIVERS\camdrv41.sys [2005-08-25 1240576] R3 DCamUSBEMPIA;Dazzle DVC Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2005-12-21 100957] R3 emAudio;Dazzle DVC Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2005-12-21 19712] R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-06-25 43520] R3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2005-12-21 5245] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008] R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-17 25505] R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801] R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-21 20096] R3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2005-12-21 4493] R3 usbaudio;Philips USB Microphone; C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-06-25 43520] S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320] S3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-17 51729] S3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-17 37887] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320] S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288] S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688] S3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [] S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AfaService;Afa Card Reader Service; C:\WINDOWS\system32\afasrv32.exe [2010-01-16 65536] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe [2009-08-05 215648] R2 FSMA;FSMA; C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE [2009-08-05 186976] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-20 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2005-09-22 53248] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908] R2 omniserv;Softex OmniPass Service; C:\Apps\Softex\OmniPass\Omniserv.exe [2005-08-12 32768] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe [2009-08-05 522848] R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe [2009-11-23 55936] S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-30 135664] S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] S2 SrvCDEject;SrvCDEject; C:\Program Files\Packard Bell\SrvCDEject.exe [2006-07-25 613376] S2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-19 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-10 182768] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712] S4 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [] S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] -----------------EOF----------------- encore merci pour l aide je m aperçois qu il y a encore webrootsecurity je croyais l avoir supprimé -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonsoir, j ai bloque avec gmer ecran bleu j ai éteint et rallumé j ai lancé hijackthis voila le rapport ensuite j essaierai de nouveau gmer Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:05:29, on 20/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\afasrv32.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Common\FSHDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\dllhost.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\MHotkey.exe C:\Program Files\USBESTDI\iconcs80354875.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\APPS\SMP\SmpSys.exe C:\WINDOWS\CDCtr.exe C:\Program Files\Orange\MailNotifier\MailNotifier.exe C:\WINDOWS\ModHidKey.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe C:\Program Files\Secunia\PSI\psi.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\robert\Bureau\hijackthis-2.0.2.75917.exe C:\DOCUME~1\robert\LOCALS~1\Temp\hijackthis-2.0.2.75917.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?referrer=ign_n R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [OmniPass] "C:\Apps\Softex\OmniPass\scureapp.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE" O4 - HKLM\..\Run: [Alcmtr] "ALCMTR.EXE" O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" O4 - HKLM\..\Run: [synchronization Manager] "%SystemRoot%\system32\mobsync.exe" /logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [LchMHotkey] LchMHKey.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [uSBestCR] C:\Program Files\USBESTDI\iconcs80354875.exe RunFromReg O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'Default user') O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://logicielsgratuits.orange.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.fr/s/v/57.09/uploader2.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/30.61/uploader2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://joellerobert3.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8942.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://joellerobert3.spaces.live.com/Photo...ad/MsnPUpld.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfi...fig_4_0_1_3.cab O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - Logitech, Inc. - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Unknown owner - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (file missing) O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 16106 bytes -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
voici le rapport rsit Logfile of random's system information tool 1.06 (written by random/random) Run by robert at 2010-01-20 09:30:41 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 112 GB (38%) free of 297 GB Total RAM: 2046 MB (60% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:32:18, on 20/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\afasrv32.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AntivirusFirewall\Common\FSHDLL32.EXE C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\MHotkey.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\USBESTDI\iconcs80354875.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Orange\MailNotifier\MailNotifier.exe C:\WINDOWS\CDCtr.exe C:\WINDOWS\ModHidKey.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe C:\Program Files\Secunia\PSI\psi.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoAssistantPDF2TXTv6.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoAssistantPDFPasswordv6.exe C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoAssistantPDF2TXTv6.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Documents and Settings\robert\Bureau\RSIT.exe C:\Program Files\trend micro\robert.exe C:\WINDOWS\system32\rundll32.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?referrer=ign_n R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [OmniPass] "C:\Apps\Softex\OmniPass\scureapp.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE" O4 - HKLM\..\Run: [Alcmtr] "ALCMTR.EXE" O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" O4 - HKLM\..\Run: [synchronization Manager] "%SystemRoot%\system32\mobsync.exe" /logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [LchMHotkey] LchMHKey.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [uSBestCR] C:\Program Files\USBESTDI\iconcs80354875.exe RunFromReg O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (User 'Default user') O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://logicielsgratuits.orange.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.fr/s/v/57.09/uploader2.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/30.61/uploader2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://joellerobert3.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8942.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://joellerobert3.spaces.live.com/Photo...ad/MsnPUpld.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (Ma-Config control) - http://fichiers.touslesdrivers.com/maconfi...fig_4_0_1_3.cab O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Afa Card Reader Service (AfaService) - Unknown owner - C:\WINDOWS\system32\afasrv32.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - Logitech, Inc. - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Unknown owner - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe (file missing) O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 16386 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\HPpromotions journeysoftware.job C:\WINDOWS\tasks\Scheduled scanning task.job C:\WINDOWS\tasks\User_Feed_Synchronization-{C3D361CC-FAC9-4004-85B3-377BD2D0B24A}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-12-20 321312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}] Browsing Protection Class - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll [2010-01-12 535288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-20 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-20 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} Locked {D3028143-6145-4318-99D3-3EDCE54A95A9} - barre d'outils Orange - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll [2009-08-05 2268464] {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll [2010-01-12 535288] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-27 13684736] "ATSwpNav"=C:\Program Files\Fingerprint Sensor\ATSwpNav -run [] "OmniPass"=C:\Apps\Softex\OmniPass\scureapp.exe [2005-08-12 1859584] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016] "USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2005-12-21 73728] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168] "nwiz"=nwiz.exe /install [] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952] "DriveIcons"=C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe [2005-12-09 656896] "Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143872] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "LchMHotkey"=C:\WINDOWS\LchMHKey.exe [2007-01-22 36864] "F-Secure Manager"=C:\Program Files\AntivirusFirewall\Common\FSM32.EXE [2009-08-05 199264] "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-20 149280] "Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "USBestCR"=C:\Program Files\USBESTDI\iconcs80354875.exe [2009-10-27 4218880] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MailNotifier"=C:\Program Files\Orange\MailNotifier\MailNotifier.exe [2009-10-12 692224] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DetectorApp] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB] C:\Program Files\AntivirusFirewall\FSGUI\TNBUtil.exe [2009-08-05 2349664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] C:\WINDOWS\Logi_MwX.Exe [2003-12-17 19968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe [1999-08-03 127040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll [2009-03-27 86016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe [2008-01-11 493568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe [2009-11-10 222728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-06-28 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-11-10 198160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2005-05-12 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^OFFICE One Notes v6.5.lnk] C:\PROGRA~1\OFFICE~1.5\OFFICE~3\OONOTE~1.EXE [2003-10-20 559104] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Search.lnk] C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^robert^Menu Démarrer^Programmes^Démarrage^OFFICE One 6.5.lnk] C:\PROGRA~1\OFFICE~1.5\program\QUICKS~1.EXE [2004-03-08 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "ehRecvr"=2 "Apple Mobile Device"=2 "AOL ACS"=2 "WRConsumerService"=2 "WebrootSpySweeperService"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe C:\Documents and Settings\robert\Menu Démarrer\Programmes\Démarrage Secunia PSI.lnk - C:\Program Files\Secunia\PSI\psi.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OPXPGina] C:\Apps\Softex\OmniPass\opxpgina.dll [2005-08-12 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDriveAutorun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour" "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0f49fbc1-ef5f-11db-a544-00038a000015}] shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9e0ce10-cc3e-11de-a726-00038a000015}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe ======List of files/folders created in the last 1 months====== 2010-01-20 09:30:42 ----D---- C:\Program Files\trend micro 2010-01-18 14:21:56 ----D---- C:\tmp 2010-01-18 14:20:19 ----A---- C:\Documents and Settings\robert\Application Data\SYSTEM32.dll 2010-01-18 14:20:19 ----A---- C:\Documents and Settings\robert\Application Data\init.dll 2010-01-18 14:20:08 ----A---- C:\Documents and Settings\robert\Application Data\sound.dll 2010-01-18 14:19:15 ----A---- C:\WINDOWS\system32\redmonnt.dll 2010-01-18 14:19:02 ----D---- C:\Program Files\qvPDF 2010-01-18 14:19:02 ----A---- C:\WINDOWS\system32\HPDOMON.DLL 2010-01-18 14:19:02 ----A---- C:\WINDOWS\system32\HPBMMON.DLL 2010-01-18 14:19:02 ----A---- C:\WINDOWS\system32\HPBHEALR.DLL 2010-01-18 14:18:51 ----D---- C:\Program Files\PDFTiger 2010-01-18 10:51:48 ----A---- C:\WINDOWS\system32\unrar.dll 2010-01-18 10:51:47 ----A---- C:\WINDOWS\avisplitter.ini 2010-01-18 10:51:44 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2010-01-18 10:51:43 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2010-01-18 10:51:43 ----A---- C:\WINDOWS\system32\xvidcore.dll 2010-01-18 10:51:41 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2010-01-18 10:51:41 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2010-01-18 10:51:38 ----D---- C:\Program Files\K-Lite Codec Pack 2010-01-16 19:24:51 ----A---- C:\WINDOWS\exctrlst.INI 2010-01-16 19:17:58 ----D---- C:\Program Files\Resource Kit 2010-01-16 17:40:25 ----D---- C:\Program Files\Free Window Registry Repair 2010-01-16 17:31:22 ----D---- C:\Program Files\RegCleaner 2010-01-16 15:52:37 ----D---- C:\Program Files\Unlocker 2010-01-16 09:24:50 ----D---- C:\Documents and Settings\robert\Application Data\AVS4YOU 2010-01-16 09:24:49 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU 2010-01-16 09:22:32 ----D---- C:\Program Files\Fichiers communs\AVSMedia 2010-01-16 09:22:17 ----D---- C:\Program Files\AVS4YOU 2010-01-14 03:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-01-12 20:03:29 ----D---- C:\Program Files\iPod 2010-01-12 20:02:47 ----D---- C:\Program Files\iTunes 2010-01-12 20:02:47 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-27 13:45:45 ----D---- C:\Program Files\Secunia 2009-12-26 14:14:04 ----D---- C:\Documents and Settings\robert\Application Data\Auslogics 2009-12-26 14:13:58 ----D---- C:\Program Files\Auslogics 2009-12-24 14:11:12 ----D---- C:\Documents and Settings\robert\Application Data\TERMINAL Studio 2009-12-24 14:11:04 ----A---- C:\WINDOWS\system32\bass.dll ======List of files/folders modified in the last 1 months====== 2010-01-20 09:31:15 ----D---- C:\WINDOWS\PREFETCH 2010-01-20 09:30:42 ----RD---- C:\Program Files 2010-01-20 09:24:58 ----D---- C:\WINDOWS\Temp 2010-01-20 09:24:57 ----D---- C:\WINDOWS 2010-01-19 15:30:02 ----D---- C:\Program Files\Mozilla Thunderbird 2010-01-19 13:44:46 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-19 09:17:06 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-18 14:39:38 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-18 14:38:23 ----D---- C:\WINDOWS\Registration 2010-01-18 14:34:50 ----D---- C:\DRIVERS 2010-01-18 14:20:15 ----D---- C:\WINDOWS\system32 2010-01-18 14:19:39 ----D---- C:\WINDOWS\inf 2010-01-18 14:19:21 ----D---- C:\WINDOWS\Fonts 2010-01-18 10:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$ 2010-01-18 10:30:18 ----D---- C:\WINDOWS\system32\drivers 2010-01-16 19:18:05 ----SHD---- C:\WINDOWS\Installer 2010-01-16 19:17:59 ----HD---- C:\Config.Msi 2010-01-16 16:34:34 ----RASH---- C:\BOOT.INI 2010-01-16 16:34:34 ----N---- C:\WINDOWS\win.ini 2010-01-16 16:34:34 ----N---- C:\WINDOWS\system.ini 2010-01-16 15:27:57 ----A---- C:\WINDOWS\system32\afasrv32.exe 2010-01-16 15:09:39 ----D---- C:\Program Files\Microsoft GIF Animator 2010-01-16 14:55:03 ----D---- C:\Program Files\Bonjour 2010-01-16 09:33:49 ----D---- C:\MyWorks 2010-01-16 09:22:32 ----D---- C:\Program Files\Fichiers communs 2010-01-14 15:47:34 ----D---- C:\Program Files\Google 2010-01-14 08:40:37 ----D---- C:\WINDOWS\Debug 2010-01-14 03:07:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-01-14 03:05:08 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-01-14 03:04:08 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-12 20:45:02 ----D---- C:\Documents and Settings\robert\Application Data\U3 2010-01-12 20:07:10 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-12 20:03:11 ----D---- C:\Program Files\Fichiers communs\Apple 2010-01-12 19:58:14 ----D---- C:\Program Files\QuickTime 2010-01-12 19:53:16 ----D---- C:\WINDOWS\WinSxS 2010-01-12 19:40:24 ----A---- C:\WINDOWS\gen4.ini 2010-01-10 19:09:47 ----A---- C:\WINDOWS\PhotoSnapViewer.INI 2010-01-10 10:35:28 ----D---- C:\WINDOWS\Downloaded Program Files 2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe 2009-12-31 12:55:01 ----D---- C:\WINDOWS\Tasks 2009-12-30 21:56:37 ----D---- C:\WINDOWS\network diagnostic 2009-12-30 17:49:54 ----D---- C:\Documents and Settings\robert\Application Data\Google 2009-12-27 11:46:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-26 18:36:14 ----D---- C:\Program Files\Windows Live Safety Center 2009-12-26 18:26:59 ----D---- C:\Documents and Settings 2009-12-25 16:37:56 ----D---- C:\Program Files\Microsoft Games 2009-12-21 22:43:02 ----D---- C:\WINDOWS\Help 2009-12-21 22:32:03 ----D---- C:\Program Files\Java 2009-12-21 18:03:01 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\AntivirusFirewall\HIPS\drivers\fshs.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys [] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 882688] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-02-23 11264] R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\System32\Drivers\ATSwpDrv.sys [2005-03-29 116594] R3 camvid40;Philips SPC 900NC PC Camera; C:\WINDOWS\system32\DRIVERS\camdrv41.sys [2005-08-25 1240576] R3 DCamUSBEMPIA;Dazzle DVC Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2005-12-21 100957] R3 emAudio;Dazzle DVC Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2005-12-21 19712] R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-06-25 43520] R3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2005-12-21 5245] R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\minifilter\fsgk.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008] R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-17 25505] R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-17 70801] R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-27 6280416] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368] R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648] R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2005-12-21 20096] R3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2005-12-21 4493] R3 usbaudio;Philips USB Microphone; C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-06-25 43520] S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320] S3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-17 51729] S3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-17 37887] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320] S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288] S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688] S3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [] S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AfaService;Afa Card Reader Service; C:\WINDOWS\system32\afasrv32.exe [2010-01-16 65536] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe [2009-08-05 215648] R2 FSMA;FSMA; C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE [2009-08-05 186976] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-20 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2005-09-22 53248] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-27 163908] R2 omniserv;Softex OmniPass Service; C:\Apps\Softex\OmniPass\Omniserv.exe [2005-08-12 32768] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe [2009-08-05 522848] R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe [2009-11-23 55936] R3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-30 135664] S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] S2 SrvCDEject;SrvCDEject; C:\Program Files\Packard Bell\SrvCDEject.exe [2006-07-25 613376] S2 WebrootSpySweeperService;Moteur Webroot Spy Sweeper; C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe [] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-19 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-10 182768] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712] S4 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe [] S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808] -----------------EOF----------------- -
trojan fakealert résolu
toscabriane a répondu à un(e) sujet de toscabriane dans Analyses et éradication malwares
bonjour, je te remercie avec beaucoup de retard, désolé, mais je suis partie pour un mois environ, et ma soeur n a pas su suivre. je vais donc faire ce que tu me dis et te recontacte -
comment suprimer weebroot
toscabriane a répondu à un(e) sujet de toscabriane dans Optimisation, Trucs & Astuces
oui je l ai désactiver. j ai réussi je ne trouve plus webroot ni spysweeper jepense que je le dois à regcleaner merci à tous -
comment suprimer weebroot
toscabriane a répondu à un(e) sujet de toscabriane dans Optimisation, Trucs & Astuces
j ai également téléchargé free window registry repair, et ccleaner je vous donnerai la réponse demain bonsoir -
comment suprimer weebroot
toscabriane a répondu à un(e) sujet de toscabriane dans Optimisation, Trucs & Astuces
impossible également, accés refusé ! impossible de fermer le processus, accés refusé je vais faire donc un essai avec regcleaner bonne soirée à tous -
comment suprimer weebroot
toscabriane a répondu à un(e) sujet de toscabriane dans Optimisation, Trucs & Astuces
impossible avec révo uninstaller, et également avec unlocker plus dans les programmes mais toujours dans programme files et windows je vais essayer avec regcleaner pour faire un nettoyage -
bonsoir, mon pc est lent, je pense que je le dois à weebroot, j ai essaye de le supprimer, impossible, même par explorateur windows, Je ne peux pas fermer le processus de spysweeper. J ai sécuritoo comme antivirus et souhaite le garder pouvez vous m aider mercçi
-
bonsoir, voilà j ai fait une analyse avec Malwzarebytes, et celui ci m a trouvé 3 fichiers infectés par le trojan fakealert est ce grave, j ai lancé le nettoyage, mais je ne sais pas si mes fichiers sont toujours infectés ? pouvez vous m aider merci Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3401 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 21/12/2009 18:00:14 mbam-log-2009-12-21 (17-59-50).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 333335 Temps écoulé: 2 hour(s), 0 minute(s), 27 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Trojan.FakeAlert) -> No action taken. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\APPS\OFFICE_1\All\oone\setup.exe (Trojan.FakeAlert) -> No action taken. C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP1154\A0315520.exe (Trojan.FakeAlert) -> No action taken.
-
bonjour je trouve mon pc lent et quelque fois il y a des plantage, j avais télécharge webroot spy sweeper et celui ci m a trouvé 900 erreurs, je n ai pas voulu l acheter et j ai voulu le désinstaller mais impossible de l effacer complétement, je pense qu il ralenti mon ordi,je vous joints le rapport, car je ne sais pas le lire Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:06:05, on 05/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\Common\FSHDLL32.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\Program Files\Winsudate\gibsvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Fingerprint Sensor\ATSwpNav.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\drivers\PhiBtn.exe C:\WINDOWS\System32\drivers\Tray900.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\APPS\SMP\SmpSys.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\MHotkey.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\CDCtr.exe C:\WINDOWS\ModHidKey.exe C:\Program Files\Winsudate\gibusr.exe C:\Program Files\Orange\MailNotifier\MailNotifier.exe C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig?referrer=ign_n R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {AEEC3B59-CA98-4EBA-A140-57B94E283583} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\AntivirusFirewall\NRS\iescript\baselitmus.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run O4 - HKLM\..\Run: [OmniPass] "C:\Apps\Softex\OmniPass\scureapp.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [uSB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController O4 - HKLM\..\Run: [PhiBtn] "%SystemRoot%\System32\drivers\PhiBtn.exe" O4 - HKLM\..\Run: [Traymin900] "%SystemRoot%\System32\drivers\Tray900.exe" O4 - HKLM\..\Run: [bOOT] "C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe" /BOOT O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE" O4 - HKLM\..\Run: [Alcmtr] "ALCMTR.EXE" O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [DriveIcons] "C:\Program Files\Realtek\Card Reader Software\DriveIcon\DriveIcon.exe" O4 - HKLM\..\Run: [synchronization Manager] "%SystemRoot%\system32\mobsync.exe" /logon O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PBEjectButtonControl] C:\Program Files\Packard Bell Eject buttons control\EjectButtonControl.exe O4 - HKLM\..\Run: [LchMHotkey] LchMHKey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\DOCUME~1\robert\LOCALS~1\Temp\cce5C.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: traduire la page - C:\DOCUME~1\robert\LOCALS~1\Temp\cce5A.html O8 - Extra context menu item: traduire le texte sélectionné - C:\DOCUME~1\robert\LOCALS~1\Temp\cce5B.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O15 - Trusted Zone: http://logicielsgratuits.orange.fr O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {275D2217-FFE8-46B5-8FD2-B18CA0B7EE36} (Seagate SeaTools Online French) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.fr/s/v/57.09/uploader2.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/30.61/uploader2.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://joellerobert3.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - http://logicielsgratuits.orange.fr/downloa...geInstaller.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8942.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://joellerobert3.spaces.live.com/Photo...ad/MsnPUpld.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/MaConfig_3_5_3_0.cab O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-fr.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.securitoo.com/ols/fscax.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SrvCDEject - Unknown owner - C:\Program Files\Packard Bell\SrvCDEject.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 16816 bytes merci si vous pouvez m aider à améliorer mon pc