Aller au contenu

Ouine d'oz

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    31

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Ouine d'oz

  1. Ouine d'oz
    Je n'ai pas retrouvé les fichiers sur G: par la fonction "rechercher". En revanche, ils étaient dans la zone de quarantaine d'Avast (j'ai fini par trouver comment la visualiser !). J'ai supprimé les deux fichiers par Avast puis j'ai vidé la corbeille (dans laquelle je ne les voyais pas, je le précise). Ok pour le point de restauration, enfin j'espère. J'ai relancé un scan Avast. Il ya deux fichiers qu'Avast n'a pas pu scanner (car protégés par un mot de passe ). Ces fichiers sont : C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE\BIOSLOCK.PIF C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE\BIOSLOCK.EXE J'ai mis le premier dans la zone de quarantaine (je peux le restaurer) mais impossible de faire quoi que ce soit avec le second. Ils servent à quoi ces deux fichiers ? Voici le rapport Avast avast! Antirootkit, version 1.0 Scan started: samedi 12 décembre 2009 14:36:27 Process [0] Process [4] Process C:\WINDOWS\system32\smss.exe [524] Process C:\WINDOWS\system32\csrss.exe [576] Process C:\WINDOWS\system32\winlogon.exe [604] Process C:\WINDOWS\system32\services.exe [648] Process C:\WINDOWS\system32\lsass.exe [660] Process C:\WINDOWS\system32\svchost.exe [824] Process C:\WINDOWS\system32\svchost.exe [872] Process C:\WINDOWS\system32\svchost.exe [952] Process C:\WINDOWS\system32\svchost.exe [984] Process C:\WINDOWS\system32\svchost.exe [1044] Process C:\WINDOWS\system32\svchost.exe [1100] Process C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe [1192] Process C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe [1244] Process C:\WINDOWS\system32\spoolsv.exe [1636] Process C:\WINDOWS\system32\svchost.exe [1708] Process C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [1740] Process C:\Program Files\Bonjour\mDNSResponder.exe [1760] Process C:\WINDOWS\system32\drivers\CDAC11BA.EXE [1776] Process C:\Program Files\Java\jre6\bin\jqs.exe [1852] Process C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [1976] Process C:\WINDOWS\system32\slserv.exe [140] Process C:\WINDOWS\system32\svchost.exe [252] Process C:\Program Files\Virtual CD v4 SDK\System\vcssecs.exe [428] Process C:\WINDOWS\wanmpsvc.exe [480] Process C:\Program Files\Canon\CAL\CALMAIN.exe [1360] Process C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe [2096] Process C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe [2120] Process C:\WINDOWS\explorer.exe [2388] Process C:\WINDOWS\system32\alg.exe [2692] Process C:\APPS\ABoard\ABOARD.EXE [2808] Process C:\APPS\ABoard\AOSD.EXE [2848] Process C:\Program Files\Virtual CD v4 SDK\System\vcsplay.exe [2936] Process C:\WINDOWS\vsnpstd.exe [2972] Process C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe [2988] Process C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [3024] Process C:\Program Files\Java\jre6\bin\jusched.exe [3684] Process C:\Program Files\iTunes\iTunesHelper.exe [3728] Process C:\WINDOWS\system32\ctfmon.exe [3752] Process C:\Program Files\Microsoft ActiveSync\wcescomm.exe [3788] Process C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3840] Process C:\Program Files\WinZip\WZQKPICK.EXE [3996] Process C:\Program Files\Secunia\PSI\psi.exe [4012] Process C:\Program Files\iPod\bin\iPodService.exe [132] Process C:\Program Files\Windows Live\Contacts\wlcomm.exe [1896] Process C:\Program Files\DjiboutiTelecom_Kit_Internet\DjibTelecomKit.exe [2884] Process C:\Program Files\Internet Explorer\iexplore.exe [2612] Process C:\Program Files\Internet Explorer\iexplore.exe [2780] Process C:\Program Files\ANTIVIRUS\Avast4\ashSimpl.exe [2332] Disk 0 MBR File C:\WINDOWS\system32\Drivers\1394bus.sys File C:\WINDOWS\system32\Drivers\aavmker4.sys File C:\WINDOWS\system32\Drivers\ABP480N5.SYS File C:\WINDOWS\system32\Drivers\acpi.sys File C:\WINDOWS\system32\Drivers\acpiec.sys File C:\WINDOWS\system32\Drivers\adpu160m.sys File C:\WINDOWS\system32\Drivers\adv01nt5.dll File C:\WINDOWS\system32\Drivers\adv02nt5.dll File C:\WINDOWS\system32\Drivers\adv05nt5.dll File C:\WINDOWS\system32\Drivers\adv07nt5.dll File C:\WINDOWS\system32\Drivers\adv08nt5.dll File C:\WINDOWS\system32\Drivers\adv09nt5.dll File C:\WINDOWS\system32\Drivers\adv11nt5.dll File C:\WINDOWS\system32\Drivers\aeaudio.sys File C:\WINDOWS\system32\Drivers\aec.sys File C:\WINDOWS\system32\Drivers\afd.sys File C:\WINDOWS\system32\Drivers\agp440.sys File C:\WINDOWS\system32\Drivers\agpcpq.sys File C:\WINDOWS\system32\Drivers\aha154x.sys File C:\WINDOWS\system32\Drivers\aic78u2.sys File C:\WINDOWS\system32\Drivers\aic78xx.sys File C:\WINDOWS\system32\Drivers\aliide.sys File C:\WINDOWS\system32\Drivers\alim1541.sys File C:\WINDOWS\system32\Drivers\amdagp.sys File C:\WINDOWS\system32\Drivers\amdk6.sys File C:\WINDOWS\system32\Drivers\amdk7.sys File C:\WINDOWS\system32\Drivers\amsint.sys File C:\WINDOWS\system32\Drivers\arp1394.sys File C:\WINDOWS\system32\Drivers\asapi.sys File C:\WINDOWS\system32\Drivers\asc.sys File C:\WINDOWS\system32\Drivers\asc3350p.sys File C:\WINDOWS\system32\Drivers\asc3550.sys File C:\WINDOWS\system32\Drivers\asctrm.sys File C:\WINDOWS\system32\Drivers\aswFsBlk.sys File C:\WINDOWS\system32\Drivers\aswmon.sys File C:\WINDOWS\system32\Drivers\aswmon2.sys File C:\WINDOWS\system32\Drivers\aswRdr.sys File C:\WINDOWS\system32\Drivers\aswSP.sys File C:\WINDOWS\system32\Drivers\aswTdi.sys File C:\WINDOWS\system32\Drivers\asyncmac.sys File C:\WINDOWS\system32\Drivers\atapi.sys File C:\WINDOWS\system32\Drivers\ati1btxx.sys File C:\WINDOWS\system32\Drivers\ati1mdxx.sys File C:\WINDOWS\system32\Drivers\ati1pdxx.sys File C:\WINDOWS\system32\Drivers\ati1raxx.sys File C:\WINDOWS\system32\Drivers\ati1rvxx.sys File C:\WINDOWS\system32\Drivers\ati1snxx.sys File C:\WINDOWS\system32\Drivers\ati1ttxx.sys File C:\WINDOWS\system32\Drivers\ati1tuxx.sys File C:\WINDOWS\system32\Drivers\ati1xbxx.sys File C:\WINDOWS\system32\Drivers\ati1xsxx.sys File C:\WINDOWS\system32\Drivers\ati2mtaa.sys File C:\WINDOWS\system32\Drivers\ati2mtag.sys File C:\WINDOWS\system32\Drivers\atinbtxx.sys File C:\WINDOWS\system32\Drivers\atinmdxx.sys File C:\WINDOWS\system32\Drivers\atinpdxx.sys File C:\WINDOWS\system32\Drivers\atinraxx.sys File C:\WINDOWS\system32\Drivers\atinrvxx.sys File C:\WINDOWS\system32\Drivers\atinsnxx.sys File C:\WINDOWS\system32\Drivers\atinttxx.sys File C:\WINDOWS\system32\Drivers\atintuxx.sys File C:\WINDOWS\system32\Drivers\atinxbxx.sys File C:\WINDOWS\system32\Drivers\atinxsxx.sys File C:\WINDOWS\system32\Drivers\ativmc20.cod File C:\WINDOWS\system32\Drivers\atmarpc.sys File C:\WINDOWS\system32\Drivers\atmepvc.sys File C:\WINDOWS\system32\Drivers\ATMHELPR.SYS File C:\WINDOWS\system32\Drivers\atmlane.sys File C:\WINDOWS\system32\Drivers\atmuni.sys File C:\WINDOWS\system32\Drivers\atv01nt5.dll File C:\WINDOWS\system32\Drivers\atv02nt5.dll File C:\WINDOWS\system32\Drivers\atv04nt5.dll File C:\WINDOWS\system32\Drivers\atv06nt5.dll File C:\WINDOWS\system32\Drivers\atv10nt5.dll File C:\WINDOWS\system32\Drivers\audstub.sys File C:\WINDOWS\system32\Drivers\bcm42rly.sys File C:\WINDOWS\system32\Drivers\bdasup.sys File C:\WINDOWS\system32\Drivers\beep.sys File C:\WINDOWS\system32\Drivers\bridge.sys File C:\WINDOWS\system32\Drivers\bthenum.sys File C:\WINDOWS\system32\Drivers\bthmodem.sys File C:\WINDOWS\system32\Drivers\bthpan.sys File C:\WINDOWS\system32\Drivers\bthport.sys File C:\WINDOWS\system32\Drivers\bthprint.sys File C:\WINDOWS\system32\Drivers\bthusb.sys File C:\WINDOWS\system32\Drivers\cbidf2k.sys File C:\WINDOWS\system32\Drivers\ccdecode.sys File C:\WINDOWS\system32\Drivers\cd20xrnt.sys File C:\WINDOWS\system32\Drivers\CDAC11BA.EXE File C:\WINDOWS\system32\Drivers\CdaC15BA.SYS File C:\WINDOWS\system32\Drivers\cdaudio.sys File C:\WINDOWS\system32\Drivers\cdfs.sys File C:\WINDOWS\system32\Drivers\cdrom.sys File C:\WINDOWS\system32\Drivers\CESG502.sys File C:\WINDOWS\system32\Drivers\ch7xxnt5.dll File C:\WINDOWS\system32\Drivers\cinemst2.sys File C:\WINDOWS\system32\Drivers\classpnp.sys File C:\WINDOWS\system32\Drivers\cmdide.sys File C:\WINDOWS\system32\Drivers\cpqarray.sys File C:\WINDOWS\system32\Drivers\cpqdap01.sys File C:\WINDOWS\system32\Drivers\crusoe.sys File C:\WINDOWS\system32\Drivers\cxthsfs2.cty File C:\WINDOWS\system32\Drivers\dac2w2k.sys File C:\WINDOWS\system32\Drivers\dac960nt.sys File C:\WINDOWS\system32\Drivers\disdn File C:\WINDOWS\system32\Drivers\disk.sys File C:\WINDOWS\system32\Drivers\diskdump.sys File C:\WINDOWS\system32\Drivers\dmboot.sys File C:\WINDOWS\system32\Drivers\dmio.sys File C:\WINDOWS\system32\Drivers\dmload.sys File C:\WINDOWS\system32\Drivers\dmusic.sys File C:\WINDOWS\system32\Drivers\dpti2o.sys File C:\WINDOWS\system32\Drivers\drmk.sys File C:\WINDOWS\system32\Drivers\drmkaud.sys File C:\WINDOWS\system32\Drivers\dxapi.sys File C:\WINDOWS\system32\Drivers\dxg.sys File C:\WINDOWS\system32\Drivers\dxgthk.sys File C:\WINDOWS\system32\Drivers\enum1394.sys File C:\WINDOWS\system32\Drivers\etc File C:\WINDOWS\system32\Drivers\etc\hosts File C:\WINDOWS\system32\Drivers\etc\hosts.ics File C:\WINDOWS\system32\Drivers\etc\hosts.msn File C:\WINDOWS\system32\Drivers\etc\lmhosts.sam File C:\WINDOWS\system32\Drivers\etc\networks File C:\WINDOWS\system32\Drivers\etc\protocol File C:\WINDOWS\system32\Drivers\etc\services File C:\WINDOWS\system32\Drivers\fastfat.sys File C:\WINDOWS\system32\Drivers\fdc.sys File C:\WINDOWS\system32\Drivers\fips.sys File C:\WINDOWS\system32\Drivers\flpydisk.sys File C:\WINDOWS\system32\Drivers\fltmgr.sys File C:\WINDOWS\system32\Drivers\fsvga.sys File C:\WINDOWS\system32\Drivers\fs_rec.sys File C:\WINDOWS\system32\Drivers\ftdisk.sys File C:\WINDOWS\system32\Drivers\gagp30kx.sys File C:\WINDOWS\system32\Drivers\gameenum.sys File C:\WINDOWS\system32\Drivers\gckernel.sys File C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys File C:\WINDOWS\system32\Drivers\gm.dls File C:\WINDOWS\system32\Drivers\gmreadme.txt File C:\WINDOWS\system32\Drivers\hdaudbus.sys File C:\WINDOWS\system32\Drivers\hidbth.sys File C:\WINDOWS\system32\Drivers\hidclass.sys File C:\WINDOWS\system32\Drivers\hidir.sys File C:\WINDOWS\system32\Drivers\hidparse.sys File C:\WINDOWS\system32\Drivers\HIDSwvd.sys File C:\WINDOWS\system32\Drivers\hidusb.sys File C:\WINDOWS\system32\Drivers\hp53pw2k.sys File C:\WINDOWS\system32\Drivers\hpn.sys File C:\WINDOWS\system32\Drivers\hsfbs2s2.sys File C:\WINDOWS\system32\Drivers\hsfcxts2.sys File C:\WINDOWS\system32\Drivers\hsfdpsp2.sys File C:\WINDOWS\system32\Drivers\http.sys File C:\WINDOWS\system32\Drivers\i2omgmt.sys File C:\WINDOWS\system32\Drivers\i2omp.sys File C:\WINDOWS\system32\Drivers\i8042prt.sys File C:\WINDOWS\system32\Drivers\imapi.sys File C:\WINDOWS\system32\Drivers\ini910u.sys File C:\WINDOWS\system32\Drivers\intelide.sys File C:\WINDOWS\system32\Drivers\intelppm.sys File C:\WINDOWS\system32\Drivers\ip6fw.sys File C:\WINDOWS\system32\Drivers\ipfltdrv.sys File C:\WINDOWS\system32\Drivers\ipinip.sys File C:\WINDOWS\system32\Drivers\ipnat.sys File C:\WINDOWS\system32\Drivers\ipsec.sys File C:\WINDOWS\system32\Drivers\irenum.sys File C:\WINDOWS\system32\Drivers\isapnp.sys File C:\WINDOWS\system32\Drivers\kbdclass.sys File C:\WINDOWS\system32\Drivers\kbdhid.sys File C:\WINDOWS\system32\Drivers\kmixer.sys File C:\WINDOWS\system32\Drivers\ks.sys File C:\WINDOWS\system32\Drivers\ksecdd.sys File C:\WINDOWS\system32\Drivers\MarvinBus.sys File C:\WINDOWS\system32\Drivers\mbam.sys File C:\WINDOWS\system32\Drivers\mbamswissarmy.sys File C:\WINDOWS\system32\Drivers\mcd.sys File C:\WINDOWS\system32\Drivers\mdmxsdk.sys File C:\WINDOWS\system32\Drivers\mf.sys File C:\WINDOWS\system32\Drivers\mnmdd.sys File C:\WINDOWS\system32\Drivers\modem.sys File C:\WINDOWS\system32\Drivers\mouclass.sys File C:\WINDOWS\system32\Drivers\mouhid.sys File C:\WINDOWS\system32\Drivers\mountmgr.sys File C:\WINDOWS\system32\Drivers\mpe.sys File C:\WINDOWS\system32\Drivers\mraid35x.sys File C:\WINDOWS\system32\Drivers\mrxdav.sys File C:\WINDOWS\system32\Drivers\mrxsmb.sys File C:\WINDOWS\system32\Drivers\msdv.sys File C:\WINDOWS\system32\Drivers\msfs.sys File C:\WINDOWS\system32\Drivers\msgpc.sys File C:\WINDOWS\system32\Drivers\mskssrv.sys File C:\WINDOWS\system32\Drivers\msmpu401.sys File C:\WINDOWS\system32\Drivers\mspclock.sys File C:\WINDOWS\system32\Drivers\mspqm.sys File C:\WINDOWS\system32\Drivers\mssmbios.sys File C:\WINDOWS\system32\Drivers\mstee.sys File C:\WINDOWS\system32\Drivers\mtlmnt5.sys File C:\WINDOWS\system32\Drivers\mtlstrm.sys File C:\WINDOWS\system32\Drivers\mtxparhm.sys File C:\WINDOWS\system32\Drivers\mup.sys File C:\WINDOWS\system32\Drivers\mutohpen.sys File C:\WINDOWS\system32\Drivers\nabtsfec.sys File C:\WINDOWS\system32\Drivers\ndis.sys File C:\WINDOWS\system32\Drivers\ndisip.sys File C:\WINDOWS\system32\Drivers\ndistapi.sys File C:\WINDOWS\system32\Drivers\ndisuio.sys File C:\WINDOWS\system32\Drivers\ndiswan.sys File C:\WINDOWS\system32\Drivers\ndproxy.sys File C:\WINDOWS\system32\Drivers\netbios.sys File C:\WINDOWS\system32\Drivers\netbt.sys File C:\WINDOWS\system32\Drivers\netwlan5.img File C:\WINDOWS\system32\Drivers\nic1394.sys File C:\WINDOWS\system32\Drivers\nikedrv.sys File C:\WINDOWS\system32\Drivers\nmnt.sys File C:\WINDOWS\system32\Drivers\npfs.sys File C:\WINDOWS\system32\Drivers\ntfs.sys File C:\WINDOWS\system32\Drivers\ntmtlfax.sys File C:\WINDOWS\system32\Drivers\null.sys File C:\WINDOWS\system32\Drivers\nv4_mini.sys File C:\WINDOWS\system32\Drivers\nwlnkflt.sys File C:\WINDOWS\system32\Drivers\nwlnkfwd.sys File C:\WINDOWS\system32\Drivers\nwlnkipx.sys File C:\WINDOWS\system32\Drivers\nwlnknb.sys File C:\WINDOWS\system32\Drivers\nwlnkspx.sys File C:\WINDOWS\system32\Drivers\ohci1394.sys File C:\WINDOWS\system32\Drivers\oprghdlr.sys File C:\WINDOWS\system32\Drivers\p3.sys File C:\WINDOWS\system32\Drivers\parport.sys File C:\WINDOWS\system32\Drivers\partmgr.sys File C:\WINDOWS\system32\Drivers\parvdm.sys File C:\WINDOWS\system32\Drivers\pci.sys File C:\WINDOWS\system32\Drivers\pciide.sys File C:\WINDOWS\system32\Drivers\pciidex.sys File C:\WINDOWS\system32\Drivers\Pclepci.sys File C:\WINDOWS\system32\Drivers\pcmcia.sys File C:\WINDOWS\system32\Drivers\perc2.sys File C:\WINDOWS\system32\Drivers\perc2hib.sys File C:\WINDOWS\system32\Drivers\portcls.sys File C:\WINDOWS\system32\Drivers\processr.sys File C:\WINDOWS\system32\Drivers\prodrv06.sys File C:\WINDOWS\system32\Drivers\prohlp02.sys File C:\WINDOWS\system32\Drivers\prosync1.sys File C:\WINDOWS\system32\Drivers\psched.sys File C:\WINDOWS\system32\Drivers\psi_mf.sys File C:\WINDOWS\system32\Drivers\ptilink.sys File C:\WINDOWS\system32\Drivers\PVsetup.dll File C:\WINDOWS\system32\Drivers\pxhelp20.sys File C:\WINDOWS\system32\Drivers\ql1080.sys File C:\WINDOWS\system32\Drivers\ql10wnt.sys File C:\WINDOWS\system32\Drivers\ql12160.sys File C:\WINDOWS\system32\Drivers\ql1240.sys File C:\WINDOWS\system32\Drivers\ql1280.sys File C:\WINDOWS\system32\Drivers\R8139n51.sys File C:\WINDOWS\system32\Drivers\rasacd.sys File C:\WINDOWS\system32\Drivers\rasl2tp.sys File C:\WINDOWS\system32\Drivers\raspppoe.sys File C:\WINDOWS\system32\Drivers\raspptp.sys File C:\WINDOWS\system32\Drivers\raspti.sys File C:\WINDOWS\system32\Drivers\rawwan.sys File C:\WINDOWS\system32\Drivers\rdbss.sys File C:\WINDOWS\system32\Drivers\rdpcdd.sys File C:\WINDOWS\system32\Drivers\rdpdr.sys File C:\WINDOWS\system32\Drivers\rdpwd.sys File C:\WINDOWS\system32\Drivers\recagent.sys File C:\WINDOWS\system32\Drivers\redbook.sys File C:\WINDOWS\system32\Drivers\rfcomm.sys File C:\WINDOWS\system32\Drivers\rio8drv.sys File C:\WINDOWS\system32\Drivers\riodrv.sys File C:\WINDOWS\system32\Drivers\rmcast.sys File C:\WINDOWS\system32\Drivers\rndismp.sys File C:\WINDOWS\system32\Drivers\rndismpx.sys File C:\WINDOWS\system32\Drivers\rootmdm.sys File C:\WINDOWS\system32\Drivers\rt73.sys File C:\WINDOWS\system32\Drivers\s3gnbm.sys File C:\WINDOWS\system32\Drivers\scsiport.sys File C:\WINDOWS\system32\Drivers\sdbus.sys File C:\WINDOWS\system32\Drivers\secdrv.sys File C:\WINDOWS\system32\Drivers\serenum.sys File C:\WINDOWS\system32\Drivers\serial.sys File C:\WINDOWS\system32\Drivers\sfdrv01.sys File C:\WINDOWS\system32\Drivers\sffdisk.sys File C:\WINDOWS\system32\Drivers\sffp_mmc.sys File C:\WINDOWS\system32\Drivers\sffp_sd.sys File C:\WINDOWS\system32\Drivers\sfhlp02.sys File C:\WINDOWS\system32\Drivers\sfloppy.sys File C:\WINDOWS\system32\Drivers\sfvfs02.sys File C:\WINDOWS\system32\Drivers\siint5.dll File C:\WINDOWS\system32\Drivers\sisagp.sys File C:\WINDOWS\system32\Drivers\slip.sys File C:\WINDOWS\system32\Drivers\slnt7554.sys File C:\WINDOWS\system32\Drivers\slntamr.sys File C:\WINDOWS\system32\Drivers\slnthal.sys File C:\WINDOWS\system32\Drivers\slwdmsup.sys File C:\WINDOWS\system32\Drivers\smbali.sys File C:\WINDOWS\system32\Drivers\smclib.sys File C:\WINDOWS\system32\Drivers\smsens.sys File C:\WINDOWS\system32\Drivers\smwdm.sys File C:\WINDOWS\system32\Drivers\snpstd.sys File C:\WINDOWS\system32\Drivers\sonydcam.sys File C:\WINDOWS\system32\Drivers\SONYPVU1.SYS File C:\WINDOWS\system32\Drivers\sparrow.sys File C:\WINDOWS\system32\Drivers\splitter.sys File C:\WINDOWS\system32\Drivers\sr.sys File C:\WINDOWS\system32\Drivers\srv.sys File C:\WINDOWS\system32\Drivers\ssmdrv.sys File C:\WINDOWS\system32\Drivers\StMp3Rec.sys File C:\WINDOWS\system32\Drivers\stream.sys File C:\WINDOWS\system32\Drivers\streamip.sys File C:\WINDOWS\system32\Drivers\swenum.sys File C:\WINDOWS\system32\Drivers\swmidi.sys File C:\WINDOWS\system32\Drivers\symc810.sys File C:\WINDOWS\system32\Drivers\symc8xx.sys File C:\WINDOWS\system32\Drivers\sym_hi.sys File C:\WINDOWS\system32\Drivers\sym_u3.sys File C:\WINDOWS\system32\Drivers\sysaudio.sys File C:\WINDOWS\system32\Drivers\tape.sys File C:\WINDOWS\system32\Drivers\tcpip.sys File C:\WINDOWS\system32\Drivers\tcpip6.sys File C:\WINDOWS\system32\Drivers\tdi.sys File C:\WINDOWS\system32\Drivers\tdpipe.sys File C:\WINDOWS\system32\Drivers\tdtcp.sys File C:\WINDOWS\system32\Drivers\termdd.sys File C:\WINDOWS\system32\Drivers\tosdvd.sys File C:\WINDOWS\system32\Drivers\toside.sys File C:\WINDOWS\system32\Drivers\tsbvcap.sys File C:\WINDOWS\system32\Drivers\tunmp.sys File C:\WINDOWS\system32\Drivers\uagp35.sys File C:\WINDOWS\system32\Drivers\udfs.sys File C:\WINDOWS\system32\Drivers\ultra.sys File C:\WINDOWS\system32\Drivers\UMDF File C:\WINDOWS\system32\Drivers\UMDF\MsftWdf_user_01_00_00.Wdf File C:\WINDOWS\system32\Drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf File C:\WINDOWS\system32\Drivers\UMDF\wpdmtpdr.dll File C:\WINDOWS\system32\Drivers\update.sys File C:\WINDOWS\system32\Drivers\usb8023.sys File C:\WINDOWS\system32\Drivers\usb8023x.sys File C:\WINDOWS\system32\Drivers\USBAUDIO.sys File C:\WINDOWS\system32\Drivers\usbcamd.sys File C:\WINDOWS\system32\Drivers\usbcamd2.sys File C:\WINDOWS\system32\Drivers\usbccgp.sys File C:\WINDOWS\system32\Drivers\usbd.sys File C:\WINDOWS\system32\Drivers\usbehci.sys File C:\WINDOWS\system32\Drivers\usbhub.sys File C:\WINDOWS\system32\Drivers\usbintel.sys File C:\WINDOWS\system32\Drivers\usbport.sys File C:\WINDOWS\system32\Drivers\usbscan.sys File C:\WINDOWS\system32\Drivers\usbstor.sys File C:\WINDOWS\system32\Drivers\usbuhci.sys File C:\WINDOWS\system32\Drivers\usbvideo.sys File C:\WINDOWS\system32\Drivers\vchnt5.dll File C:\WINDOWS\system32\Drivers\vcsmpdrv.sys File C:\WINDOWS\system32\Drivers\vdmindvd.sys File C:\WINDOWS\system32\Drivers\vga.sys File C:\WINDOWS\system32\Drivers\viaagp.sys File C:\WINDOWS\system32\Drivers\viaide.sys File C:\WINDOWS\system32\Drivers\videoprt.sys File C:\WINDOWS\system32\Drivers\volsnap.sys File C:\WINDOWS\system32\Drivers\wacompen.sys File C:\WINDOWS\system32\Drivers\wadv07nt.sys File C:\WINDOWS\system32\Drivers\wadv08nt.sys File C:\WINDOWS\system32\Drivers\wadv09nt.sys File C:\WINDOWS\system32\Drivers\wadv11nt.sys File C:\WINDOWS\system32\Drivers\wanarp.sys File C:\WINDOWS\system32\Drivers\wanatw4.sys File C:\WINDOWS\system32\Drivers\watv06nt.sys File C:\WINDOWS\system32\Drivers\watv10nt.sys File C:\WINDOWS\system32\Drivers\wceusbsh.sys File C:\WINDOWS\system32\Drivers\wdmaud.sys File C:\WINDOWS\system32\Drivers\winddx.sys File C:\WINDOWS\system32\Drivers\wmilib.sys File C:\WINDOWS\system32\Drivers\wpdusb.sys File C:\WINDOWS\system32\Drivers\ws2ifsl.sys File C:\WINDOWS\system32\Drivers\wstcodec.sys File C:\WINDOWS\system32\Drivers\WudfPf.sys File C:\WINDOWS\system32\Drivers\WudfRd.sys File C:\WINDOWS\system32\Drivers\_005861_.tmp.dll Service Aavmker4 [C:\WINDOWS\System32\Drivers\Aavmker4.sys] Service Abiosdsk [C:\WINDOWS\System32\Drivers\Abiosdsk.sys] Service abp480n5 [C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS] Service ACPI [C:\WINDOWS\System32\DRIVERS\ACPI.sys] Service ACPIEC [C:\WINDOWS\System32\Drivers\ACPIEC.sys] Service adiusbaw [C:\WINDOWS\System32\DRIVERS\adiusbaw.sys] Service adpu160m [C:\WINDOWS\System32\DRIVERS\adpu160m.sys] Service aeaudio [C:\WINDOWS\system32\drivers\aeaudio.sys] Service aec [C:\WINDOWS\system32\drivers\aec.sys] Service AFD [C:\WINDOWS\System32\drivers\afd.sys] Service agp440 [C:\WINDOWS\System32\DRIVERS\agp440.sys] Service agpCPQ [C:\WINDOWS\System32\DRIVERS\agpCPQ.sys] Service Aha154x [C:\WINDOWS\System32\DRIVERS\aha154x.sys] Service aic78u2 [C:\WINDOWS\System32\DRIVERS\aic78u2.sys] Service aic78xx [C:\WINDOWS\System32\DRIVERS\aic78xx.sys] Service ALG [C:\WINDOWS\System32\alg.exe] Service AliIde [C:\WINDOWS\System32\DRIVERS\aliide.sys] Service alim1541 [C:\WINDOWS\System32\DRIVERS\alim1541.sys] Service amdagp [C:\WINDOWS\System32\DRIVERS\amdagp.sys] Service AmdK7 [C:\WINDOWS\System32\DRIVERS\amdk7.sys] Service amsint [C:\WINDOWS\System32\DRIVERS\amsint.sys] Service Apple Mobile Device [C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] Service AppMgmt [C:\WINDOWS\System32\appmgmts.dll] Service Arp1394 [C:\WINDOWS\System32\DRIVERS\arp1394.sys] Service Asapi [C:\WINDOWS\System32\Drivers\Asapi.sys] Service asc [C:\WINDOWS\System32\DRIVERS\asc.sys] Service asc3350p [C:\WINDOWS\System32\DRIVERS\asc3350p.sys] Service asc3550 [C:\WINDOWS\System32\DRIVERS\asc3550.sys] Service aswFsBlk [C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys] Service aswMon2 [C:\WINDOWS\System32\Drivers\aswMon2.sys] Service aswRdr [C:\WINDOWS\System32\Drivers\aswRdr.sys] Service aswSP [C:\WINDOWS\System32\Drivers\aswSP.sys] Service aswTdi [C:\WINDOWS\System32\Drivers\aswTdi.sys] Service aswUpdSv [C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe] Service AsyncMac [C:\WINDOWS\System32\DRIVERS\asyncmac.sys] Service atapi [C:\WINDOWS\System32\DRIVERS\atapi.sys] Service Atdisk [C:\WINDOWS\System32\Drivers\Atdisk.sys] Service ati2mtag [C:\WINDOWS\system32\DRIVERS\ati2mtag.sys] Service Atierecord [???] Service Atmarpc [C:\WINDOWS\System32\DRIVERS\atmarpc.sys] Service ATMhelpr [C:\WINDOWS\System32\Drivers\ATMhelpr.sys] Service AudioSrv [C:\WINDOWS\System32\audiosrv.dll] Service audstub [C:\WINDOWS\System32\DRIVERS\audstub.sys] Service avast! Antivirus [C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe] Service avast! Mail Scanner [C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe] Service avast! Web Scanner [C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe] Service BattC [???] Service Beep [C:\WINDOWS\System32\Drivers\Beep.sys] Service BITS [C:\WINDOWS\system32\qmgr.dll] Service Bonjour Service [C:\Program Files\Bonjour\mDNSResponder.exe] Service Bridge [C:\WINDOWS\System32\DRIVERS\bridge.sys] Service BridgeMP [C:\WINDOWS\System32\DRIVERS\bridge.sys] Service C-DillaCdaC11BA [C:\WINDOWS\System32\drivers\CDAC11BA.EXE] Service cbidf [C:\WINDOWS\System32\DRIVERS\cbidf2k.sys] Service cbidf2k [C:\WINDOWS\System32\Drivers\cbidf2k.sys] Service CCALib8 [C:\Program Files\Canon\CAL\CALMAIN.exe] Service CCDECODE [C:\WINDOWS\system32\DRIVERS\CCDECODE.sys] Service cd20xrnt [C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys] Service CdaC15BA [C:\WINDOWS\System32\drivers\CdaC15BA.SYS] Service Cdaudio [C:\WINDOWS\System32\Drivers\Cdaudio.sys] Service Cdfs [C:\WINDOWS\System32\Drivers\Cdfs.sys] Service Cdrom [C:\WINDOWS\System32\DRIVERS\cdrom.sys] Service Changer [C:\WINDOWS\System32\Drivers\Changer.sys] Service CiSvc [C:\WINDOWS\system32\cisvc.exe] Service Class [???] Service ClipSrv [C:\WINDOWS\system32\clipsrv.exe] Service CmdIde [C:\WINDOWS\System32\DRIVERS\cmdide.sys] Service COMSysApp [C:\WINDOWS\System32\dllhost.exe] Service ContentFilter [???] Service ContentIndex [???] Service Cpqarray [C:\WINDOWS\System32\DRIVERS\cpqarray.sys] Service CryptSvc [C:\WINDOWS\System32\cryptsvc.dll] Service dac2w2k [C:\WINDOWS\System32\DRIVERS\dac2w2k.sys] Service dac960nt [C:\WINDOWS\System32\DRIVERS\dac960nt.sys] Service DcomLaunch [C:\WINDOWS\system32\svchost] Service Dhcp [C:\WINDOWS\System32\dhcpcsvc.dll] Service Disk [C:\WINDOWS\System32\DRIVERS\disk.sys] Service dmadmin [C:\WINDOWS\System32\dmadmin.exe] Service dmboot [C:\WINDOWS\System32\drivers\dmboot.sys] Service dmio [C:\WINDOWS\System32\drivers\dmio.sys] Service dmload [C:\WINDOWS\System32\drivers\dmload.sys] Service dmserver [C:\WINDOWS\System32\dmserver.dll] Service DMusic [C:\WINDOWS\system32\drivers\DMusic.sys] Service Dnscache [C:\WINDOWS\System32\dnsrslvr.dll] Service Dot3svc [C:\WINDOWS\System32\dot3svc.dll] Service dpti2o [C:\WINDOWS\System32\DRIVERS\dpti2o.sys] Service drmkaud [C:\WINDOWS\system32\drivers\drmkaud.sys] Service EapHost [C:\WINDOWS\System32\eapsvc.dll] Service ERSvc [C:\WINDOWS\System32\ersvc.dll] Service Eventlog [C:\WINDOWS\system32\services.exe] Service EventSystem [C:\WINDOWS\System32\es.dll] Service Fastfat [C:\WINDOWS\System32\Drivers\Fastfat.sys] Service FastUserSwitchingCompatibility [C:\WINDOWS\System32\shsvcs.dll] Service Fdc [C:\WINDOWS\System32\DRIVERS\fdc.sys] Service Fips [C:\WINDOWS\System32\Drivers\Fips.sys] Service Flpydisk [C:\WINDOWS\System32\DRIVERS\flpydisk.sys] Service FltMgr [C:\WINDOWS\system32\drivers\fltmgr.sys] Service Fs_Rec [C:\WINDOWS\System32\Drivers\Fs_Rec.sys] Service Ftdisk [C:\WINDOWS\System32\DRIVERS\ftdisk.sys] Service gameenum [C:\WINDOWS\System32\DRIVERS\gameenum.sys] Service GcKernel [C:\WINDOWS\System32\DRIVERS\GcKernel.sys] Service GEARAspiWDM [C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys] Service Gpc [C:\WINDOWS\System32\DRIVERS\msgpc.sys] Service gusvc [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe] Service helpsvc [C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll] Service HidServ [C:\WINDOWS\System32\hidserv.dll] Service HIDSwvd [C:\WINDOWS\System32\DRIVERS\HIDSwvd.sys] Service HidUsb [C:\WINDOWS\System32\DRIVERS\hidusb.sys] Service hkmsvc [C:\WINDOWS\System32\kmsvc.dll] Service hpn [C:\WINDOWS\System32\DRIVERS\hpn.sys] Service HTTP [C:\WINDOWS\System32\Drivers\HTTP.sys] Service HTTPFilter [C:\WINDOWS\System32\w3ssl.dll] Service i2omgmt [C:\WINDOWS\System32\Drivers\i2omgmt.sys] Service i2omp [C:\WINDOWS\System32\DRIVERS\i2omp.sys] Service i8042prt [C:\WINDOWS\System32\DRIVERS\i8042prt.sys] Service IDriverT [C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe] Service Imapi [C:\WINDOWS\System32\DRIVERS\imapi.sys] Service ImapiService [C:\WINDOWS\System32\imapi.exe] Service inetaccs [???] Service ini910u [C:\WINDOWS\System32\DRIVERS\ini910u.sys] Service Inport [???] Service IntelIde [C:\WINDOWS\System32\DRIVERS\intelide.sys] Service intelppm [C:\WINDOWS\System32\DRIVERS\intelppm.sys] Service ip6fw [C:\WINDOWS\system32\drivers\ip6fw.sys] Service IpFilterDriver [C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys] Service IpInIp [C:\WINDOWS\System32\DRIVERS\ipinip.sys] Service IpNat [C:\WINDOWS\System32\DRIVERS\ipnat.sys] Service iPod Service [C:\Program Files\iPod\bin\iPodService.exe] Service IPSec [C:\WINDOWS\System32\DRIVERS\ipsec.sys] Service IRENUM [C:\WINDOWS\System32\DRIVERS\irenum.sys] Service ISAPISearch [???] Service isapnp [C:\WINDOWS\System32\DRIVERS\isapnp.sys] Service JavaQuickStarterService [C:\Program Files\Java\jre6\bin\jqs.exe] Service Kbdclass [C:\WINDOWS\System32\DRIVERS\kbdclass.sys] Service kbdhid [C:\WINDOWS\System32\DRIVERS\kbdhid.sys] Service kmixer [C:\WINDOWS\system32\drivers\kmixer.sys] Service KSecDD [C:\WINDOWS\System32\Drivers\KSecDD.sys] Service lac97inf [C:\DOCUME~1\JEFF\LOCALS~1\Temp\lac97inf.sys] Service lanmanserver [C:\WINDOWS\System32\srvsvc.dll] Service lbrtfdc [C:\WINDOWS\System32\Drivers\lbrtfdc.sys] Service ldap [???] Service LicenseService [???] Service LmHosts [C:\WINDOWS\System32\lmhsvc.dll] Service MarvinBus [C:\WINDOWS\system32\DRIVERS\MarvinBus.sys] Service MDM [C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe] Service mnmdd [C:\WINDOWS\System32\Drivers\mnmdd.sys] Service mnmsrvc [C:\WINDOWS\System32\mnmsrvc.exe] Service Modem [C:\WINDOWS\System32\Drivers\Modem.sys] Service Mouclass [C:\WINDOWS\System32\DRIVERS\mouclass.sys] Service mouhid [C:\WINDOWS\System32\DRIVERS\mouhid.sys] Service MountMgr [C:\WINDOWS\System32\Drivers\MountMgr.sys] Service mraid35x [C:\WINDOWS\System32\DRIVERS\mraid35x.sys] Service MRxDAV [C:\WINDOWS\System32\DRIVERS\mrxdav.sys] Service MSDTC [C:\WINDOWS\System32\msdtc.exe] Service Msfs [C:\WINDOWS\System32\Drivers\Msfs.sys] Service MSIServer [C:\WINDOWS\system32\msiexec.exe] Service MSKSSRV [C:\WINDOWS\system32\drivers\MSKSSRV.sys] Service MSPCLOCK [C:\WINDOWS\system32\drivers\MSPCLOCK.sys] Service MSPQM [C:\WINDOWS\system32\drivers\MSPQM.sys] Service mssmbios [C:\WINDOWS\System32\DRIVERS\mssmbios.sys] Service MSTEE [C:\WINDOWS\system32\drivers\MSTEE.sys] Service ms_mpu401 [C:\WINDOWS\system32\drivers\msmpu401.sys] Service Mtlmnt5 [C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys] Service Mtlstrm [C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys] Service Mup [C:\WINDOWS\System32\Drivers\Mup.sys] Service NABTSFEC [C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys] Service napagent [C:\WINDOWS\System32\qagentrt.dll] Service NDIS [C:\WINDOWS\System32\Drivers\NDIS.sys] Service NdisIP [C:\WINDOWS\system32\DRIVERS\NdisIP.sys] Service NdisTapi [C:\WINDOWS\System32\DRIVERS\ndistapi.sys] Service Ndisuio [C:\WINDOWS\System32\DRIVERS\ndisuio.sys] Service NdisWan [C:\WINDOWS\System32\DRIVERS\ndiswan.sys] Service NDProxy [C:\WINDOWS\System32\Drivers\NDProxy.sys] Service NetBT [C:\WINDOWS\System32\DRIVERS\netbt.sys] Service NetDDE [C:\WINDOWS\system32\netdde.exe] Service NetDDEdsdm [C:\WINDOWS\system32\netdde.exe] Service Netman [C:\WINDOWS\System32\netman.dll] Service NIC1394 [C:\WINDOWS\System32\DRIVERS\nic1394.sys] Service Nla [C:\WINDOWS\System32\mswsock.dll] Service nm [???] Service Npfs [C:\WINDOWS\System32\Drivers\Npfs.sys] Service NPPTNT2 [C:\WINDOWS\system32\npptNT2.sys] Service Ntfs [C:\WINDOWS\System32\Drivers\Ntfs.sys] Service NtmsSvc [C:\WINDOWS\system32\ntmssvc.dll] Service NtMtlFax [C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys] Service Null [C:\WINDOWS\System32\Drivers\Null.sys] Service nv [C:\WINDOWS\System32\DRIVERS\nv4_mini.sys] Service NwlnkFlt [C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys] Service NwlnkFwd [C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys] Service NwlnkIpx [C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys] Service NwlnkNb [C:\WINDOWS\System32\DRIVERS\nwlnknb.sys] Service NwlnkSpx [C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys] Service NwSapAgent [C:\WINDOWS\System32\ipxsap.dll] Service ohci1394 [C:\WINDOWS\System32\DRIVERS\ohci1394.sys] Service Parport [C:\WINDOWS\System32\DRIVERS\parport.sys] Service PartMgr [C:\WINDOWS\System32\Drivers\PartMgr.sys] Service ParVdm [C:\WINDOWS\System32\Drivers\ParVdm.sys] Service PCI [C:\WINDOWS\System32\DRIVERS\pci.sys] Service PCIDump [C:\WINDOWS\System32\Drivers\PCIDump.sys] Service PCIIde [C:\WINDOWS\System32\DRIVERS\pciide.sys] Service PCLEPCI [C:\WINDOWS\system32\drivers\pclepci.sys] Service Pcmcia [C:\WINDOWS\System32\Drivers\Pcmcia.sys] Service PDCOMP [C:\WINDOWS\System32\Drivers\PDCOMP.sys] Service PDFRAME [C:\WINDOWS\System32\Drivers\PDFRAME.sys] Service PDRELI [C:\WINDOWS\System32\Drivers\PDRELI.sys] Service PDRFRAME [C:\WINDOWS\System32\Drivers\PDRFRAME.sys] Service perc2 [C:\WINDOWS\System32\DRIVERS\perc2.sys] Service perc2hib [C:\WINDOWS\System32\DRIVERS\perc2hib.sys] Service PerfDisk [???] Service PerfNet [???] Service PerfOS [???] Service PerfProc [???] Service PLCMPR5 [C:\WINDOWS\system32\PLCMPR5.SYS] Service PLCNDIS5 [C:\WINDOWS\system32\plcndis5.sys] Service PlugPlay [C:\WINDOWS\system32\services.exe] Service PolicyAgent [C:\WINDOWS\System32\lsass.exe] Service PptpMiniport [C:\WINDOWS\System32\DRIVERS\raspptp.sys] Service Processor [C:\WINDOWS\System32\DRIVERS\processr.sys] Service prodrv06 [C:\WINDOWS\System32\drivers\prodrv06.sys] Service prohlp02 [C:\WINDOWS\System32\drivers\prohlp02.sys] Service prosync1 [C:\WINDOWS\System32\drivers\prosync1.sys] Service ProtectedStorage [C:\WINDOWS\system32\lsass.exe] Service PSched [C:\WINDOWS\System32\DRIVERS\psched.sys] Service PSI [C:\WINDOWS\system32\DRIVERS\psi_mf.sys] Service Ptilink [C:\WINDOWS\System32\DRIVERS\ptilink.sys] Service PVUSB [C:\WINDOWS\system32\DRIVERS\CESG502.sys] Service PxHelp20 [C:\WINDOWS\System32\DRIVERS\PxHelp20.sys] Service ql1080 [C:\WINDOWS\System32\DRIVERS\ql1080.sys] Service Ql10wnt [C:\WINDOWS\System32\DRIVERS\ql10wnt.sys] Service ql12160 [C:\WINDOWS\System32\DRIVERS\ql12160.sys] Service ql1240 [C:\WINDOWS\System32\DRIVERS\ql1240.sys] Service ql1280 [C:\WINDOWS\System32\DRIVERS\ql1280.sys] Service RasAcd [C:\WINDOWS\System32\DRIVERS\rasacd.sys] Service RasAuto [C:\WINDOWS\System32\rasauto.dll] Service Rasl2tp [C:\WINDOWS\System32\DRIVERS\rasl2tp.sys] Service RasMan [C:\WINDOWS\System32\rasmans.dll] Service RasPppoe [C:\WINDOWS\System32\DRIVERS\raspppoe.sys] Service Raspti [C:\WINDOWS\System32\DRIVERS\raspti.sys] Service RDPCDD [C:\WINDOWS\System32\DRIVERS\RDPCDD.sys] Service RDPDD [???] Service rdpdr [C:\WINDOWS\System32\DRIVERS\rdpdr.sys] Service RDPNP [???] Service RDPWD [C:\WINDOWS\System32\Drivers\RDPWD.sys] Service RDSessMgr [C:\WINDOWS\system32\sessmgr.exe] Service RecAgent [C:\WINDOWS\System32\DRIVERS\RecAgent.sys] Service redbook [C:\WINDOWS\System32\DRIVERS\redbook.sys] Service RemoteAccess [C:\WINDOWS\System32\mprdim.dll] Service RpcSs [C:\WINDOWS\system32\svchost] Service RSVP [C:\WINDOWS\System32\rsvp.exe] Service RT73 [C:\WINDOWS\system32\DRIVERS\rt73.sys] Service rtl8139 [C:\WINDOWS\System32\DRIVERS\R8139n51.SYS] Service SamSs [C:\WINDOWS\system32\lsass.exe] Service SCardSvr [C:\WINDOWS\System32\SCardSvr.exe] Service Schedule [C:\WINDOWS\system32\schedsvc.dll] Service ScsiPort [???] Service Secdrv [C:\WINDOWS\System32\DRIVERS\secdrv.sys] Service seclogon [C:\WINDOWS\System32\seclogon.dll] Service SENS [C:\WINDOWS\system32\sens.dll] Service serenum [C:\WINDOWS\System32\DRIVERS\serenum.sys] Service Serial [C:\WINDOWS\System32\DRIVERS\serial.sys] Service sfdrv01 [C:\WINDOWS\System32\drivers\sfdrv01.sys] Service sfhlp02 [C:\WINDOWS\System32\drivers\sfhlp02.sys] Service Sfloppy [C:\WINDOWS\System32\Drivers\Sfloppy.sys] Service sfvfs02 [C:\WINDOWS\System32\drivers\sfvfs02.sys] Service SharedAccess [C:\WINDOWS\System32\ipnathlp.dll] Service ShellHWDetection [C:\WINDOWS\System32\shsvcs.dll] Service Simbad [C:\WINDOWS\System32\Drivers\Simbad.sys] Service sisagp [C:\WINDOWS\System32\DRIVERS\sisagp.sys] Service SLIP [C:\WINDOWS\system32\DRIVERS\SLIP.sys] Service Slntamr [C:\WINDOWS\System32\DRIVERS\slntamr.sys] Service SlNtHal [C:\WINDOWS\System32\DRIVERS\Slnthal.sys] Service SLService [C:\WINDOWS\system32\slserv.exe] Service SlWdmSup [C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys] Service smwdm [C:\WINDOWS\system32\drivers\smwdm.sys] Service snpstd [C:\WINDOWS\system32\DRIVERS\snpstd.sys] Service SONYPVU1 [C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS] Service Sparrow [C:\WINDOWS\System32\DRIVERS\sparrow.sys] Service splitter [C:\WINDOWS\system32\drivers\splitter.sys] Service Spooler [C:\WINDOWS\system32\spoolsv.exe] Service sr [C:\WINDOWS\System32\DRIVERS\sr.sys] Service srservice [C:\WINDOWS\System32\srsvc.dll] Service Srv [C:\WINDOWS\System32\DRIVERS\srv.sys] Service SSDPSRV [C:\WINDOWS\System32\ssdpsrv.dll] Service ssmdrv [C:\WINDOWS\system32\DRIVERS\ssmdrv.sys] Service stisvc [C:\WINDOWS\system32\wiaservc.dll] Service streamip [C:\WINDOWS\system32\DRIVERS\StreamIP.sys] Service swenum [C:\WINDOWS\System32\DRIVERS\swenum.sys] Service swmidi [C:\WINDOWS\system32\drivers\swmidi.sys] Service SwPrv [C:\WINDOWS\System32\dllhost.exe] Service swwd [???] Service symc810 [C:\WINDOWS\System32\DRIVERS\symc810.sys] Service symc8xx [C:\WINDOWS\System32\DRIVERS\symc8xx.sys] Service sym_hi [C:\WINDOWS\System32\DRIVERS\sym_hi.sys] Service sym_u3 [C:\WINDOWS\System32\DRIVERS\sym_u3.sys] Service sysaudio [C:\WINDOWS\system32\drivers\sysaudio.sys] Service SysmonLog [C:\WINDOWS\system32\smlogsvc.exe] Service TapiSrv [C:\WINDOWS\System32\tapisrv.dll] Service Tcpip [C:\WINDOWS\System32\DRIVERS\tcpip.sys] Service TDPIPE [C:\WINDOWS\System32\Drivers\TDPIPE.sys] Service TDTCP [C:\WINDOWS\System32\Drivers\TDTCP.sys] Service TermDD [C:\WINDOWS\System32\DRIVERS\termdd.sys] Service TermService [C:\WINDOWS\System32\svchost] Service Themes [C:\WINDOWS\System32\shsvcs.dll] Service TosIde [C:\WINDOWS\System32\DRIVERS\toside.sys] Service TrkWks [C:\WINDOWS\system32\trkwks.dll] Service TSDDD [???] Service Udfs [C:\WINDOWS\System32\Drivers\Udfs.sys] Service ultra [C:\WINDOWS\System32\DRIVERS\ultra.sys] Service Update [C:\WINDOWS\System32\DRIVERS\update.sys] Service upnphost [C:\WINDOWS\System32\upnphost.dll] Service UPS [C:\WINDOWS\System32\ups.exe] Service usbaudio [C:\WINDOWS\system32\drivers\usbaudio.sys] Service usbccgp [C:\WINDOWS\System32\DRIVERS\usbccgp.sys] Service usbehci [C:\WINDOWS\System32\DRIVERS\usbehci.sys] Service usbhub [C:\WINDOWS\System32\DRIVERS\usbhub.sys] Service usbscan [C:\WINDOWS\System32\DRIVERS\usbscan.sys] Service USBSTOR [C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS] Service usbuhci [C:\WINDOWS\System32\DRIVERS\usbuhci.sys] Service usprserv [C:\WINDOWS\System32\svchost.exe] Service vcsmpdrv [C:\WINDOWS\System32\DRIVERS\vcsmpdrv.sys] Service VCSSecS [C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe] Service VgaSave [C:\WINDOWS\System32\drivers\vga.sys] Service viaagp [C:\WINDOWS\System32\DRIVERS\viaagp.sys] Service ViaIde [C:\WINDOWS\System32\DRIVERS\viaide.sys] Service VolSnap [C:\WINDOWS\System32\Drivers\VolSnap.sys] Service VSS [C:\WINDOWS\System32\vssvc.exe] Service VXD [???] Service W32Time [C:\WINDOWS\System32\w32time.dll] Service W3SVC [???] Service Wanarp [C:\WINDOWS\System32\DRIVERS\wanarp.sys] Service wanatw [C:\WINDOWS\System32\DRIVERS\wanatw4.sys] Service WANMiniportService [C:\WINDOWS\wanmpsvc.exe] Service wceusbsh [C:\WINDOWS\system32\DRIVERS\wceusbsh.sys] Service WDICA [C:\WINDOWS\System32\Drivers\WDICA.sys] Service wdmaud [C:\WINDOWS\system32\drivers\wdmaud.sys] Service WebClient [C:\WINDOWS\System32\webclnt.dll] Service winmgmt [C:\WINDOWS\system32\wbem\WMIsvc.dll] Service Winsock [C:\WINDOWS\System32\Drivers\Winsock.sys] Service WinSock2 [???] Service WinTrust [???] Service WmdmPmSN [C:\WINDOWS\system32\MsPMSNSv.dll] Service Wmi [???] Service WmiApRpl [???] Service WmiApSrv [C:\WINDOWS\System32\wbem\wmiapsrv.exe] Service WMPNetworkSvc [C:\Program Files\Windows Media Player\WMPNetwk.exe] Service WpdUsb [C:\WINDOWS\system32\DRIVERS\wpdusb.sys] Service wscsvc [C:\WINDOWS\system32\wscsvc.dll] Service WSTCODEC [C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS] Service wuauserv [C:\WINDOWS\system32\wuauserv.dll] Service WudfPf [C:\WINDOWS\system32\DRIVERS\WudfPf.sys] Service WudfSvc [C:\WINDOWS\System32\WUDFSvc.dll] Service WZCSVC [C:\WINDOWS\System32\wzcsvc.dll] Service xmlprov [C:\WINDOWS\System32\xmlprov.dll] Service {92FF618F-39BD-4E78-A9B9-3ACBC8219B99} [???] Service {D8BAE97A-1938-4DF2-A1D9-9F01F8AEBFD8} [???] Service {FD6C15BC-2C07-42C0-96E1-C5F75F23389C} [???] Scan finished: samedi 12 décembre 2009 14:36:41 Hidden files found: 0 Hidden registry items found: 0 Hidden processes found: 0 Hidden services found: 0 Hidden boot sectors found: 0 ----------
  2. Ouine d'oz
    Bonjour Gof, J'ai tout suivi à la lettre et même imprimé les guides que je vais étudiés attentivement. J'ai bien occupé ma matinée ! PSI a juste détecté la non mise à jour de i-tunes, je m'en occuperai plus tard. Dans un message précédent, tu me demandais ce que je faisais des alertes Avast. En fait, je fais ce que me conseille Avast c'est à dire que je mets 99% des anomalies repérées en quarantaine. Après, je ne sais pas quoi faire... Je ne sais même pas comment voir ce qui est en quarantaine... Voici le dernier rapport Avast. Il semblerait que j'ai encore des virus et plus particulièrement sur mon disque dur externe. A bientôt pour la suite. 19/01/2009 09:54:20 1232348060 JEFF 1500 Sign of "Win32:WinFixer-Y [Tool]" has been found in "C:\WINDOWS\Downloaded Program Files\UWFX5V_0001_N56M1411NetInstaller.exe" file. 19/01/2009 09:54:22 1232348062 JEFF 1500 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\AdobeR.exe" file. 19/01/2009 09:55:11 1232348111 JEFF 4004 Sign of "Win32:Rjump [Wrm]" has been found in "c:\windows\adober.exe" file. 19/01/2009 09:55:24 1232348124 JEFF 4004 Sign of "Win32:WinFixer-Y [Tool]" has been found in "c:\windows\downloaded program files\uwfx5v_0001_n56m1411netinstaller.exe" file. 19/01/2009 09:57:45 1232348265 JEFF 2564 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7. 19/01/2009 10:19:56 1232349596 JEFF 1500 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\^%%%%% ^ .exe" file. 20/01/2009 12:09:03 1232442543 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 20/01/2009 12:09:04 1232442544 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 21/01/2009 09:09:35 1232518175 SYSTEM 1548 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 23/01/2009 11:47:40 1232700460 JEFF 1308 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\rythm of tthe night hermes.wma" file. 23/01/2009 15:16:24 1232712984 JEFF 1308 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\carckno cd francais fable tlc.zip\Setup.exe" file. 23/01/2009 17:21:33 1232720493 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\Thumbs.db (D:\2003_08_09\Thumbs.db) returning error, 0000001E. 23/01/2009 17:21:35 1232720495 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\101_0179.JPG (D:\2003_08_09\101_0179.JPG) returning error, 0000A420. 23/01/2009 17:22:31 1232720551 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\102_0204.JPG (D:\2003_08_09\102_0204.JPG) returning error, 0000A420. 23/01/2009 17:23:01 1232720581 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\102_0206.JPG (D:\2003_08_09\102_0206.JPG) returning error, 0000A420. 24/01/2009 08:42:06 1232775726 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/01/2009 10:14:53 1233040493 SYSTEM 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 28/01/2009 14:32:11 1233142331 JEFF 1296 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\final fantasy vii francais.mpg" file. 28/01/2009 14:34:16 1233142456 JEFF 1296 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\final fantasy vii francais.mpg" file. 05/02/2009 22:24:57 1233861897 SYSTEM 1536 Sign of "Win32:Trojan-gen {Other}" has been found in "K:\AdobeR.exe" file. 11/02/2009 17:05:31 1234361131 SYSTEM 1552 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 17:09:23 1234361363 SYSTEM 1552 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 17:10:39 1234361439 SYSTEM 1552 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 22:15:02 1234379702 SYSTEM 1540 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 22:20:04 1234380004 JEFF 1836 Sign of "Win32:Oliga [Trj]" has been found in "C:\seya.exe" file. 11/02/2009 22:20:27 1234380027 JEFF 1836 Sign of "Win32:Oliga [Trj]" has been found in "C:\seya.exe" file. 21/02/2009 08:26:51 1235194011 SYSTEM 1448 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 21/02/2009 08:26:52 1235194012 SYSTEM 1448 An error has occured while attempting to update. Please check the logs. 23/02/2009 14:57:01 1235390221 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 23/02/2009 14:57:01 1235390221 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 03/03/2009 07:27:19 1236054439 SYSTEM 1544 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 04/03/2009 07:01:51 1236139311 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 04/03/2009 07:01:51 1236139311 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 05/03/2009 14:41:53 1236253313 JEFF 1444 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\01 - djibouti 01\_MG_0003.JPG (D:\01 - djibouti 01\_MG_0003.JPG) returning error, 0000A420. 05/03/2009 14:42:39 1236253359 JEFF 1444 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\09®011 - carnaval FFDJ au 5° RIAOM 23-02-09 (CCH ANTIER)\Thumbs.db (D:\09®011 - carnaval FFDJ au 5° RIAOM 23-02-09 (CCH ANTIER)\Thumbs.db) returning error, 0000001E. 05/03/2009 14:42:57 1236253377 JEFF 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 05/03/2009 14:42:57 1236253377 JEFF 1444 An error has occured while attempting to update. Please check the logs. 09/03/2009 23:11:39 1236629499 SYSTEM 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 11/03/2009 17:23:50 1236781430 MAX 1548 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\POWERPOINT\PPT.PCB (C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\POWERPOINT\PPT.PCB) returning error, 00000005. 11/03/2009 17:24:15 1236781455 MAX 1548 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\MODèLES\NORMAL.DOT (C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\MODèLES\NORMAL.DOT) returning error, 00000005. 13/03/2009 21:02:33 1236967353 SYSTEM 1900 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 16/03/2009 06:58:52 1237175932 SYSTEM 1452 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 16/03/2009 06:58:53 1237175933 SYSTEM 1452 An error has occured while attempting to update. Please check the logs. 19/03/2009 08:04:56 1237439096 SYSTEM 1312 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24/03/2009 16:13:36 1237900416 SYSTEM 1448 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24/03/2009 17:19:30 1237904370 SYSTEM 1448 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\andrews sisters medley (best quality).mp3" file. 25/03/2009 15:56:42 1237985802 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\tes ok ottawan.wma" file. 25/03/2009 15:58:47 1237985927 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\tes ok ottawan - greatest hits.mp3" file. 25/03/2009 16:02:21 1237986141 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\everybody needs sommebody.mp3" file. 25/03/2009 16:04:14 1237986254 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\knock on me amy stewart.mp3" file. 25/03/2009 16:10:17 1237986617 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\sturday night fever bee gees(Club RMX).mp3" file. 25/03/2009 16:46:01 1237988761 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\summer is magic playhatty 2009.mp3" file. 25/03/2009 16:47:05 1237988825 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\summer is magic playhatty.mp3" file. 25/03/2009 16:47:12 1237988832 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\paris latino.mp3" file. 25/03/2009 18:55:33 1237996533 SYSTEM 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/03/2009 12:25:33 1238145933 SYSTEM 1552 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\je suis pas timide blow coxx.mp3" file. 28/03/2009 15:13:00 1238242380 JEFF 1560 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\8 200 la chanson du dimanche-HQ.mp3" file. 28/03/2009 15:19:53 1238242793 JEFF 1560 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\8 200 la chanson du dimanche.mp3" file. 03/04/2009 08:13:21 1238735601 SYSTEM 1224 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 03/04/2009 08:13:21 1238735601 SYSTEM 1224 An error has occured while attempting to update. Please check the logs. 07/04/2009 17:27:31 1239114451 SYSTEM 1548 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 07/04/2009 17:27:32 1239114452 SYSTEM 1548 An error has occured while attempting to update. Please check the logs. 10/04/2009 08:13:17 1239340397 SYSTEM 1216 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 17/04/2009 18:46:23 1239983183 SYSTEM 1548 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 19/04/2009 19:42:57 1240159377 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LIMEWIRE\Incomplete\T-133120-Age3 Windows.exe" file. 19/04/2009 19:43:04 1240159384 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LIMEWIRE\Incomplete\Preview-T-133120-Age3 Windows.exe" file. 19/04/2009 19:43:34 1240159414 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\RECYCLER\S-1-5-21-1926179703-409498690-3092392523-1007\Dc215.exe" file. 19/04/2009 19:43:38 1240159418 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\RECYCLER\S-1-5-21-1926179703-409498690-3092392523-1007\Dc262.exe" file. 19/04/2009 20:03:56 1240160636 JEFF 1216 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\age 3 crack no cd.zip\Setup.exe" file. 19/04/2009 20:06:57 1240160817 JEFF 1216 Sign of "Win32:Wegit-C [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Incomplete\T-19681895-age3.exe\$PLUGINSDIR\f1\$SYSDIR\$SYSDIR\$[34]" file. 19/04/2009 20:48:40 1240163320 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\feclient32.dll" file. 19/04/2009 20:48:43 1240163323 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\feclient32.dll" file. 19/04/2009 20:48:44 1240163324 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\gpkcsp32.dll" file. 19/04/2009 20:48:45 1240163325 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\gpkcsp32.dll" file. 19/04/2009 20:48:47 1240163327 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\hid32.dll" file. 19/04/2009 20:48:49 1240163329 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\hid32.dll" file. 19/04/2009 20:49:01 1240163341 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dhcpsapi32.dll" file. 19/04/2009 20:50:55 1240163455 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\icardie32.dll" file. 19/04/2009 20:50:59 1240163459 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\ieapfltr32.dll" file. 19/04/2009 20:51:02 1240163462 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\DivX32.dll" file. 19/04/2009 20:51:17 1240163477 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\DivX32.dll" file. 19/04/2009 20:51:17 1240163477 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpus1032.dll" file. 19/04/2009 20:51:17 1240163477 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpus1032.dll" file. 19/04/2009 20:51:18 1240163478 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpvacm32.dll" file. 19/04/2009 20:51:18 1240163478 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpvacm32.dll" file. 19/04/2009 20:51:19 1240163479 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpwsock32.dll" file. 19/04/2009 20:51:19 1240163479 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpwsock32.dll" file. 19/04/2009 20:51:20 1240163480 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmclien32.dll" file. 19/04/2009 20:51:20 1240163480 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmclien32.dll" file. 19/04/2009 20:51:21 1240163481 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmv2clt32.dll" file. 19/04/2009 20:51:21 1240163481 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmv2clt32.dll" file. 19/04/2009 20:51:22 1240163482 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\ds32gt32.dll" file. 19/04/2009 20:51:22 1240163482 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\ds32gt32.dll" file. 19/04/2009 20:51:23 1240163483 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dsdmo32.dll" file. 19/04/2009 20:51:23 1240163483 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dsdmo32.dll" file. 19/04/2009 20:51:24 1240163484 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dskquota32.dll" file. 19/04/2009 20:51:24 1240163484 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dskquota32.dll" file. 20/04/2009 07:27:46 1240201666 SYSTEM 1564 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 20/04/2009 07:27:47 1240201667 SYSTEM 1564 An error has occured while attempting to update. Please check the logs. 20/04/2009 13:05:35 1240221935 SYSTEM 1448 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 21/04/2009 19:49:48 1240332588 SYSTEM 1284 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 21/04/2009 19:49:49 1240332589 SYSTEM 1284 An error has occured while attempting to update. Please check the logs. 24/04/2009 08:44:32 1240551872 SYSTEM 1540 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24/04/2009 12:33:21 1240565601 SYSTEM 1300 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/04/2009 07:31:18 1240806678 SYSTEM 1452 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/04/2009 07:31:19 1240806679 SYSTEM 1452 An error has occured while attempting to update. Please check the logs. 27/04/2009 19:24:14 1240849454 JEFF 1548 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\JEFF\Local Settings\Temp\IXP000.TMP\fukker.exe" file. 27/04/2009 19:24:33 1240849473 JEFF 1548 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\JEFF\Local Settings\Temp\IXP001.TMP\fukker.exe" file. 05/05/2009 17:22:45 1241533365 SYSTEM 1532 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 05/05/2009 17:22:45 1241533365 SYSTEM 1532 An error has occured while attempting to update. Please check the logs. 07/05/2009 12:58:58 1241690338 JEFF 1532 Sign of "Win32:Wegit-C [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LIMEWIRE\Incomplete\T-19681895-age3.exe\$PLUGINSDIR\f1\$SYSDIR\$SYSDIR\$[34]" file. 14/05/2009 15:21:14 1242303674 JEFF 1264 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\olivia ruiz miss meteores.mp3" file. 14/05/2009 15:39:50 1242304790 JEFF 1264 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\love is demis roussos high quality.mp3" file. 14/05/2009 15:41:43 1242304903 JEFF 1264 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\love is demis roussos.mp3" file. 23/05/2009 12:00:59 1243069259 SYSTEM 1280 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/05/2009 07:20:27 1243398027 SYSTEM 1288 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 02/06/2009 12:07:39 1243933659 SYSTEM 1276 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 08/06/2009 11:10:40 1244448640 SYSTEM 1280 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 08/06/2009 11:10:40 1244448640 SYSTEM 1280 An error has occured while attempting to update. Please check the logs. 19/06/2009 09:05:48 1245391548 JEFF 1352 Sign of "VBS:Malware-gen" has been found in "K:\AutoRun.inf" file. 20/06/2009 13:31:27 1245493887 SYSTEM 1344 Sign of "VBS:Malware-gen" has been found in "G:\Autorun.inf" file. 22/06/2009 12:55:11 1245664511 SYSTEM 1344 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 26/06/2009 22:31:24 1246044684 SYSTEM 1336 Sign of "VBS:Malware-gen" has been found in "G:\Autorun.inf" file. 27/06/2009 09:32:39 1246084359 JEFF 1336 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\soviet march red alerte 3 [club mix].mp3" file. 27/06/2009 09:35:36 1246084536 JEFF 1336 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\01. Frank Klepacki - Red Alert 3 Theme - Soviet March (1).wma" file. 27/06/2009 09:40:47 1246084847 JEFF 1336 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\soviet march new single.mp3" file. 27/06/2009 09:43:49 1246085029 JEFF 1336 Sign of "HTML:Iframe-inf" has been found in "http://pixhost.eu/avaxhome/avaxhome/2007-10-02/4191BTHQE6L._SS500__508.jpg\{gzip}" file. 29/06/2009 18:11:34 1246288294 SYSTEM 1344 Sign of "HTML:RedirME-inf [Trj]" has been found in "http://www.msulr.law.msu.edu/docs/pop/?redtube-like-sites" file. 07/07/2009 14:50:13 1246967413 SYSTEM 1280 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 29/08/2009 14:35:33 1251542133 SYSTEM 1256 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 29/08/2009 14:35:34 1251542134 SYSTEM 1256 An error has occured while attempting to update. Please check the logs. 06/09/2009 08:29:14 1252211354 SYSTEM 1196 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 07/09/2009 13:56:10 1252317370 SYSTEM 1276 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 10/09/2009 12:29:21 1252574961 SYSTEM 1336 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 12/09/2009 15:27:15 1252758435 SYSTEM 1340 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 14/09/2009 19:55:03 1252947303 SYSTEM 1204 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\kick bucket charlie winston.mp3" file. 16/09/2009 09:21:50 1253082110 SYSTEM 1200 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 16/09/2009 09:21:59 1253082119 SYSTEM 1200 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 17/09/2009 13:29:12 1253183352 JEFF 1292 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 18/09/2009 22:30:58 1253302258 SYSTEM 1284 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 18/09/2009 22:31:03 1253302263 SYSTEM 1284 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 19/09/2009 15:30:41 1253363441 JEFF 1288 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 19/09/2009 20:25:59 1253381159 JEFF 1288 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 20/09/2009 15:09:56 1253448596 JEFF 1332 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 20/09/2009 19:16:25 1253463385 JEFF 1332 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 20/09/2009 19:16:33 1253463393 JEFF 1332 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 11:39:20 1253522360 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 14:17:53 1253531873 SYSTEM 1252 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 21/09/2009 14:27:20 1253532440 JEFF 1252 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 15:57:26 1253537846 SYSTEM 1332 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 21/09/2009 15:57:35 1253537855 SYSTEM 1332 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 16:07:44 1253538464 SYSTEM 1332 Sign of "HTML:IFrame-DZ [Trj]" has been found in "http://www.starfool.com/index.html" file. 21/09/2009 16:07:47 1253538467 SYSTEM 1332 Sign of "HTML:IFrame-DZ [Trj]" has been found in "C:\Documents and Settings\JEFF\Local Settings\Temporary Internet Files\Content.IE5\S99JMHBB\index[1].htm" file. 28/09/2009 08:11:12 1254114672 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 28/09/2009 08:11:27 1254114687 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 28/09/2009 08:11:47 1254114707 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 29/09/2009 10:44:45 1254210285 SERVICE LOCAL 1304 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\DOCUMENTS AND SETTINGS\JEFF\MES DOCUMENTS\ANNUAIRE JUILLET 2008.XLS (C:\DOCUMENTS AND SETTINGS\JEFF\MES DOCUMENTS\ANNUAIRE JUILLET 2008.XLS) returning error, 00000005. 01/10/2009 14:17:15 1254395835 SYSTEM 1348 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142. 10/10/2009 14:49:53 1255175393 JEFF 1300 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\Program Files\Internet Explorer\minftnet.exe (C:\Program Files\Internet Explorer\minftnet.exe) returning error, 0000A413. 10/10/2009 19:15:45 1255191345 JEFF 1300 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 16/10/2009 08:47:36 1255672056 SYSTEM 1352 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 16/10/2009 08:47:38 1255672058 SYSTEM 1352 An error has occured while attempting to update. Please check the logs. 05/11/2009 09:49:58 1257403798 SYSTEM 1352 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.windguru.com/fr/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp50710025.tmp) returning error, 0000A413. 05/11/2009 16:55:45 1257429345 SYSTEM 1340 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://c.voila.fr/headerMail.html (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp96216547.tmp) returning error, 0000A413. 05/11/2009 17:46:01 1257432361 SYSTEM 1340 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp188819633.tmp) returning error, 0000A413. 06/11/2009 21:22:59 1257531779 SYSTEM 1348 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.google.dj/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp41282743.tmp) returning error, 0000A413. 06/11/2009 21:32:31 1257532351 SYSTEM 1312 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://lan2.startvg.com/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp26800567.tmp) returning error, 0000A413. 07/11/2009 20:53:17 1257616397 SYSTEM 1336 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://clients1.google.com/complete/search...p;q=pa&cp=2 (C:\WINDOWS\TEMP\_avast4_\unp248562675.tmp) returning error, 0000A413. 08/11/2009 15:24:39 1257683079 SYSTEM 1348 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/posting.forum (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp258465023.tmp) returning error, 0000A413. 09/11/2009 12:03:22 1257757402 SYSTEM 1284 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://clients1.google.dj/suggest?hl=fr&am...0djib&cp=10 (C:\WINDOWS\TEMP\_avast4_\unp105078641.tmp) returning error, 0000A413. 09/11/2009 12:05:01 1257757501 SYSTEM 1284 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/search.forum?search_id=newposts (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp198543739.tmp) returning error, 0000A413. 09/11/2009 12:49:09 1257760150 SYSTEM 1340 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 10/11/2009 08:52:32 1257832352 SYSTEM 1284 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/forum.htm (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp204398875.tmp) returning error, 0000A413. 10/11/2009 15:41:54 1257856914 SYSTEM 1344 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp27271879.tmp) returning error, 0000A413. 12/11/2009 09:01:35 1258005695 SYSTEM 1348 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 12/11/2009 09:01:42 1258005702 SYSTEM 1348 An error has occured while attempting to update. Please check the logs. 16/11/2009 14:23:18 1258370598 SYSTEM 1248 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 16/11/2009 14:23:19 1258370599 SYSTEM 1248 An error has occured while attempting to update. Please check the logs. 26/11/2009 22:50:13 1259265013 SYSTEM 1248 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 27/11/2009 13:35:12 1259318112 SYSTEM 1276 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 27/11/2009 13:35:13 1259318113 SYSTEM 1276 An error has occured while attempting to update. Please check the logs. 27/11/2009 16:09:30 1259327370 SYSTEM 1348 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 28/11/2009 14:56:31 1259409391 SYSTEM 1332 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142. 29/11/2009 12:37:08 1259487428 SYSTEM 1332 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 29/11/2009 12:37:09 1259487429 SYSTEM 1332 An error has occured while attempting to update. Please check the logs. 03/12/2009 07:55:22 1259816122 SYSTEM 1260 Sign of "Win32:Zbot-MKK [Trj]" has been found in "C:\Program Files\Ares\Ares.exe" file. 03/12/2009 08:17:13 1259817433 JEFF 2332 Sign of "Win32:Zbot-MKK [Trj]" has been found in "c:\program files\ares\ares.exe" file. 10/12/2009 13:50:34 1260442234 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0418998.dll" file. 10/12/2009 14:08:24 1260443304 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0418999.dll" file. 10/12/2009 14:08:31 1260443311 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419000.dll" file. 10/12/2009 14:08:33 1260443313 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419001.dll" file. 10/12/2009 14:08:38 1260443318 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419002.dll" file. 10/12/2009 14:08:42 1260443322 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419003.dll" file. 10/12/2009 14:08:53 1260443333 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419004.dll" file. 10/12/2009 14:09:18 1260443358 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419005.dll" file. 10/12/2009 14:09:51 1260443391 JEFF 2540 Sign of "Win32:Fasec [Trj]" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419006.dll" file. 10/12/2009 14:15:39 1260443739 JEFF 2540 Sign of "Win32:Fasec [Trj]" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419007.dll" file. 10/12/2009 14:39:45 1260445185 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\WINDOWS\system32\DivX32.dll" file. 10/12/2009 14:40:37 1260445237 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\WINDOWS\system32\dpus1032.dll" file. 10/12/2009 14:40:43 1260445243 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\WINDOWS\system32\dpvacm32.dll" file. 10/12/2009 15:42:54 1260448974 SYSTEM 1336 Sign of "HTML:Iframe-inf" has been found in "http://pixhost.eu/avaxhome/avaxhome/2007-10-02/4191BTHQE6L._SS500__508.jpg/%7Bgzip%7D\{gzip}" file. 11/12/2009 18:35:21 1260545721 SYSTEM 1316 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 11/12/2009 18:35:21 1260545721 SYSTEM 1316 An error has occured while attempting to update. Please check the logs. 12/12/2009 10:45:24 1260603924 JEFF 3804 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1281\A0423715.dll" file. 12/12/2009 10:48:16 1260604096 JEFF 3804 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1281\A0423716.dll" file. 12/12/2009 10:48:19 1260604099 JEFF 3804 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1281\A0423717.dll" file. 12/12/2009 10:49:28 1260604168 JEFF 3804 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1288\A0424546.dll" file. 12/12/2009 11:08:16 1260605296 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\ljnhwt.bat" file. 12/12/2009 11:08:24 1260605304 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\AdobeR.exe" file. 12/12/2009 11:09:30 1260605370 JEFF 3804 Sign of "VBS:Malware-gen" has been found in "G:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1216\A0407629.inf" file. 12/12/2009 11:09:43 1260605383 JEFF 3804 Sign of "VBS:Malware-gen" has been found in "G:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1223\A0409318.inf" file. 12/12/2009 11:10:01 1260605401 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1288\A0424558.bat" file. 12/12/2009 11:10:05 1260605405 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1288\A0424559.exe" file. 12/12/2009 11:10:08 1260605408 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP215\A0170148.exe" file. 12/12/2009 11:10:10 1260605410 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP216\A0178475.exe" file. 12/12/2009 11:10:13 1260605413 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP216\A0178476.bat" file. 12/12/2009 11:10:15 1260605415 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP216\A0178488.exe" file. 12/12/2009 11:10:17 1260605417 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP216\A0178491.bat" file. 12/12/2009 11:10:24 1260605424 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP217\A0181686.exe" file. 12/12/2009 11:10:28 1260605428 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP217\A0181689.bat" file. 12/12/2009 11:10:29 1260605429 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP217\A0181722.bat" file. 12/12/2009 11:10:31 1260605431 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP218\A0181764.bat" file. 12/12/2009 11:10:32 1260605432 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0189875.bat" file. 12/12/2009 11:10:34 1260605434 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0189876.exe" file. 12/12/2009 11:10:35 1260605435 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0189895.bat" file. 12/12/2009 11:10:36 1260605436 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0190895.exe" file. 12/12/2009 11:10:38 1260605438 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP219\A0190898.bat" file. 12/12/2009 11:10:40 1260605440 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP220\A0190926.bat" file. 12/12/2009 11:10:41 1260605441 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP220\A0190959.bat" file. 12/12/2009 11:10:42 1260605442 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP220\A0190977.bat" file. 12/12/2009 11:10:43 1260605443 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP220\A0191978.bat" file. 12/12/2009 11:10:44 1260605444 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP220\A0192001.bat" file. 12/12/2009 11:10:45 1260605445 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP220\A0194001.bat" file. 12/12/2009 11:10:46 1260605446 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP221\A0194008.bat" file. 12/12/2009 11:10:47 1260605447 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP221\A0195000.bat" file. 12/12/2009 11:10:49 1260605449 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP221\A0195024.bat" file. 12/12/2009 11:10:51 1260605451 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP221\A0196024.bat" file. 12/12/2009 11:10:52 1260605452 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP222\A0196031.bat" file. 12/12/2009 11:10:53 1260605453 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP222\A0196061.bat" file. 12/12/2009 11:10:53 1260605453 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP222\A0197062.bat" file. 12/12/2009 11:10:55 1260605455 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP223\A0200088.exe" file. 12/12/2009 11:10:58 1260605458 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP223\A0200092.bat" file. 12/12/2009 11:10:59 1260605459 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP223\A0201086.bat" file. 12/12/2009 11:11:00 1260605460 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP223\A0202085.bat" file. 12/12/2009 11:11:01 1260605461 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP228\A0208481.bat" file. 12/12/2009 11:11:03 1260605463 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP228\A0208482.exe" file. 12/12/2009 11:11:04 1260605464 JEFF 3804 Sign of "Win32:Rjump [Wrm]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP228\A0208484.exe" file. 12/12/2009 11:11:05 1260605465 JEFF 3804 Sign of "Win32:Kamso [Trj]" has been found in "G:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP228\A0208487.bat" file.
  3. Ouine d'oz
    Je rentre des îles... Contente de trouver ta réponse J'ai 2 disques durs externes et beaucoup de clés USB qui naviguent un peu partout... Pour faire l'analyse, je n'ai branché qu'un disque dur et une clé USB. Faut-il que je le refasse aussi avec l'autre disque dur externe ? Voici le rapport : C:\Program Files\Common Files - Parameters: "/s" ---Files--- None found. C:\Program Files\Common Files\Microsoft Shared d----- [21:16 27/12/2005] C:\Program Files\Common Files\Microsoft Shared\NoteSync Forms d----- [21:16 27/12/2005] FormDll.dll --a--- 57426 bytes [21:16 27/12/2005] [23:20 24/02/2004] inkeng.dll --a--- 331857 bytes [21:16 27/12/2005] [23:20 24/02/2004] InkForm.exe --a--- 41042 bytes [21:16 27/12/2005] [21:43 03/02/2004] inkform.src --a--- 1197 bytes [21:16 27/12/2005] [17:30 22/12/2003] INKNOTEL.ICO --a--- 766 bytes [21:16 27/12/2005] [17:30 22/12/2003] INKNOTES.ICO --a--- 766 bytes [21:16 27/12/2005] [17:30 22/12/2003] InkProps.dll --a--- 49235 bytes [21:16 27/12/2005] [23:20 24/02/2004] inkres.dll --a--- 36945 bytes [21:16 27/12/2005] [23:20 24/02/2004] inkx.dll --a--- 36943 bytes [21:16 27/12/2005] [23:20 24/02/2004] VCOMCtl.dll --a--- 73810 bytes [21:16 27/12/2005] [23:20 24/02/2004] vnotel.ico --a--- 766 bytes [21:16 27/12/2005] [17:30 22/12/2003] vnotes.ico --a--- 766 bytes [21:16 27/12/2005] [17:30 22/12/2003] VoiceBar.dll --a--- 41043 bytes [21:16 27/12/2005] [23:20 24/02/2004] VoiceFrm.exe --a--- 41043 bytes [21:16 27/12/2005] [21:43 03/02/2004] voicefrm.src --a--- 1179 bytes [21:16 27/12/2005] [17:30 22/12/2003] C:\WINDOWS\system32 - Parameters: "/n*.exe /t60" ---Files--- ie4uinit.exe --a--- 173056 bytes [11:49 30/09/2002] [14:40 28/10/2009] MRT.exe --a--- 25966024 bytes [12:45 10/05/2005] [20:06 01/12/2009] tzchange.exe ------ 46080 bytes [08:58 29/01/2007] [15:07 28/10/2009] ---Folders--- 1025 d----- [11:52 30/09/2002] 1028 d----- [11:52 30/09/2002] 1031 d----- [11:52 30/09/2002] 1033 d----- [11:52 30/09/2002] 1036 d----- [11:52 30/09/2002] 1037 d----- [11:52 30/09/2002] 1041 d----- [11:52 30/09/2002] 1042 d----- [11:52 30/09/2002] 1054 d----- [11:52 30/09/2002] 2052 d----- [11:52 30/09/2002] 3076 d----- [11:52 30/09/2002] 3com_dmi d----- [11:52 30/09/2002] bits d----- [13:36 21/01/2005] CatRoot d----- [11:54 30/09/2002] CatRoot2 d----- [11:54 30/09/2002] Color d----- [09:24 02/01/2004] Com d----- [12:00 30/09/2002] config d----- [11:52 30/09/2002] dhcp d----- [11:52 30/09/2002] DirectX d----- [12:02 30/09/2002] dllcache dr-hs- [11:52 30/09/2002] drivers d----- [11:52 30/09/2002] DRVSTORE d----c [11:48 28/06/2006] export d----- [11:52 30/09/2002] fr d----- [12:49 31/10/2008] fr-fr d----- [15:34 14/01/2007] ias d----- [11:52 30/09/2002] icsxml d----- [11:52 30/09/2002] IME d----- [11:52 30/09/2002] inetsrv d----- [11:52 30/09/2002] LogFiles d----- [13:43 03/03/2007] Macromed d----- [12:02 30/09/2002] Microsoft d---s- [13:14 30/09/2002] MpEngineStore d----- [21:07 10/12/2009] MsDtc d----- [12:00 30/09/2002] mui d----- [11:52 30/09/2002] npp d----- [11:52 30/09/2002] oobe d----- [11:52 30/09/2002] PreInstall d----- [08:00 29/06/2005] ras d----- [11:52 30/09/2002] ReinstallBackups d----- [04:25 11/11/2003] Restore d----- [12:02 30/09/2002] Setup d----- [11:52 30/09/2002] ShellExt d----- [11:52 30/09/2002] SoftwareDistribution d----- [07:31 25/06/2005] spool d----- [11:52 30/09/2002] usmt d----- [11:52 30/09/2002] wbem d----- [11:52 30/09/2002] wins d----- [11:52 30/09/2002] xircom d----- [12:04 30/09/2002] C:\WINDOWS\system32 - Parameters: "/n*.dll /t20" ---Files--- None found. ---Folders--- 1025 d----- [11:52 30/09/2002] 1028 d----- [11:52 30/09/2002] 1031 d----- [11:52 30/09/2002] 1033 d----- [11:52 30/09/2002] 1036 d----- [11:52 30/09/2002] 1037 d----- [11:52 30/09/2002] 1041 d----- [11:52 30/09/2002] 1042 d----- [11:52 30/09/2002] 1054 d----- [11:52 30/09/2002] 2052 d----- [11:52 30/09/2002] 3076 d----- [11:52 30/09/2002] 3com_dmi d----- [11:52 30/09/2002] bits d----- [13:36 21/01/2005] CatRoot d----- [11:54 30/09/2002] CatRoot2 d----- [11:54 30/09/2002] Color d----- [09:24 02/01/2004] Com d----- [12:00 30/09/2002] config d----- [11:52 30/09/2002] dhcp d----- [11:52 30/09/2002] DirectX d----- [12:02 30/09/2002] dllcache dr-hs- [11:52 30/09/2002] drivers d----- [11:52 30/09/2002] DRVSTORE d----c [11:48 28/06/2006] export d----- [11:52 30/09/2002] fr d----- [12:49 31/10/2008] fr-fr d----- [15:34 14/01/2007] ias d----- [11:52 30/09/2002] icsxml d----- [11:52 30/09/2002] IME d----- [11:52 30/09/2002] inetsrv d----- [11:52 30/09/2002] LogFiles d----- [13:43 03/03/2007] Macromed d----- [12:02 30/09/2002] Microsoft d---s- [13:14 30/09/2002] MpEngineStore d----- [21:07 10/12/2009] MsDtc d----- [12:00 30/09/2002] mui d----- [11:52 30/09/2002] npp d----- [11:52 30/09/2002] oobe d----- [11:52 30/09/2002] PreInstall d----- [08:00 29/06/2005] ras d----- [11:52 30/09/2002] ReinstallBackups d----- [04:25 11/11/2003] Restore d----- [12:02 30/09/2002] Setup d----- [11:52 30/09/2002] ShellExt d----- [11:52 30/09/2002] SoftwareDistribution d----- [07:31 25/06/2005] spool d----- [11:52 30/09/2002] usmt d----- [11:52 30/09/2002] wbem d----- [11:52 30/09/2002] wins d----- [11:52 30/09/2002] xircom d----- [12:04 30/09/2002] C:\RECYCLER\S-1-5-21-1926179703-409498690-3092392523-1007 - Parameters: "/n*.exe" ---Files--- None found. ---Folders--- Dc13 d----- [13:32 01/12/2009] Dc14 dr---- [18:08 01/01/2004] Dc17 d----- [08:46 27/04/2009] Dc19 d----- [15:16 01/12/2009] Dc3 d----- [08:46 27/04/2009] Dc4 d----- [08:46 27/04/2009] Dc5 d----- [16:53 14/01/2007] ========== filefind ========== Searching for "alg.exe" C:\WINDOWS\$NtServicePackUninstall$\alg.exe -----c 44544 bytes [12:38 31/10/2008] [23:09 19/08/2004] B43CC0F07752D456038CD0268E4D84E9 C:\WINDOWS\ServicePackFiles\i386\alg.exe ------ 44544 bytes [23:09 19/08/2004] [02:33 14/04/2008] 5E9A6658A2A69AE7EB195113B7A2E7A9 C:\WINDOWS\system32\alg.exe ------ 44544 bytes [11:48 30/09/2002] [23:09 19/08/2004] B43CC0F07752D456038CD0268E4D84E9 Searching for "*wexec.exe" C:\WINDOWS\system32\wowexec.exe --a--- 10608 bytes [11:49 30/09/2002] [12:00 30/08/2002] 83F2ABA557F2AF12A24BC652EE35E7CD Searching for "seya.exe" No files found. Searching for "seneka.sys" No files found. -=End Of File=-
  4. Ouine d'oz
    Je ne comprends pas. J'ai fait une "réponse rapide" aujourd'hui à 19h21 avec les rapports RSIT et je ne la vois pas quand je consulte le forum. En revanche, le message est bien là car je le vois dans "les 10 derniers messages en ordre inverse". Vous le voyez mon précédent message ou pas ? Bonne nuit. A demain
  5. Ouine d'oz
    Bien vu pour djibouti ! Quelle indiscrétion dans ces rapports informatiques (je m'en doutais en les postant) ! Heureusement que je ne vais pas sur des sites X !!! Bien vu pour les téléchargements sur Limewire et l'emploi de supports USB pas clean, je le savais (Avast me le signale mais pas toujours...). Voici les rapports RSIT Et merci encore de me prendre en charge ! Bonne soirée (pour moi au resto, à Djibouti évidemment !) info.txt logfile of random's system information tool 1.06 2009-12-10 19:09:20 ======Uninstall list====== -->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{09B44E78-A988-4BC0-962F-63ECD3333708} /l1036 -->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\S3Inc\ProSavage\ProSavage.isu" -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove -->C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->C:\WINDOWS\UNIN040C.EXE -f"C:\Program Files\PhotoDeluxe EE 1.1\DeIsL1.isu" -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}\Setup.exe" -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C6D8763-EEB7-433E-A75E-2AB44892FCA2}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\SETUP.EXE" -uninstall -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE" -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 5000 Cliparts-->C:\WINDOWS\UNIN040C.EXE -f"C:\PROGRA~1\PRINTM~1\5000CL~1\DeIsL1.isu" Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-5A64-7E8A45000001} Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log Adobe Type Manager 4.0-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Adobe Type Manager\DeIsL1.isu" -c"C:\Program Files\Adobe Type Manager\UNINST.DLL" Apple Software Update-->MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Ares 2.1.0-->"C:\Program Files\Ares\uninstall.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean avast! Antivirus-->C:\Program Files\ANTIVIRUS\Avast4\aswRunDll.exe "C:\Program Files\ANTIVIRUS\Avast4\Setup\setiface.dll",RunSetup Canon Camera Access Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini" Canon Camera Support Core Library-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini" Canon Camera Window DC_DV 5 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini" Canon Camera Window DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Camera Window MC 6 for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini" Canon G.726 WMP-Decoder-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini" CANON iMAGE GATEWAY Task-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities EOS Utility-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Fichiers communs\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" CASIO fx-ES PLUS Emulator Trial-->MsiExec.exe /X{CD59312B-4D1B-4F98-9689-0E7E99CF3216} Commandos 3 - Destination Berlin-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C270BC04-1540-4673-960F-A546B2C860CD}\SETUP.EXE" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" devolo dLAN - Assistant de configuration-->C:\Program Files\devolo\setup.exe /remove:dlanconf devolo EasyClean-->C:\Program Files\devolo\setup.exe /remove:easyclean devolo EasyShare-->C:\Program Files\devolo\setup.exe /remove:easyshare devolo Informer-->C:\Program Files\devolo\setup.exe /remove:dslmon DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DjiboutiTelecom_Kit_Internet-->MsiExec.exe /I{52CAF110-F491-7A43-8BA2-767E24D24BFA} Dofus 1.28.0-->C:\Program Files\Dofus\uninstall.exe Encyclopédie Hachette Multimédia-->C:\WINDOWS\unvise32.exe C:\program files\EHMINSTALL\uninstal.log Eye 310-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57383270-6F61-4DC8-A9B8-C1745FC29F38}\Setup.exe" -l0x40c fx-9860G Manager PLUS (30 Day Trial)-->C:\Program Files\InstallShield Installation Information\{06911D51-2540-401B-814C-BE77DEEF9241}\setup.exe -runfromtemp -l0x0009 -l009 -removeonly GIMP 2.6.5-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP PrecisionScan-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\Uninst.isu" -c"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\HPUninstallIs.dll" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} iPAQ Download Agent-->"C:\Program Files\iPAQ Download Agent\UNINSTAL.EXE" "C:\Program Files\iPAQ Download Agent\INSTALL.LOG" "iPAQ Download Agent Uninstall" iPAQ WebReg-->MsiExec.exe /I{D37C6152-89DF-4D29-83CF-666200D5F398} iPod for Windows 2006-01-10-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1036 iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4} J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050} Java Runtime Environment 1.1-->C:\WINDOWS\uninst.exe -f"C:\Program Files\JavaSoft\JRE\1.1\lib\DeIsL1.isu" Java 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} La Guerre de l'Anneau-->C:\Programmes\Liquid Entertainment\La Guerre de l'Anneau\Setup.exe -u Lame ACM MP3 Codec-->"C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFU9.inf Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall LimeWire 5.2.13-->"C:\Program Files\LimeWire\uninstall.exe" LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE LiveUpdate 1.80 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Mastersoft Mobile Solutions GamesPack2_PPC_ARM-->"C:\WINDOWS\epsuninst.exe" "C:\Program Files\GamesPack2_PPC_ARM\uninst.dat" Mastersoft Mobile Solutions SuDoku-->"C:\WINDOWS\epsuninst.exe" "C:\Program Files\SuDoku\uninst.dat" Microsoft ActiveSync 3.7-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Les Océans Version 1.0-->D:\Data\00Setup\App\Uninstal.exe Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office 2000 Standard-->MsiExec.exe /I{0002040C-78E1-11D2-B60F-006097C998E7} Microsoft Outlook 2002-->MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB968220)-->"C:\WINDOWS\ie8updates\KB968220-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PC SECURITY TEST 2008-->"C:\Program Files\AxBx\PC Security Test 2008\unins000.exe" Plug-in Le service Photo Livecom-->C:\PROGRA~1\LIVECO~1\LESERV~1\UNWISE.EXE C:\PROGRA~1\LIVECO~1\LESERV~1\INSTALL.LOG Pokémon Project Studio Version Rouge-->C:\Program Files\The Learning Company\Pokémon Project Studio Version Rouge\uninstal.exe QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A} Rayman3-->MsiExec.exe /X{BAF5914B-5730-4373-B038-9F436AC6A0D6} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 SafeCast Shared Components-->C:\Program Files\Fichiers communs\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x040c -removeonly Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Studio 9 Content CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B67624DE-75CE-4FAD-9F29-5C115773CE61}\Setup.exe" -l0x40c UNINSTALL Tukanas Files Converter-->C:\PROGRA~1\TUKANA~1\UNWISE.EXE C:\PROGRA~1\TUKANA~1\INSTALL.LOG Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5} XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe" =====HijackThis Backups===== O4 - HKCU\..\Run: [bxnaceqp] "C:\Program Files\Common Files\T?sks\w?wexec.exe" [2009-02-03] O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe [2009-02-03] O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-04-28] O2 - BHO: (no name) - {B38B35D2-F762-9680-1594-A48F00782C9A} - C:\WINDOWS\system32\rabwg.dll (file missing) [2009-04-28] O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab [2009-04-28] O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/30.61/uploader2.cab [2009-04-28] O17 - HKLM\System\CCS\Services\Tcpip\..\{8E65883C-DB06-4B7A-A9E1-F24B169CCDB4}: NameServer = 193.251.143.162 196.201.196.34 [2009-04-28] ======Security center information====== AV: avast! antivirus 4.8.1351 [VPS 091210-0] ======System event log====== Computer Name: SN200905560009 Event Code: 7036 Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution. Record Number: 48016 Source Name: Service Control Manager Time Written: 20091126120929.000000+180 Event Type: Informations User: Computer Name: SN200905560009 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur. Record Number: 48015 Source Name: Service Control Manager Time Written: 20091126120929.000000+180 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SN200905560009 Event Code: 7036 Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution. Record Number: 48014 Source Name: Service Control Manager Time Written: 20091126120710.000000+180 Event Type: Informations User: Computer Name: SN200905560009 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Services Terminal Server. Record Number: 48013 Source Name: Service Control Manager Time Written: 20091126120710.000000+180 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SN200905560009 Event Code: 7036 Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution. Record Number: 48012 Source Name: Service Control Manager Time Written: 20091126120629.000000+180 Event Type: Informations User: =====Application event log===== Computer Name: SN200905560009 Event Code: 1040 Message: Commencement d'une transaction Windows Installer : {059C042E-796A-4ACC-A81A-ECC2010BB78C}. Id de processus client : 748. Record Number: 39314 Source Name: MsiInstaller Time Written: 20090428114807.000000+180 Event Type: Informations User: SN200905560009\JEFF Computer Name: SN200905560009 Event Code: 1042 Message: Fin d'une transaction Windows Installer C:\Program Files\Fichiers communs\Windows Live\.cache\e21e4fb81c9c31d\Messenger.msi. Id de processus client : 1264. Record Number: 39313 Source Name: MsiInstaller Time Written: 20090428114722.000000+180 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: SN200905560009 Event Code: 1033 Message: Windows Installer a installé le produit. Nom du produit : Windows Live Messenger. Version du produit : 14.0.8064.0206. Langue du produit : 1036. Réussite de l’installation ou état d’erreur : 0. Record Number: 39312 Source Name: MsiInstaller Time Written: 20090428114722.000000+180 Event Type: Informations User: SN200905560009\JEFF Computer Name: SN200905560009 Event Code: 11707 Message: Produit : Windows Live Messenger -- Installation effectuée. Record Number: 39311 Source Name: MsiInstaller Time Written: 20090428114722.000000+180 Event Type: Informations User: SN200905560009\JEFF Computer Name: SN200905560009 Event Code: 1040 Message: Commencement d'une transaction Windows Installer : C:\Program Files\Fichiers communs\Windows Live\.cache\e21e4fb81c9c31d\Messenger.msi. Id de processus client : 1264. Record Number: 39310 Source Name: MsiInstaller Time Written: 20090428114630.000000+180 Event Type: Informations User: SN200905560009\JEFF ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\TVNAVI~1;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0209 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.5.0_05\lib\ext\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by JEFF at 2009-12-10 19:08:46 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 35 GB (24%) free of 149 GB Total RAM: 511 MB (38% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:09:11, on 10/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\apps\ABoard\AOSD.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\DjiboutiTelecom_Kit_Internet\DjibTelecomKit.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\JEFF\Bureau\RSIT.exe C:\Program Files\Trend Micro\HijackThis\JEFF.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe /ICON O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sra] "C:\DOCUME~1\JEFF\APPLIC~1\STEM~1\alg.exe" -vt ndrv O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8E65883C-DB06-4B7A-A9E1-F24B169CCDB4}: NameServer = 193.251.143.162 196.201.196.34 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 9856 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Rappel d'enregistrement 1.job C:\WINDOWS\tasks\Rappel d'enregistrement 2.job C:\WINDOWS\tasks\Rappel d'enregistrement 3.job C:\WINDOWS\tasks\Symantec NetDetect.job C:\WINDOWS\tasks\User_Feed_Synchronization-{6D462D95-17DE-41B4-9D7F-36CF6039B479}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-28 304736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ACTIVBOARD"=c:\apps\ABoard\ABoard.exe [2003-05-02 24576] "VCSPlayer"=C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe [2003-08-13 299008] "CleanEasyImg"=c:\apps\easydvd\cleanall.exe [] "hpppta"=C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe [1999-10-29 98304] "snpstd"=C:\WINDOWS\vsnpstd.exe [2005-10-11 339968] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-10-25 282624] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2006-10-30 256576] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "avast!"=C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe [2009-08-17 81000] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-01-28 185872] "ATIPTA"=C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\s [2009-12-10 210] "H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2004-02-25 401491] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-05 68856] "Sra"=C:\DOCUME~1\JEFF\APPLIC~1\STEM~1\alg.exe -vt ndrv [] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\s [2009-12-10 210] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\s [2009-12-10 210] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= "NoDriveAutoRun"= "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Team17 Software Ltd\Worms Forts Under Siege\WF.exe"="C:\Program Files\Team17 Software Ltd\Worms Forts Under Siege\WF.exe:*:Disabled:WF" "C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD"="C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD:*:Disabled:Age of Empires II" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager" "C:\Program Files\Microsoft ActiveSync\WcesMgr.exe"="C:\Program Files\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealOne Player" "C:\Program Files\Livecom\Application\eConfv4\livecomp.exe"="C:\Program Files\Livecom\Application\eConfv4\livecomp.exe:*:Enabled:Livecom Player" "C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe"="C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe:*:Enabled:Livecom" "C:\PROGRA~1\Livecom\APPLIC~1\Exe\..\EconfV4\ftplayer.exe"="C:\PROGRA~1\Livecom\APPLIC~1\Exe\..\EconfV4\ftplayer.exe:*:Enabled:Livecom Media" "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Disabled:TmNationsESWC" "C:\Program Files\Java\jre1.5.0_05\bin\java.exe"="C:\Program Files\Java\jre1.5.0_05\bin\java.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\Program Files\Player Video StarAcademy Orange\starac06.exe"="C:\Program Files\Player Video StarAcademy Orange\starac06.exe:*:Enabled:OneClick" "C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe"="C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe:*:Enabled:Navigateur Internet" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Alien Arena 2006 UE\crx.exe"="C:\Alien Arena 2006 UE\crx.exe:*:Enabled:crx" "C:\Programmes\Liquid Entertainment\La Guerre de l'Anneau\Rings.exe"="C:\Programmes\Liquid Entertainment\La Guerre de l'Anneau\Rings.exe:*:Enabled:Rings" "C:\Program Files\Ankama Games\DofusArenaBeta2\DofusArena.exe"="C:\Program Files\Ankama Games\DofusArenaBeta2\DofusArena.exe:*:Enabled:Dofus Arena Client" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java 2 Platform Standard Edition binary" "C:\WINDOWS\system32\^%%%%% ^ .exe"="C:\WINDOWS\system32\^%%%%% ^ .exe:*:Enabled:Flash Media" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\devolo\informer\devinf.exe"="C:\Program Files\devolo\informer\devinf.exe:*:Enabled:devolo Informer" "C:\Program Files\devolo\easyshare\easyshare.exe"="C:\Program Files\devolo\easyshare\easyshare.exe:*:Enabled:devolo EasyShare" "C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe"="C:\PROGRA~1\Livecom\APPLIC~1\Exe\Livecom.exe:*:Enabled:Livecom" "C:\PROGRA~1\Livecom\APPLIC~1\Exe\..\EconfV4\ftplayer.exe"="C:\PROGRA~1\Livecom\APPLIC~1\Exe\..\EconfV4\ftplayer.exe:*:Enabled:Livecom Media" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08bc78ba-8cea-11da-aab7-4d6564696130}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{094d65a9-c176-11de-b5e9-00038a000015}] shell\AutoRun\command - F:\ljnhwt.bat shell\open\command - F:\ljnhwt.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{396ceef1-45c0-11dc-ae50-4d6564696130}] shell\Auto\command - F:\config.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL config.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5616ee08-6269-11de-b4ce-00038a000015}] shell\AutoRun\command - F:\ljnhwt.bat shell\open\command - F:\ljnhwt.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d31a36c-da8f-11de-b633-00038a000015}] shell\AutoRun\command - F:\EmDesk.exe shell\EmDesk\command - F:\EmDesk.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ada5626-148b-11d9-a7a5-00038a000015}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ab8dfb52-a0e4-11dc-af22-4d6564696130}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5fdcf85-2b53-11de-b3f1-00194b9edf94}] shell\AutoRun\command - F:\ljnhwt.bat shell\open\command - F:\ljnhwt.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9471e2e-878a-11da-aaa6-4d6564696130}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{faaebe36-d11a-11dd-b2c4-00194b9edf94}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e ======List of files/folders created in the last 1 months====== 2009-12-10 19:08:46 ----D---- C:\rsit 2009-12-10 07:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-10 07:39:06 ----D---- C:\WINDOWS\LastGood 2009-12-02 18:52:00 ----D---- C:\Program Files\Dofus 2 2009-11-25 20:28:22 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-11-25 20:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2009-11-11 21:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ ======List of files/folders modified in the last 1 months====== 2009-12-10 19:08:40 ----D---- C:\WINDOWS\Prefetch 2009-12-10 15:54:26 ----D---- C:\WINDOWS\Temp 2009-12-10 14:40:44 ----D---- C:\WINDOWS\system32 2009-12-10 07:59:32 ----HD---- C:\WINDOWS\inf 2009-12-10 07:59:27 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-10 07:53:36 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-10 07:53:36 ----D---- C:\WINDOWS 2009-12-09 22:53:29 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-08 15:52:58 ----SHD---- C:\WINDOWS\Installer 2009-12-08 15:52:21 ----SHD---- C:\Config.Msi 2009-12-03 09:28:26 ----D---- C:\Program Files\Fichiers communs\SureThing Shared 2009-12-03 09:10:43 ----D---- C:\Program Files\Ares 2009-12-02 18:52:00 ----RD---- C:\Program Files 2009-12-01 14:51:42 ----D---- C:\WINDOWS\network diagnostic 2009-12-01 10:41:17 ----D---- C:\Documents and Settings\JEFF\Application Data\LimeWire 2009-11-29 15:16:26 ----D---- C:\Program Files\LimeWire 2009-11-26 19:42:46 ----D---- C:\WINDOWS\Album 2009-11-25 20:28:25 ----A---- C:\WINDOWS\imsins.BAK 2009-11-25 20:28:12 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-11-25 20:26:39 ----D---- C:\WINDOWS\WinSxS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\s [2009-12-10 210] R1 Asapi;Asapi; C:\WINDOWS\s [2009-12-10 210] R1 aswSP;avast! Self Protection; C:\WINDOWS\s [2009-12-10 210] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\s [2009-12-10 210] R1 ATMhelpr;ATMhelpr; C:\WINDOWS\s [2009-12-10 210] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\S [2009-12-10 210] R1 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys [] R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys [] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\S [2009-12-10 210] R1 ssmdrv;ssmdrv; C:\WINDOWS\s [2009-12-10 210] R1 vcsmpdrv;vcsmpdrv; C:\WINDOWS\S [2009-12-10 210] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\s [2009-12-10 210] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\s [2009-12-10 210] R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\System32\drivers\CdaC15BA.SYS [] R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\S [2009-12-10 210] R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\S [2009-12-10 210] R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\S [2009-12-10 210] R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver; C:\WINDOWS\s [2009-12-10 210] R3 aeaudio;aeaudio; C:\WINDOWS\s [2009-12-10 210] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\S [2009-12-10 210] R3 aswRdr;aswRdr; C:\WINDOWS\s [2009-12-10 210] R3 ati2mtag;ati2mtag; C:\WINDOWS\s [2009-12-10 210] R3 BridgeMP;Miniport de pont MAC; C:\WINDOWS\S [2009-12-10 210] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\S [2009-12-10 210] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\S [2009-12-10 210] R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\s [2009-12-10 210] R3 mouhid;Pilote HID de souris; C:\WINDOWS\S [2009-12-10 210] R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\S [2009-12-10 210] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\S [2009-12-10 210] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\S [2009-12-10 210] R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\S [2009-12-10 210] R3 SlWdmSup;SlWdmSup; C:\WINDOWS\S [2009-12-10 210] R3 smwdm;smwdm; C:\WINDOWS\s [2009-12-10 210] R3 snpstd;Eye 310; C:\WINDOWS\s [2009-12-10 210] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\S [2009-12-10 210] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\S [2009-12-10 210] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\S [2009-12-10 210] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\S [2009-12-10 210] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\S [2009-12-10 210] S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\S [2009-12-10 210] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\S [2009-12-10 210] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\S [2009-12-10 210] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\S [2009-12-10 210] S3 Bridge;Pont MAC; C:\WINDOWS\S [2009-12-10 210] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\s [2009-12-10 210] S3 e4usbae;USB ADSL2 LAN Adapter; C:\WINDOWS\s [2009-12-10 210] S3 GcKernel;Pilote de filtre Microsoft SideWinder Value Add; C:\WINDOWS\S [2009-12-10 210] S3 HIDSwvd;Minipilote de périphérique Microsoft SideWinder HID virtuel; C:\WINDOWS\S [2009-12-10 210] S3 lac97inf;lac97inf; \??\C:\DOCUME~1\JEFF\LOCALS~1\Temp\lac97inf.sys [] S3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\s [2009-12-10 210] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\s [2009-12-10 210] S3 Mtlstrm;Mtlstrm; C:\WINDOWS\S [2009-12-10 210] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\s [2009-12-10 210] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\s [2009-12-10 210] S3 NtMtlFax;NtMtlFax; C:\WINDOWS\S [2009-12-10 210] S3 nv;nv; C:\WINDOWS\S [2009-12-10 210] S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PLCMPR5.SYS [] S3 PVUSB;CESG502 USB Driver; C:\WINDOWS\s [2009-12-10 210] S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys [] S3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\s [2009-12-10 210] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\s [2009-12-10 210] S3 SlNtHal;SlNtHal; C:\WINDOWS\S [2009-12-10 210] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\S [2009-12-10 210] S3 streamip;BDA IPSink; C:\WINDOWS\s [2009-12-10 210] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\s [2009-12-10 210] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\S [2009-12-10 210] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\S [2009-12-10 210] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\s [2009-12-10 210] S3 WpdUsb;WpdUsb; C:\WINDOWS\s [2009-12-10 210] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\s [2009-12-10 210] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\s [2009-12-10 210] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe [2009-08-17 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe [2009-08-17 138680] R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341] R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\S [2009-12-10 210] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 NwSapAgent;Agent SAP; C:\WINDOWS\S [2009-12-10 210] R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056] R2 VCSSecS;Virtual CD v4 Security service (SDK - Version); C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe [2002-05-16 139264] R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-04 65536] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\s [2009-12-10 210] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe [2009-08-17 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe [2009-08-17 352920] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2006-10-30 492608] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-22 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 usprserv;User Privilege Service; C:\WINDOWS\S [2009-12-10 210] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] -----------------EOF-----------------
  6. Ouine d'oz
    Avast a fini son analyse mais j'ai galéré pour retrouver le rapport. J'espère que je vous livre le bon élément (en fait, j'ai l'impression qu'il y a tous les évènements de l'année 2009... ) 19/01/2009 09:54:20 JEFF 1500 Sign of "Win32:WinFixer-Y [Tool]" has been found in "C:\WINDOWS\Downloaded Program Files\UWFX5V_0001_N56M1411NetInstaller.exe" file. 19/01/2009 09:54:22 JEFF 1500 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\AdobeR.exe" file. 19/01/2009 09:55:11 JEFF 4004 Sign of "Win32:Rjump [Wrm]" has been found in "c:\windows\adober.exe" file. 19/01/2009 09:55:24 JEFF 4004 Sign of "Win32:WinFixer-Y [Tool]" has been found in "c:\windows\downloaded program files\uwfx5v_0001_n56m1411netinstaller.exe" file. 19/01/2009 09:57:45 JEFF 2564 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7. 19/01/2009 10:19:56 JEFF 1500 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\^%%%%% ^ .exe" file. 20/01/2009 12:09:03 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 20/01/2009 12:09:04 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 21/01/2009 09:09:35 SYSTEM 1548 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 23/01/2009 11:47:40 JEFF 1308 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\rythm of tthe night hermes.wma" file. 23/01/2009 15:16:24 JEFF 1308 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\carckno cd francais fable tlc.zip\Setup.exe" file. 23/01/2009 17:21:33 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\Thumbs.db (D:\2003_08_09\Thumbs.db) returning error, 0000001E. 23/01/2009 17:21:35 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\101_0179.JPG (D:\2003_08_09\101_0179.JPG) returning error, 0000A420. 23/01/2009 17:22:31 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\102_0204.JPG (D:\2003_08_09\102_0204.JPG) returning error, 0000A420. 23/01/2009 17:23:01 JEFF 1308 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\2003_08_09\102_0206.JPG (D:\2003_08_09\102_0206.JPG) returning error, 0000A420. 24/01/2009 08:42:06 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/01/2009 10:14:53 SYSTEM 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 28/01/2009 14:32:11 JEFF 1296 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\final fantasy vii francais.mpg" file. 28/01/2009 14:34:16 JEFF 1296 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\final fantasy vii francais.mpg" file. 05/02/2009 22:24:57 SYSTEM 1536 Sign of "Win32:Trojan-gen {Other}" has been found in "K:\AdobeR.exe" file. 11/02/2009 17:05:31 SYSTEM 1552 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 17:09:23 SYSTEM 1552 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 17:10:39 SYSTEM 1552 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 22:15:02 SYSTEM 1540 Sign of "Win32:Seneka-B [Rtk]" has been found in "C:\WINDOWS\system32\drivers\seneka.sys" file. 11/02/2009 22:20:04 JEFF 1836 Sign of "Win32:Oliga [Trj]" has been found in "C:\seya.exe" file. 11/02/2009 22:20:27 JEFF 1836 Sign of "Win32:Oliga [Trj]" has been found in "C:\seya.exe" file. 21/02/2009 08:26:51 SYSTEM 1448 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 21/02/2009 08:26:52 SYSTEM 1448 An error has occured while attempting to update. Please check the logs. 23/02/2009 14:57:01 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 23/02/2009 14:57:01 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 03/03/2009 07:27:19 SYSTEM 1544 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 04/03/2009 07:01:51 SYSTEM 1552 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 04/03/2009 07:01:51 SYSTEM 1552 An error has occured while attempting to update. Please check the logs. 05/03/2009 14:41:53 JEFF 1444 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\01 - djibouti 01\_MG_0003.JPG (D:\01 - djibouti 01\_MG_0003.JPG) returning error, 0000A420. 05/03/2009 14:42:39 JEFF 1444 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: D:\09®011 - carnaval FFDJ au 5° RIAOM 23-02-09 (CCH ANTIER)\Thumbs.db (D:\09®011 - carnaval FFDJ au 5° RIAOM 23-02-09 (CCH ANTIER)\Thumbs.db) returning error, 0000001E. 05/03/2009 14:42:57 JEFF 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 05/03/2009 14:42:57 JEFF 1444 An error has occured while attempting to update. Please check the logs. 09/03/2009 23:11:39 SYSTEM 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 11/03/2009 17:23:50 MAX 1548 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\POWERPOINT\PPT.PCB (C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\POWERPOINT\PPT.PCB) returning error, 00000005. 11/03/2009 17:24:15 MAX 1548 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\MODèLES\NORMAL.DOT (C:\DOCUMENTS AND SETTINGS\JEFF\APPLICATION DATA\MICROSOFT\MODèLES\NORMAL.DOT) returning error, 00000005. 13/03/2009 21:02:33 SYSTEM 1900 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 16/03/2009 06:58:52 SYSTEM 1452 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 16/03/2009 06:58:53 SYSTEM 1452 An error has occured while attempting to update. Please check the logs. 19/03/2009 08:04:56 SYSTEM 1312 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24/03/2009 16:13:36 SYSTEM 1448 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24/03/2009 17:19:30 SYSTEM 1448 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\andrews sisters medley (best quality).mp3" file. 25/03/2009 15:56:42 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\tes ok ottawan.wma" file. 25/03/2009 15:58:47 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\tes ok ottawan - greatest hits.mp3" file. 25/03/2009 16:02:21 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\everybody needs sommebody.mp3" file. 25/03/2009 16:04:14 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\knock on me amy stewart.mp3" file. 25/03/2009 16:10:17 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\sturday night fever bee gees(Club RMX).mp3" file. 25/03/2009 16:46:01 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\summer is magic playhatty 2009.mp3" file. 25/03/2009 16:47:05 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\summer is magic playhatty.mp3" file. 25/03/2009 16:47:12 SYSTEM 1536 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\paris latino.mp3" file. 25/03/2009 18:55:33 SYSTEM 1444 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/03/2009 12:25:33 SYSTEM 1552 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\je suis pas timide blow coxx.mp3" file. 28/03/2009 15:13:00 JEFF 1560 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\8 200 la chanson du dimanche-HQ.mp3" file. 28/03/2009 15:19:53 JEFF 1560 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\8 200 la chanson du dimanche.mp3" file. 03/04/2009 08:13:21 SYSTEM 1224 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 03/04/2009 08:13:21 SYSTEM 1224 An error has occured while attempting to update. Please check the logs. 07/04/2009 17:27:31 SYSTEM 1548 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 07/04/2009 17:27:32 SYSTEM 1548 An error has occured while attempting to update. Please check the logs. 10/04/2009 08:13:17 SYSTEM 1216 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 17/04/2009 18:46:23 SYSTEM 1548 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 19/04/2009 19:42:57 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LIMEWIRE\Incomplete\T-133120-Age3 Windows.exe" file. 19/04/2009 19:43:04 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LIMEWIRE\Incomplete\Preview-T-133120-Age3 Windows.exe" file. 19/04/2009 19:43:34 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\RECYCLER\S-1-5-21-1926179703-409498690-3092392523-1007\Dc215.exe" file. 19/04/2009 19:43:38 JEFF 1216 Sign of "Win32:TDss-P [Drp]" has been found in "C:\RECYCLER\S-1-5-21-1926179703-409498690-3092392523-1007\Dc262.exe" file. 19/04/2009 20:03:56 JEFF 1216 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\age 3 crack no cd.zip\Setup.exe" file. 19/04/2009 20:06:57 JEFF 1216 Sign of "Win32:Wegit-C [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Incomplete\T-19681895-age3.exe\$PLUGINSDIR\f1\$SYSDIR\$SYSDIR\$[34]" file. 19/04/2009 20:48:40 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\feclient32.dll" file. 19/04/2009 20:48:43 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\feclient32.dll" file. 19/04/2009 20:48:44 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\gpkcsp32.dll" file. 19/04/2009 20:48:45 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\gpkcsp32.dll" file. 19/04/2009 20:48:47 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\hid32.dll" file. 19/04/2009 20:48:49 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\hid32.dll" file. 19/04/2009 20:49:01 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dhcpsapi32.dll" file. 19/04/2009 20:50:55 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\icardie32.dll" file. 19/04/2009 20:50:59 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\ieapfltr32.dll" file. 19/04/2009 20:51:02 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\DivX32.dll" file. 19/04/2009 20:51:17 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\DivX32.dll" file. 19/04/2009 20:51:17 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpus1032.dll" file. 19/04/2009 20:51:17 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpus1032.dll" file. 19/04/2009 20:51:18 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpvacm32.dll" file. 19/04/2009 20:51:18 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpvacm32.dll" file. 19/04/2009 20:51:19 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpwsock32.dll" file. 19/04/2009 20:51:19 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dpwsock32.dll" file. 19/04/2009 20:51:20 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmclien32.dll" file. 19/04/2009 20:51:20 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmclien32.dll" file. 19/04/2009 20:51:21 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmv2clt32.dll" file. 19/04/2009 20:51:21 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\drmv2clt32.dll" file. 19/04/2009 20:51:22 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\ds32gt32.dll" file. 19/04/2009 20:51:22 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\ds32gt32.dll" file. 19/04/2009 20:51:23 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dsdmo32.dll" file. 19/04/2009 20:51:23 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dsdmo32.dll" file. 19/04/2009 20:51:24 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dskquota32.dll" file. 19/04/2009 20:51:24 JEFF 1216 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\WINDOWS\System32\dskquota32.dll" file. 20/04/2009 07:27:46 SYSTEM 1564 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 20/04/2009 07:27:47 SYSTEM 1564 An error has occured while attempting to update. Please check the logs. 20/04/2009 13:05:35 SYSTEM 1448 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 21/04/2009 19:49:48 SYSTEM 1284 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 21/04/2009 19:49:49 SYSTEM 1284 An error has occured while attempting to update. Please check the logs. 24/04/2009 08:44:32 SYSTEM 1540 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24/04/2009 12:33:21 SYSTEM 1300 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/04/2009 07:31:18 SYSTEM 1452 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/04/2009 07:31:19 SYSTEM 1452 An error has occured while attempting to update. Please check the logs. 27/04/2009 19:24:14 JEFF 1548 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\JEFF\Local Settings\Temp\IXP000.TMP\fukker.exe" file. 27/04/2009 19:24:33 JEFF 1548 Sign of "Win32:Trojan-gen {Other}" has been found in "C:\Documents and Settings\JEFF\Local Settings\Temp\IXP001.TMP\fukker.exe" file. 05/05/2009 17:22:45 SYSTEM 1532 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 05/05/2009 17:22:45 SYSTEM 1532 An error has occured while attempting to update. Please check the logs. 07/05/2009 12:58:58 JEFF 1532 Sign of "Win32:Wegit-C [Adw]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LIMEWIRE\Incomplete\T-19681895-age3.exe\$PLUGINSDIR\f1\$SYSDIR\$SYSDIR\$[34]" file. 14/05/2009 15:21:14 JEFF 1264 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\olivia ruiz miss meteores.mp3" file. 14/05/2009 15:39:50 JEFF 1264 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\love is demis roussos high quality.mp3" file. 14/05/2009 15:41:43 JEFF 1264 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\love is demis roussos.mp3" file. 23/05/2009 12:00:59 SYSTEM 1280 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 27/05/2009 07:20:27 SYSTEM 1288 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 02/06/2009 12:07:39 SYSTEM 1276 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 08/06/2009 11:10:40 SYSTEM 1280 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 08/06/2009 11:10:40 SYSTEM 1280 An error has occured while attempting to update. Please check the logs. 19/06/2009 09:05:48 JEFF 1352 Sign of "VBS:Malware-gen" has been found in "K:\AutoRun.inf" file. 20/06/2009 13:31:27 SYSTEM 1344 Sign of "VBS:Malware-gen" has been found in "G:\Autorun.inf" file. 22/06/2009 12:55:11 SYSTEM 1344 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 26/06/2009 22:31:24 SYSTEM 1336 Sign of "VBS:Malware-gen" has been found in "G:\Autorun.inf" file. 27/06/2009 09:32:39 JEFF 1336 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\soviet march red alerte 3 [club mix].mp3" file. 27/06/2009 09:35:36 JEFF 1336 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\01. Frank Klepacki - Red Alert 3 Theme - Soviet March (1).wma" file. 27/06/2009 09:40:47 JEFF 1336 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\soviet march new single.mp3" file. 27/06/2009 09:43:49 JEFF 1336 Sign of "HTML:Iframe-inf" has been found in "http://pixhost.eu/avaxhome/avaxhome/2007-10-02/4191BTHQE6L._SS500__508.jpg\{gzip}" file. 29/06/2009 18:11:34 SYSTEM 1344 Sign of "HTML:RedirME-inf [Trj]" has been found in "http://www.msulr.law.msu.edu/docs/pop/?redtube-like-sites" file. 07/07/2009 14:50:13 SYSTEM 1280 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 29/08/2009 13:35:33 SYSTEM 1256 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 29/08/2009 13:35:34 SYSTEM 1256 An error has occured while attempting to update. Please check the logs. 06/09/2009 07:29:14 SYSTEM 1196 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 07/09/2009 12:56:10 SYSTEM 1276 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 10/09/2009 12:29:21 SYSTEM 1336 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 12/09/2009 15:27:15 SYSTEM 1340 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 14/09/2009 19:55:03 SYSTEM 1204 Sign of "WMA:Wimad [Drp]" has been found in "C:\Documents and Settings\JEFF\Mes documents\LimeWire\Saved\kick bucket charlie winston.mp3" file. 16/09/2009 09:21:50 SYSTEM 1200 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 16/09/2009 09:21:59 SYSTEM 1200 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 17/09/2009 13:29:12 JEFF 1292 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 18/09/2009 22:30:58 SYSTEM 1284 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 18/09/2009 22:31:03 SYSTEM 1284 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 19/09/2009 15:30:41 JEFF 1288 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 19/09/2009 20:25:59 JEFF 1288 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 20/09/2009 15:09:56 JEFF 1332 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 20/09/2009 19:16:25 JEFF 1332 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 20/09/2009 19:16:33 JEFF 1332 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 11:39:20 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 14:17:53 SYSTEM 1252 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 21/09/2009 14:27:20 JEFF 1252 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 15:57:26 SYSTEM 1332 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 21/09/2009 15:57:35 SYSTEM 1332 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 21/09/2009 16:07:44 SYSTEM 1332 Sign of "HTML:IFrame-DZ [Trj]" has been found in "http://www.starfool.com/index.html" file. 21/09/2009 16:07:47 SYSTEM 1332 Sign of "HTML:IFrame-DZ [Trj]" has been found in "C:\Documents and Settings\JEFF\Local Settings\Temporary Internet Files\Content.IE5\S99JMHBB\index[1].htm" file. 28/09/2009 08:11:12 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 28/09/2009 08:11:27 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 28/09/2009 08:11:47 SYSTEM 1304 Sign of "VBS:Malware-gen" has been found in "F:\AutoRun.inf" file. 29/09/2009 10:44:45 SERVICE LOCAL 1304 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\DOCUMENTS AND SETTINGS\JEFF\MES DOCUMENTS\ANNUAIRE JUILLET 2008.XLS (C:\DOCUMENTS AND SETTINGS\JEFF\MES DOCUMENTS\ANNUAIRE JUILLET 2008.XLS) returning error, 00000005. 01/10/2009 14:17:15 SYSTEM 1348 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142. 10/10/2009 14:49:53 JEFF 1300 AAVM - scanning warning: x_AavmCheckFileDirectEx [uNI]: C:\Program Files\Internet Explorer\minftnet.exe (C:\Program Files\Internet Explorer\minftnet.exe) returning error, 0000A413. 10/10/2009 19:15:45 JEFF 1300 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 16/10/2009 08:47:36 SYSTEM 1352 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 16/10/2009 08:47:38 SYSTEM 1352 An error has occured while attempting to update. Please check the logs. 05/11/2009 09:49:58 SYSTEM 1352 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.windguru.com/fr/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp50710025.tmp) returning error, 0000A413. 05/11/2009 16:55:45 SYSTEM 1340 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://c.voila.fr/headerMail.html (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp96216547.tmp) returning error, 0000A413. 05/11/2009 17:46:01 SYSTEM 1340 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp188819633.tmp) returning error, 0000A413. 06/11/2009 21:22:59 SYSTEM 1348 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.google.dj/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp41282743.tmp) returning error, 0000A413. 06/11/2009 21:32:31 SYSTEM 1312 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://lan2.startvg.com/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp26800567.tmp) returning error, 0000A413. 07/11/2009 20:53:17 SYSTEM 1336 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://clients1.google.com/complete/search...p;q=pa&cp=2 (C:\WINDOWS\TEMP\_avast4_\unp248562675.tmp) returning error, 0000A413. 08/11/2009 15:24:39 SYSTEM 1348 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/posting.forum (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp258465023.tmp) returning error, 0000A413. 09/11/2009 12:03:22 SYSTEM 1284 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://clients1.google.dj/suggest?hl=fr&am...0djib&cp=10 (C:\WINDOWS\TEMP\_avast4_\unp105078641.tmp) returning error, 0000A413. 09/11/2009 12:05:01 SYSTEM 1284 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/search.forum?search_id=newposts (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp198543739.tmp) returning error, 0000A413. 09/11/2009 12:49:10 SYSTEM 1340 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 10/11/2009 08:52:32 SYSTEM 1284 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/forum.htm (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp204398875.tmp) returning error, 0000A413. 10/11/2009 15:41:54 SYSTEM 1344 AAVM - scanning warning: x_AavmCheckFileDirectEx: http://www.forumdjibouti.com/ (C:\DOCUME~1\JEFF\LOCALS~1\Temp\_avast4_\unp27271879.tmp) returning error, 0000A413. 12/11/2009 09:01:35 SYSTEM 1348 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 12/11/2009 09:01:42 SYSTEM 1348 An error has occured while attempting to update. Please check the logs. 16/11/2009 14:23:18 SYSTEM 1248 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 16/11/2009 14:23:19 SYSTEM 1248 An error has occured while attempting to update. Please check the logs. 26/11/2009 22:50:13 SYSTEM 1248 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 27/11/2009 13:35:12 SYSTEM 1276 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 27/11/2009 13:35:13 SYSTEM 1276 An error has occured while attempting to update. Please check the logs. 27/11/2009 16:09:30 SYSTEM 1348 Sign of "VBS:Malware-gen" has been found in "F:\Autorun.inf" file. 28/11/2009 14:56:31 SYSTEM 1332 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142. 29/11/2009 12:37:08 SYSTEM 1332 Function setifaceUpdatePackages() has failed. Return code is 0x00000008, dwRes is 00000008. 29/11/2009 12:37:09 SYSTEM 1332 An error has occured while attempting to update. Please check the logs. 03/12/2009 07:55:22 SYSTEM 1260 Sign of "Win32:Zbot-MKK [Trj]" has been found in "C:\Program Files\Ares\Ares.exe" file. 03/12/2009 08:17:13 JEFF 2332 Sign of "Win32:Zbot-MKK [Trj]" has been found in "c:\program files\ares\ares.exe" file. 10/12/2009 13:50:34 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0418998.dll" file. 10/12/2009 14:08:24 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0418999.dll" file. 10/12/2009 14:08:31 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419000.dll" file. 10/12/2009 14:08:33 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419001.dll" file. 10/12/2009 14:08:38 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419002.dll" file. 10/12/2009 14:08:42 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419003.dll" file. 10/12/2009 14:08:53 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419004.dll" file. 10/12/2009 14:09:18 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419005.dll" file. 10/12/2009 14:09:51 JEFF 2540 Sign of "Win32:Fasec [Trj]" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419006.dll" file. 10/12/2009 14:15:39 JEFF 2540 Sign of "Win32:Fasec [Trj]" has been found in "C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1275\A0419007.dll" file. 10/12/2009 14:39:45 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\WINDOWS\system32\DivX32.dll" file. 10/12/2009 14:40:37 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\WINDOWS\system32\dpus1032.dll" file. 10/12/2009 14:40:43 JEFF 2540 Sign of "Win32:Trojan-gen" has been found in "C:\WINDOWS\system32\dpvacm32.dll" file.
  7. Ouine d'oz
    Merci ! Voici le rapport MBAM. Je n'avais pas pensé à lancer Avast : je le fais tout de suite. Malwarebytes' Anti-Malware 1.31 Version de la base de données: 1456 Windows 5.1.2600 Service Pack 3 10/12/2009 12:43:01 mbam-log-2009-12-10 (12-43-01).txt Type de recherche: Examen complet (C:\|D:\|E:\|I:\|J:\|) Eléments examinés: 179899 Temps écoulé: 2 hour(s), 44 minute(s), 20 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  8. Ouine d'oz
    Bonjour à tous, Je ne suis pas une pro en informatique et ce vieil ordinateur que j'utilise pour surfer sur internet est complétement infecté de virus. Enfin, je le suppose... Au hasard des mes recherches sur internet au sujet des virus, des spam, des logiciels malveillants, j'ai installé Malwarebytes, Hijackthis et Avast antivirus Professionnal 4.8 (j'ai payé pour un an !). En ce moment, j'ai de gros problèmes avec ma messagerie outlook. Je n'arrive plus à répondre aux messages. Je suis visiblement "bloquée" par Spamhaus et je ne comprends pas trop comment m'en sortir (site en anglais pas très explicite sur les démarches à effectuer). Petite précision : j'habite temporairement en Afrique avec un fournisseur d'accès africain donc mais j'utilise une adresse laposte.net. Mais c'est un autre sujet... Je précise que mon ordinateur est aussi très lent mais je consulterai plus tard vos tutoriels à ce sujet. Ce matin, je suis tombée par hasard sur ce forum qui a l'air plus que pro et surtout qui répond dans un langage accessible et compréhensible par tous ! Ne sachant que faire des rapports Hijackthis et Malwarebytes, j'ai pensé que vous pourriez m'aider à comprendre ce qui se passe dans mon ordinateur. Merci d'avance donc pour les conseils et l'aide que vous pourrez m'apporter. Bonne journée. A bientôt j'espère Voici le rapport Hijackthis de ce matin et je viens de lancer une analyse avec Malwarebytes. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:36:47, on 10/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\apps\ABoard\AOSD.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe O4 - HKLM\..\Run: [hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe /ICON O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sra] "C:\DOCUME~1\JEFF\APPLIC~1\STEM~1\alg.exe" -vt ndrv O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\ANTIVIRUS\Avast4\ashWebSv.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 9525 bytes
×
×
  • Créer...