Aller au contenu

franck81

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    37

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par franck81

  1. franck81
    ca y'est je l'ai retouvé il fallait decocher "masquer les fichiers proteges du systeme d'exploitation voici son contenu: 74.125.45.100 safebrowsing-cache.google.com 74.125.45.100 urs.microsoft.com 74.125.45.100 www.securesoftwarebill.com 74.125.45.100 secure-plus-payments.com 74.125.45.100 www.getantivirusplusnow.com 74.125.45.100 www.secure-plus-payments.com 74.125.45.100 secure.paysecuresystem.com 74.125.45.100 paysoftbillsolution.com 74.125.45.100 protected.maxisoftwaremart.com 67.215.245.21 www.google-analytics.com 93.174.89.12 google.ae 93.174.89.12 google.as 93.174.89.12 google.at 93.174.89.12 google.az 93.174.89.12 google.ba 93.174.89.12 google.be 93.174.89.12 google.bg 93.174.89.12 google.bs 93.174.89.12 google.ca 93.174.89.12 google.cd 93.174.89.12 google.com.gh 93.174.89.12 google.com.hk 93.174.89.12 google.com.jm 93.174.89.12 google.com.mx 93.174.89.12 google.com.my 93.174.89.12 google.com.na 93.174.89.12 google.com.nf 93.174.89.12 google.com.ng 93.174.89.12 google.ch 93.174.89.12 google.com.np 93.174.89.12 google.com.pr 93.174.89.12 google.com.qa 93.174.89.12 google.com.sg 93.174.89.12 google.com.tj 93.174.89.12 google.com.tw 93.174.89.12 google.dj 93.174.89.12 google.de 93.174.89.12 google.dk 93.174.89.12 google.dm 93.174.89.12 google.ee 93.174.89.12 google.fi 93.174.89.12 google.fm 93.174.89.12 google.fr 93.174.89.12 google.ge 93.174.89.12 google.gg 93.174.89.12 google.gm 93.174.89.12 google.gr 93.174.89.12 google.ht 93.174.89.12 google.ie 93.174.89.12 google.im 93.174.89.12 google.in 93.174.89.12 google.it 93.174.89.12 google.ki 93.174.89.12 google.la 93.174.89.12 google.li 93.174.89.12 google.lv 93.174.89.12 google.ma 93.174.89.12 google.ms 93.174.89.12 google.mu 93.174.89.12 google.mw 93.174.89.12 google.nl 93.174.89.12 google.no 93.174.89.12 google.nr 93.174.89.12 google.nu 93.174.89.12 google.pl 93.174.89.12 google.pn 93.174.89.12 google.pt 93.174.89.12 google.ro 93.174.89.12 google.ru 93.174.89.12 google.rw 93.174.89.12 google.sc 93.174.89.12 google.se 93.174.89.12 google.sh 93.174.89.12 google.si 93.174.89.12 google.sm 93.174.89.12 google.sn 93.174.89.12 google.st 93.174.89.12 google.tl 93.174.89.12 google.tm 93.174.89.12 google.tt 93.174.89.12 google.us 93.174.89.12 google.vu 93.174.89.12 google.ws 93.174.89.12 google.co.ck 93.174.89.12 google.co.id 93.174.89.12 google.co.il 93.174.89.12 google.co.in 93.174.89.12 google.co.jp 93.174.89.12 google.co.kr 93.174.89.12 google.co.ls 93.174.89.12 google.co.ma 93.174.89.12 google.co.nz 93.174.89.12 google.co.tz 93.174.89.12 google.co.ug 93.174.89.12 google.co.uk 93.174.89.12 google.co.za 93.174.89.12 google.co.zm 93.174.89.12 google.com 93.174.89.12 google.com.af 93.174.89.12 google.com.ag 93.174.89.12 google.com.ar 93.174.89.12 google.com.au 93.174.89.12 google.com.bn 93.174.89.12 google.com.br 93.174.89.12 google.com.by 93.174.89.12 google.com.bz 93.174.89.12 google.com.cu 93.174.89.12 google.com.ec 93.174.89.12 google.com.fj 93.174.89.12 www.google.ae 93.174.89.12 www.google.as 93.174.89.12 www.google.at 93.174.89.12 www.google.az 93.174.89.12 www.google.ba 93.174.89.12 www.google.be 93.174.89.12 www.google.bg 93.174.89.12 www.google.bs 93.174.89.12 www.google.ca 93.174.89.12 www.google.cd 93.174.89.12 www.google.com.gh 93.174.89.12 www.google.com.hk 93.174.89.12 www.google.com.jm 93.174.89.12 www.google.com.mx 93.174.89.12 www.google.com.my 93.174.89.12 www.google.com.na 93.174.89.12 www.google.com.nf 93.174.89.12 www.google.com.ng 93.174.89.12 www.google.ch 93.174.89.12 www.google.com.np 93.174.89.12 www.google.com.pr 93.174.89.12 www.google.com.qa 93.174.89.12 www.google.com.sg 93.174.89.12 www.google.com.tj 93.174.89.12 www.google.com.tw 93.174.89.12 www.google.dj 93.174.89.12 www.google.de 93.174.89.12 www.google.dk 93.174.89.12 www.google.dm 93.174.89.12 www.google.ee 93.174.89.12 www.google.fi 93.174.89.12 www.google.fm 93.174.89.12 www.google.fr 93.174.89.12 www.google.ge 93.174.89.12 www.google.gg 93.174.89.12 www.google.gm 93.174.89.12 www.google.gr 93.174.89.12 www.google.ht 93.174.89.12 www.google.ie 93.174.89.12 www.google.im 93.174.89.12 www.google.in 93.174.89.12 www.google.it 93.174.89.12 www.google.ki 93.174.89.12 www.google.la 93.174.89.12 www.google.li 93.174.89.12 www.google.lv 93.174.89.12 www.google.ma 93.174.89.12 www.google.ms 93.174.89.12 www.google.mu 93.174.89.12 www.google.mw 93.174.89.12 www.google.nl 93.174.89.12 www.google.no 93.174.89.12 www.google.nr 93.174.89.12 www.google.nu 93.174.89.12 www.google.pl 93.174.89.12 www.google.pn 93.174.89.12 www.google.pt 93.174.89.12 www.google.ro 93.174.89.12 www.google.ru 93.174.89.12 www.google.rw 93.174.89.12 www.google.sc 93.174.89.12 www.google.se 93.174.89.12 www.google.sh 93.174.89.12 www.google.si 93.174.89.12 www.google.sm 93.174.89.12 www.google.sn 93.174.89.12 www.google.st 93.174.89.12 www.google.tl 93.174.89.12 www.google.tm 93.174.89.12 www.google.tt 93.174.89.12 www.google.us 93.174.89.12 www.google.vu 93.174.89.12 www.google.ws 93.174.89.12 www.google.co.ck 93.174.89.12 www.google.co.id 93.174.89.12 www.google.co.il 93.174.89.12 www.google.co.in 93.174.89.12 www.google.co.jp 93.174.89.12 www.google.co.kr 93.174.89.12 www.google.co.ls 93.174.89.12 www.google.co.ma 93.174.89.12 www.google.co.nz 93.174.89.12 www.google.co.tz 93.174.89.12 www.google.co.ug 93.174.89.12 www.google.co.uk 93.174.89.12 www.google.co.za 93.174.89.12 www.google.co.zm 93.174.89.12 www.google.com 93.174.89.12 www.google.com.af 93.174.89.12 www.google.com.ag 93.174.89.12 www.google.com.ar 93.174.89.12 www.google.com.au 93.174.89.12 www.google.com.bn 93.174.89.12 www.google.com.br 93.174.89.12 www.google.com.by 93.174.89.12 www.google.com.bz 93.174.89.12 www.google.com.cu 93.174.89.12 www.google.com.ec 93.174.89.12 www.google.com.fj 93.174.89.12 google.com 93.174.89.12 www.google.com 93.174.89.12 bing.com 93.174.89.12 www.bing.com 93.174.89.12 search.yahoo.com 93.174.89.12 www.search.yahoo.com 93.174.89.12 search.live.com 93.174.89.12 search.msn.com 93.174.89.12 uk.search.yahoo.com 93.174.89.12 ca.search.yahoo.com 93.174.89.12 de.search.yahoo.com 93.174.89.12 fr.search.yahoo.com 93.174.89.12 au.search.yahoo.com
  2. franck81
    j'affiche les fichiers cachés, il n'y en a ancun qui porte le meme non pourtant quand je le met dans drivers\etc, il me met impossible de copier car un fichier porte le même nom!!! specifier un nom different!!!!
  3. franck81
    toujours pareil Le volume dans le lecteur C s'appelle windows Le num‚ro de s‚rie du volume est 103E-C297 R‚pertoire de C:\WINDOWS\system32\drivers\etc pareil aussi dans la cmd
  4. franck81
    Bonjour, voici le rapport: Le volume dans le lecteur C s'appelle windows Le num‚ro de s‚rie du volume est 103E-C297 R‚pertoire de C:\WINDOWS\system32\drivers\etc dans la cmd il me met : liste de fichier introuvable
  5. franck81
    allez encore un petit bug de plus : je n'arrive plus a mettre a jour firefox
  6. franck81
    merci de m'aider Falkra non je n'ai pas de host tout court, le pire c'est que maintenant même drivers est caché dans etc il y a lmhost fichier SAM, networks, protocol et services.
  7. franck81
    bonjour, voci je que j'ai: drivers était caché, j'ai un dossier system32\divers\etc\lmhosts
  8. franck81
    j'ai aussi fait une analyse avec kaspersky online voila le rapport: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Monday, December 21, 2009 Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Monday, December 21, 2009 11:13:15 Records in database: 3395108 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ F:\ Scan statistics: Objects scanned: 77148 Threats found: 5 Infected objects found: 5 Suspicious objects found: 0 Scan duration: 01:39:40 File name / Threat / Threats count C:\Documents and Settings\franck_hélène\Application Data\Thunderbird\Profiles\ompm9ma5.default\Mail\Local Folders\Inbox Infected: Worm.Win32.AutoRun.lua 1 C:\Documents and Settings\franck_hélène\Application Data\Thunderbird\Profiles\ompm9ma5.default\Mail\Local Folders\Inbox Infected: Worm.Win32.AutoRun.lxg 1 C:\Documents and Settings\franck_hélène\Application Data\Thunderbird\Profiles\ompm9ma5.default\Mail\Local Folders\Inbox Infected: Trojan.Win32.Pakes.lgd 1 C:\Documents and Settings\franck_hélène\Application Data\Thunderbird\Profiles\ompm9ma5.default\Mail\Local Folders\Inbox Infected: Trojan.Win32.Small.yfv 1 C:\Documents and Settings\franck_hélène\Application Data\Thunderbird\Profiles\ompm9ma5.default\Mail\Local Folders\Inbox Infected: Worm.Win32.AutoRun.rwo 1 Selected area has been scanned.
  9. franck81
    je n'arrive pas a restaurer le fichier Host : il me met imposible de creer le fichier Host pour internet, en fait je fais adaware qui trouve des chose qui necessite un redemarrage, et ensuite ma connection est limité ou inexistante de plus je suis rediriger ailleus quand je vais sur certains sites
  10. franck81
    Bonjour et merci de m'aider quand je lance RIST il me met un souci avec HOST.... je sais pas trop quoi par curiosité je suis allé dans windows/system32/... je ne trouve plus etc/host... cepandant j'ai fait RIST dans l'apres midi ( avant de crier Help sur le forum) et voici le info.txt de l'apres midi: info.txt logfile of random's system information tool 1.06 2009-12-20 15:28:09 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Alcohol 120% (Trial Version)-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F} Alcoholer - Multiprofiler v4.0b-->"C:\Program Files\Alcoholer\unins000.exe" Alcoholer All Required Components-->C:\WINDOWS\unins000.exe Alcoholer Required DB Components-->C:\WINDOWS\unins001.exe ANNO 1404-->"C:\Program Files\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\Setup.exe" -runfromtemp -l0x040c -removeonly Anno 1701-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2433A63-5F5D-40E5-B529-9123C2B3E734}\Setup.exe" -l0x40c -removeonly Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Architecte Studio Pro-->MsiExec.exe /I{C59CD0C6-EC2D-4D00-8AF5-A899C8C12D47} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Audacity 1.3.7 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe" AVG Anti-Rootkit Free-->C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Call of Duty Modern Warfare 2-->"C:\Program Files\Call of Duty\Modern Warfare 2\unins000.exe" Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini Canon MP220 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP220_series /L0x000c Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CSV2ASC-->C:\Program Files\CSV2ASC\uninstall.exe DVD Audio Extractor 4.4.1-->"C:\Program Files\DVD Audio Extractor\unins000.exe" DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" Enregistrement utilisateur de Canon MP220 series-->C:\Program Files\Canon\IJEREG\MP220 series\UNINST.EXE EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" Extension Système de Microsoft Money-->MsiExec.exe /I{8C64E149-54BA-11D6-91B1-00500462BE80} Gigabyte Raid Configurer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\SETUP.EXE" -l0x40c -removeonly Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x040c -removeonly HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" IsoBuster 1.4-->"C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178} Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} K-Lite Codec Pack 3.6.1 Full BETA-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf LAME v3.98.2 for Audacity-->"C:\Program Files\Lame for Audacity\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" McAfee VirusScan Enterprise-->MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{B578C85A-A84C-4230-A177-C5B2AF565B8C} Microsoft Games for Windows - LIVE-->MsiExec.exe /X{B45FABE7-D101-4D99-A671-E16DA40AF7F0} Microsoft Money-->MsiExec.exe /I{1D643CD0-4DD6-11D7-A4E0-000874180BB3} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Mio Transfer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2003F533-7639-4436-8404-CB3DE67F1FFA}\setup.exe" -l0x40c MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8} Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (1.0.3)-->C:\WINDOWS\UninstallFirefox.exe /ua "1.0.3 (fr-FR)" Mozilla Thunderbird (1.0.2)-->C:\WINDOWS\UninstallThunderbird.exe /ua "1.0.2 (fr)" MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08} Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4} Nero 7 Essentials-->MsiExec.exe /X{BC61F51E-8AF7-46B9-AF20-B33B5EE81036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA} OpenOffice.org 2.0-->MsiExec.exe /I{752783F5-0CFC-44C3-9E1F-CAF17C4508E7} OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_2828.exe" _?=C:\Program Files\PDFCreator Toolbar PDFCreator-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_2828.exe" -hu _?=C:\Program Files\PDFCreator Toolbar Pro Evolution Soccer 2008-->C:\Program Files\InstallShield Installation Information\{2FDFD600-7338-4738-90D5-FC4ACA08DC36}\setup.exe -runfromtemp -l0x040c PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD} REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly Rip It ! (CD)-->"C:\Program Files\Rip It !\unins000.exe" Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x040c -removeonly ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65} SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Yahoo! Companion-->rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui ======Hosts File====== 74.125.45.100 safebrowsing-cache.google.com 74.125.45.100 urs.microsoft.com 74.125.45.100 www.securesoftwarebill.com 74.125.45.100 secure-plus-payments.com 74.125.45.100 www.getantivirusplusnow.com 74.125.45.100 www.secure-plus-payments.com 74.125.45.100 secure.paysecuresystem.com 74.125.45.100 paysoftbillsolution.com 74.125.45.100 protected.maxisoftwaremart.com 67.215.245.21 www.google-analytics.com 93.174.89.12 google.ae 93.174.89.12 google.as 93.174.89.12 google.at 93.174.89.12 google.az 93.174.89.12 google.ba 93.174.89.12 google.be 93.174.89.12 google.bg 93.174.89.12 google.bs 93.174.89.12 google.ca 93.174.89.12 google.cd 93.174.89.12 google.com.gh 93.174.89.12 google.com.hk 93.174.89.12 google.com.jm 93.174.89.12 google.com.mx 93.174.89.12 google.com.my 93.174.89.12 google.com.na 93.174.89.12 google.com.nf 93.174.89.12 google.com.ng 93.174.89.12 google.ch 93.174.89.12 google.com.np 93.174.89.12 google.com.pr 93.174.89.12 google.com.qa 93.174.89.12 google.com.sg 93.174.89.12 google.com.tj 93.174.89.12 google.com.tw 93.174.89.12 google.dj 93.174.89.12 google.de 93.174.89.12 google.dk 93.174.89.12 google.dm 93.174.89.12 google.ee 93.174.89.12 google.fi 93.174.89.12 google.fm 93.174.89.12 google.fr 93.174.89.12 google.ge 93.174.89.12 google.gg 93.174.89.12 google.gm 93.174.89.12 google.gr 93.174.89.12 google.ht 93.174.89.12 google.ie 93.174.89.12 google.im 93.174.89.12 google.in 93.174.89.12 google.it 93.174.89.12 google.ki 93.174.89.12 google.la 93.174.89.12 google.li 93.174.89.12 google.lv 93.174.89.12 google.ma 93.174.89.12 google.ms 93.174.89.12 google.mu 93.174.89.12 google.mw 93.174.89.12 google.nl 93.174.89.12 google.no 93.174.89.12 google.nr 93.174.89.12 google.nu 93.174.89.12 google.pl 93.174.89.12 google.pn 93.174.89.12 google.pt 93.174.89.12 google.ro 93.174.89.12 google.ru 93.174.89.12 google.rw 93.174.89.12 google.sc 93.174.89.12 google.se 93.174.89.12 google.sh 93.174.89.12 google.si 93.174.89.12 google.sm 93.174.89.12 google.sn 93.174.89.12 google.st 93.174.89.12 google.tl 93.174.89.12 google.tm 93.174.89.12 google.tt 93.174.89.12 google.us 93.174.89.12 google.vu 93.174.89.12 google.ws 93.174.89.12 google.co.ck 93.174.89.12 google.co.id 93.174.89.12 google.co.il 93.174.89.12 google.co.in 93.174.89.12 google.co.jp 93.174.89.12 google.co.kr 93.174.89.12 google.co.ls 93.174.89.12 google.co.ma 93.174.89.12 google.co.nz 93.174.89.12 google.co.tz 93.174.89.12 google.co.ug 93.174.89.12 google.co.uk 93.174.89.12 google.co.za 93.174.89.12 google.co.zm 93.174.89.12 google.com 93.174.89.12 google.com.af 93.174.89.12 google.com.ag 93.174.89.12 google.com.ar 93.174.89.12 google.com.au 93.174.89.12 google.com.bn 93.174.89.12 google.com.br 93.174.89.12 google.com.by 93.174.89.12 google.com.bz 93.174.89.12 google.com.cu 93.174.89.12 google.com.ec 93.174.89.12 google.com.fj 93.174.89.12 www.google.ae 93.174.89.12 www.google.as 93.174.89.12 www.google.at 93.174.89.12 www.google.az 93.174.89.12 www.google.ba 93.174.89.12 www.google.be 93.174.89.12 www.google.bg 93.174.89.12 www.google.bs 93.174.89.12 www.google.ca 93.174.89.12 www.google.cd 93.174.89.12 www.google.com.gh 93.174.89.12 www.google.com.hk 93.174.89.12 www.google.com.jm 93.174.89.12 www.google.com.mx 93.174.89.12 www.google.com.my 93.174.89.12 www.google.com.na 93.174.89.12 www.google.com.nf 93.174.89.12 www.google.com.ng 93.174.89.12 www.google.ch 93.174.89.12 www.google.com.np 93.174.89.12 www.google.com.pr 93.174.89.12 www.google.com.qa 93.174.89.12 www.google.com.sg 93.174.89.12 www.google.com.tj 93.174.89.12 www.google.com.tw 93.174.89.12 www.google.dj 93.174.89.12 www.google.de 93.174.89.12 www.google.dk 93.174.89.12 www.google.dm 93.174.89.12 www.google.ee 93.174.89.12 www.google.fi 93.174.89.12 www.google.fm 93.174.89.12 www.google.fr 93.174.89.12 www.google.ge 93.174.89.12 www.google.gg 93.174.89.12 www.google.gm 93.174.89.12 www.google.gr 93.174.89.12 www.google.ht 93.174.89.12 www.google.ie 93.174.89.12 www.google.im 93.174.89.12 www.google.in 93.174.89.12 www.google.it 93.174.89.12 www.google.ki 93.174.89.12 www.google.la 93.174.89.12 www.google.li 93.174.89.12 www.google.lv 93.174.89.12 www.google.ma 93.174.89.12 www.google.ms 93.174.89.12 www.google.mu 93.174.89.12 www.google.mw 93.174.89.12 www.google.nl 93.174.89.12 www.google.no 93.174.89.12 www.google.nr 93.174.89.12 www.google.nu 93.174.89.12 www.google.pl 93.174.89.12 www.google.pn 93.174.89.12 www.google.pt 93.174.89.12 www.google.ro 93.174.89.12 www.google.ru 93.174.89.12 www.google.rw 93.174.89.12 www.google.sc 93.174.89.12 www.google.se 93.174.89.12 www.google.sh 93.174.89.12 www.google.si 93.174.89.12 www.google.sm 93.174.89.12 www.google.sn 93.174.89.12 www.google.st 93.174.89.12 www.google.tl 93.174.89.12 www.google.tm 93.174.89.12 www.google.tt 93.174.89.12 www.google.us 93.174.89.12 www.google.vu 93.174.89.12 www.google.ws 93.174.89.12 www.google.co.ck 93.174.89.12 www.google.co.id 93.174.89.12 www.google.co.il 93.174.89.12 www.google.co.in 93.174.89.12 www.google.co.jp 93.174.89.12 www.google.co.kr 93.174.89.12 www.google.co.ls 93.174.89.12 www.google.co.ma 93.174.89.12 www.google.co.nz 93.174.89.12 www.google.co.tz 93.174.89.12 www.google.co.ug 93.174.89.12 www.google.co.uk 93.174.89.12 www.google.co.za 93.174.89.12 www.google.co.zm 93.174.89.12 www.google.com 93.174.89.12 www.google.com.af 93.174.89.12 www.google.com.ag 93.174.89.12 www.google.com.ar 93.174.89.12 www.google.com.au 93.174.89.12 www.google.com.bn 93.174.89.12 www.google.com.br 93.174.89.12 www.google.com.by 93.174.89.12 www.google.com.bz 93.174.89.12 www.google.com.cu 93.174.89.12 www.google.com.ec 93.174.89.12 www.google.com.fj 93.174.89.12 google.com 93.174.89.12 www.google.com 93.174.89.12 bing.com 93.174.89.12 www.bing.com 93.174.89.12 search.yahoo.com 93.174.89.12 www.search.yahoo.com 93.174.89.12 search.live.com 93.174.89.12 search.msn.com 93.174.89.12 uk.search.yahoo.com 93.174.89.12 ca.search.yahoo.com 93.174.89.12 de.search.yahoo.com 93.174.89.12 fr.search.yahoo.com 93.174.89.12 au.search.yahoo.com ======Security center information====== AV: System Defender AV: McAfee VirusScan Enterprise AV: Windows System Defender FW: System Defender FW: Windows System Defender ======System event log====== Computer Name: XPSP2 Event Code: 7036 Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution. Record Number: 35669 Source Name: Service Control Manager Time Written: 20091112193522.000000+060 Event Type: Informations User: Computer Name: XPSP2 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness). Record Number: 35668 Source Name: Service Control Manager Time Written: 20091112193522.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: XPSP2 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service de l’iPod. Record Number: 35667 Source Name: Service Control Manager Time Written: 20091112193522.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: XPSP2 Event Code: 7036 Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution. Record Number: 35666 Source Name: Service Control Manager Time Written: 20091112193522.000000+060 Event Type: Informations User: Computer Name: XPSP2 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI. Record Number: 35665 Source Name: Service Control Manager Time Written: 20091112193522.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: XPSP2 Event Code: 5000 Message: Service McShield démarré. Version du moteur : 5301.4018 Version du fichier DAT : 5791.0000 Nombre de signatures dans le fichier EXTRA.DAT : Aucun Nom des menaces pouvant être détectées par EXTRA.DAT : Aucun Record Number: 24335 Source Name: McLogEvent Time Written: 20091121081456.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: XPSP2 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 24334 Source Name: SecurityCenter Time Written: 20091121081446.000000+060 Event Type: Informations User: Computer Name: XPSP2 Event Code: 1 Message: Record Number: 24333 Source Name: Bonjour Service Time Written: 20091121081438.000000+060 Event Type: Informations User: Computer Name: XPSP2 Event Code: 4 Message: The LightScribe Service started successfully. Record Number: 24332 Source Name: LightScribeService Time Written: 20091121081438.000000+060 Event Type: Informations User: Computer Name: XPSP2 Event Code: 257 Message: Elément bloqué par une règle de blocage de port (Protection standard antivirus:Empêcher la communication IRC). Record Number: 24331 Source Name: McLogEvent Time Written: 20091120202620.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=1706 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "VSEDEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection "DEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection "RGSCLauncher"=C:\Program Files\Rockstar Games\Rockstar Games Social Club "RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip -----------------EOF----------------- et le log.txt: Logfile of random's system information tool 1.06 (written by random/random) Run by franck_hélène at 2009-12-20 19:04:40 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 95 GB (48%) free of 200 GB Total RAM: 3070 MB (78% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:04:58, on 20/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\SFR\Kit\9props.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\franck_hélène\Bureau\RSIT.exe C:\Program Files\trend micro\franck_hélène.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7829 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-13 327748] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] Objet d'aide à la navigation SFR - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll [2009-10-15 165184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll [2006-11-30 67136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll [2008-08-02 757760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Companion - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll [2005-04-13 327748] {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll [2008-08-02 757760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-19 16844800] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864] "36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-08-29 1966080] "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2007-02-22 112216] "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\UdaterUI.exe [2006-12-19 136768] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784] "SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600] "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440] "nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-10-15 959808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service" "C:\Program Files\eChanblard\emule.exe"="C:\Program Files\eChanblard\emule.exe:*:Enabled:eChanblard" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Disabled:GPGNet - Supreme Commander" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Disabled:Grand Theft Auto IV" "C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Disabled:Grand Theft Auto IV" "C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Disabled:Rockstar Games Social Club" "C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008" "C:\Program Files\Anno 1701\Anno1701.exe"="C:\Program Files\Anno 1701\Anno1701.exe:*:Disabled:Anno 1701" "C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe"="C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe:*:Disabled:TViXNetShare" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Disabled:Anno4Web" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{caba9096-5906-11de-9ff4-001a4d5a5e3d}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL KIT_NEUROPSY_Tome_2_BAT_24.02.09.pdf ======List of files/folders created in the last 1 months====== 2009-12-20 15:27:34 ----D---- C:\rsit 2009-12-20 15:27:34 ----D---- C:\Program Files\trend micro 2009-12-19 17:10:10 ----A---- C:\WINDOWS\system32\lsdelete.exe 2009-12-19 16:33:56 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6} 2009-12-19 16:33:48 ----D---- C:\Program Files\Lavasoft 2009-12-16 17:34:56 ----SHD---- C:\Documents and Settings\All Users\Application Data\WSNZSYQVRD_APDM 2009-12-12 11:42:49 ----HD---- C:\WINDOWS\system32\GroupPolicy 2009-12-12 10:40:24 ----D---- C:\Program Files\SFR 2009-12-12 10:37:45 ----A---- C:\WINDOWS\RTacDbg.txt 2009-12-05 11:56:11 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-02 17:42:20 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2009-12-01 18:38:18 ----D---- C:\Program Files\Call of Duty 2009-12-01 17:08:58 ----D---- C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP 2009-12-01 17:06:19 ----D---- C:\Program Files\NVIDIA Corporation 2009-12-01 17:06:11 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation 2009-12-01 17:05:42 ----RA---- C:\WINDOWS\system32\nvuninst.exe 2009-11-28 16:12:11 ----D---- C:\WINDOWS\NV28563132.TMP 2009-11-28 15:49:36 ----A---- C:\WINDOWS\system32\nvudisp.exe ======List of files/folders modified in the last 1 months====== 2009-12-20 18:05:42 ----D---- C:\WINDOWS\Prefetch 2009-12-20 18:05:10 ----D---- C:\WINDOWS\Temp 2009-12-20 15:27:34 ----RD---- C:\Program Files 2009-12-20 11:29:04 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-20 11:29:04 ----D---- C:\WINDOWS 2009-12-19 19:35:21 ----SD---- C:\WINDOWS\Tasks 2009-12-19 17:10:10 ----D---- C:\WINDOWS\system32 2009-12-19 16:34:23 ----D---- C:\WINDOWS\system32\drivers 2009-12-19 16:34:23 ----D---- C:\WINDOWS\inf 2009-12-19 16:34:20 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-12-19 16:33:56 ----SHD---- C:\WINDOWS\Installer 2009-12-19 16:33:48 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-12-19 15:12:02 ----D---- C:\QUARANTINE 2009-12-19 08:10:06 ----D---- C:\WINDOWS\Help 2009-12-18 19:32:28 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-18 17:42:51 ----D---- C:\WINDOWS\addins 2009-12-18 14:32:43 ----A---- C:\WINDOWS\NeroDigital.ini 2009-12-17 16:48:56 ----HD---- C:\Program Files\InstallShield Installation Information 2009-12-17 16:48:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-16 17:35:01 ----SHD---- C:\Documents and Settings\All Users\Application Data\9862ec8 2009-12-12 10:37:32 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-12-01 17:08:53 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard 2009-11-28 16:19:51 ----D---- C:\WINDOWS\nview 2009-11-28 16:02:54 ----D---- C:\WINDOWS\system32\Restore 2009-11-22 16:41:52 ----D---- C:\Documents and Settings\franck_hélène\Application Data\Audacity ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys [] R1 mfetdik;McAfee Inc.; C:\WINDOWS\system32\drivers\mfetdik.sys [2006-11-30 52136] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-21 281760] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-21 25888] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-19 4617728] R3 mfeapfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeapfk.sys [2006-11-30 64360] R3 mfeavfk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk.sys [2006-11-30 72264] R3 mfebopk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfebopk.sys [2006-11-30 34152] R3 mfehidk;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-02-22 170408] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 DsAudioDevice_207;DsAudioDevice_207; C:\WINDOWS\system32\drivers\DsAudioDevice_207.sys [2009-01-08 16640] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-05-15 583552] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2004-08-19 32128] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-19 1181328] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-06-28 79136] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-12-19 104000] R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [2007-02-22 144960] R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [2007-02-22 54872] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  11. franck81
    Bonjour, voici mon problème : j'ai été contaminé il y a quelques temps par system defender je crois... j'ai fait malwarebytes ( mis à jour) + adaware + ccleaner. je pensais m'en etre debarassé depuis, impossible de redemarrer en mode sans echec. de plus apres un redemarrage en mode normal, ma connection internet est en vrac...je dois desactiver et reactiver par la suite. je viens de faire un malwarebytes, voici le rapport; Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3396 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 20/12/2009 14:39:09 mbam-log-2009-12-20 (14-39-09).txt Type de recherche: Examen complet (C:\|D:\|G:\|) Eléments examinés: 191933 Temps écoulé: 31 minute(s), 37 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) je fais un ad-aware, voici le rapport: Logfile created: 20/12/2009 10:45:30 Lavasoft Ad-Aware version: 8.1.3 User performing scan: franck_hélène *********************** Definitions database information *********************** Lavasoft definition file: 149.118 Genotype definition file version: 2009/12/17 16:29:18 ******************************** Scan results: ********************************* Scan profile name: Analyse complète (ID: full) Objects scanned: 109128 Objects detected: 76 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 6 Files...........: 0 Folders.........: 0 LSPs............: 0 Cookies.........: 70 Browser hijacks.: 0 MRU objects.....: 0 Removed items: Description: www.securesoftwarebill.com(74.125.45.100) @ 3 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752071 Family ID: 560 Description: secure-plus-payments.com(74.125.45.100) @ 4 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752067 Family ID: 560 Description: www.getantivirusplusnow.com(74.125.45.100) @ 5 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752066 Family ID: 560 Description: www.secure-plus-payments.com(74.125.45.100) @ 6 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752067 Family ID: 560 Description: secure.paysecuresystem.com(74.125.45.100) @ 7 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752072 Family ID: 560 Description: paysoftbillsolution.com(74.125.45.100) @ 8 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752073 Family ID: 560 Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0 Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0 Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0 Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0 Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0 Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0 Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0 Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0 Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0 Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0 Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0 Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0 Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0 Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0 Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0 Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0 Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0 Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0 Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0 Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0 Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0 Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0 Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0 Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0 Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0 Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0 Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0 Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *bluestreak* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408904 Family ID: 0 Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0 Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0 Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0 Scan and cleaning complete: Finished correctly after 1598 seconds *********************************** Settings *********************************** Scan profile: ID: full, enabled:1, value: Analyse complète ID: folderstoscan, enabled:1, value: C:\,D:\ ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: true ID: scanhostsfile, enabled:1, value: true ID: scanmru, enabled:1, value: true ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: true ID: onlyexecutables, enabled:1, value: false ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently ID: deffiles, enabled:1, value: dontcheck, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: dontcheck, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Sat Dec 19 16:34:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Sat Dec 19 22:34:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Sat Dec 19 04:34:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Sat Dec 19 10:34:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Sat Dec 19 16:34:00 2009 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: true ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: true ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: autoentertainmentmode, enabled:1, value: false ID: guimode, enabled:1, value: mode_advanced, domain: mode_advanced,mode_simple ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language Realtime protection settings: ID: realtime, enabled:1 ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: registryprotection, enabled:1, value: false ID: networkprotection, enabled:1, value: false ID: layers, enabled:1 ID: useantivirus, enabled:1, value: false ID: usespywareheuristics, enabled:1, value: false ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ****************************** System information ****************************** Computer name: XPSP2 Processor name: Intel® Core2 Duo CPU E8200 @ 2.66GHz Processor identifier: x86 Family 6 Model 23 Stepping 6 Processor speed: ~2666MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 5894, number of processors 2, processor features: [MMX,SSE,SSE2] Physical memory available: 2178932736 bytes Physical memory total: 3219566592 bytes Virtual memory available: 1997004800 bytes Virtual memory total: 2147352576 bytes Memory load: 32% Microsoft Windows XP Professional Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 496 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT PID: 552 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT PID: 576 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT PID: 620 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT PID: 632 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT PID: 808 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: AUTORITE NT PID: 836 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 892 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 960 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 1052 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT PID: 1104 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 1200 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT PID: 1392 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT PID: 1464 name: C:\WINDOWS\Explorer.EXE owner: franck_hélène domain: XPSP2 PID: 1544 name: C:\WINDOWS\RTHDCPL.EXE owner: franck_hélène domain: XPSP2 PID: 1604 name: C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE owner: franck_hélène domain: XPSP2 PID: 1612 name: C:\Program Files\McAfee\Common Framework\UdaterUI.exe owner: franck_hélène domain: XPSP2 PID: 1636 name: C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe owner: franck_hélène domain: XPSP2 PID: 1656 name: C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe owner: franck_hélène domain: XPSP2 PID: 1672 name: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe owner: franck_hélène domain: XPSP2 PID: 1688 name: C:\Program Files\iTunes\iTunesHelper.exe owner: franck_hélène domain: XPSP2 PID: 1720 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: franck_hélène domain: XPSP2 PID: 1728 name: C:\Program Files\SFR\Kit\9props.exe owner: franck_hélène domain: XPSP2 PID: 1784 name: C:\Program Files\McAfee\Common Framework\McTray.exe owner: franck_hélène domain: XPSP2 PID: 1952 name: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT PID: 1976 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain: AUTORITE NT PID: 2024 name: C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe owner: SYSTEM domain: AUTORITE NT PID: 404 name: C:\Program Files\McAfee\Common Framework\FrameworkService.exe owner: SYSTEM domain: AUTORITE NT PID: 428 name: C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe owner: SYSTEM domain: AUTORITE NT PID: 352 name: C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe owner: SYSTEM domain: AUTORITE NT PID: 636 name: C:\Program Files\McAfee\Common Framework\naPrdMgr.exe owner: SYSTEM domain: AUTORITE NT PID: 992 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT PID: 2304 name: C:\Program Files\iPod\bin\iPodService.exe owner: SYSTEM domain: AUTORITE NT PID: 2340 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT PID: 2424 name: C:\WINDOWS\system32\wscntfy.exe owner: franck_hélène domain: XPSP2 PID: 2528 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT PID: 2844 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT PID: 3424 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: franck_hélène domain: XPSP2 PID: 2980 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: franck_hélène domain: XPSP2 Startup items: Name: CTFMON.EXE imagepath: C:\WINDOWS\system32\CTFMON.EXE Name: RTHDCPL imagepath: RTHDCPL.EXE Name: Alcmtr imagepath: ALCMTR.EXE Name: JMB36X IDE Setup imagepath: C:\WINDOWS\RaidTool\xInsIDE.exe Name: 36X Raid Configurer imagepath: C:\WINDOWS\system32\xRaidSetup.exe boot Name: ShStatEXE imagepath: "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE Name: McAfeeUpdaterUI imagepath: "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey Name: Adobe Reader Speed Launcher imagepath: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" Name: NeroFilterCheck imagepath: C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe Name: SunJavaUpdateSched imagepath: "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" Name: SSBkgdUpdate imagepath: "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot Name: OpwareSE4 imagepath: "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" Name: CanonSolutionMenu imagepath: C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon Name: CanonMyPrinter imagepath: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon Name: QuickTime Task imagepath: "C:\Program Files\QuickTime\qttask.exe" -atboottime Name: iTunesHelper imagepath: "C:\Program Files\iTunes\iTunesHelper.exe" Name: AppleSyncNotifier imagepath: C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe Name: nwiz imagepath: C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install Name: NvCplDaemon imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Name: NvMediaCenter imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Pré-chargeur Browseui Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Démon de cache des catégories de composant Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: WPDShServiceObj imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} Name: imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini Name: imagepath: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: ALG displayname: Service de la passerelle de la couche Application Name: Apple Mobile Device displayname: Apple Mobile Device Name: AudioSrv displayname: Audio Windows Name: Bonjour Service displayname: Service Bonjour Name: Browser displayname: Explorateur d'ordinateur Name: CryptSvc displayname: Services de cryptographie Name: DcomLaunch displayname: Lanceur de processus serveur DCOM Name: Dhcp displayname: Client DHCP Name: dmserver displayname: Gestionnaire de disque logique Name: Dnscache displayname: Client DNS Name: ERSvc displayname: Service de rapport d'erreurs Name: Eventlog displayname: Journal des événements Name: EventSystem displayname: Système d'événements de COM+ Name: FastUserSwitchingCompatibility displayname: Compatibilité avec le Changement rapide d'utilisateur Name: helpsvc displayname: Aide et support Name: iPod Service displayname: Service de l’iPod Name: lanmanserver displayname: Serveur Name: lanmanworkstation displayname: Station de travail Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: LightScribeService displayname: LightScribeService Direct Disc Labeling Service Name: LmHosts displayname: Assistance TCP/IP NetBIOS Name: McAfeeFramework displayname: McAfee Framework Service Name: McShield displayname: McAfee McShield Name: McTaskManager displayname: McAfee Task Manager Name: Netman displayname: Connexions réseau Name: Nla displayname: NLA (Network Location Awareness) Name: NVSvc displayname: NVIDIA Display Driver Service Name: PlugPlay displayname: Plug-and-Play Name: PolicyAgent displayname: Services IPSEC Name: ProtectedStorage displayname: Emplacement protégé Name: RasMan displayname: Gestionnaire de connexions d'accès distant Name: RemoteRegistry displayname: Accès à distance au Registre Name: RpcSs displayname: Appel de procédure distante (RPC) Name: SamSs displayname: Gestionnaire de comptes de sécurité Name: Schedule displayname: Planificateur de tâches Name: seclogon displayname: Connexion secondaire Name: SENS displayname: Notification d'événement système Name: SharedAccess displayname: Pare-feu Windows / Partage de connexion Internet Name: ShellHWDetection displayname: Détection matériel noyau Name: Spooler displayname: Spouleur d'impression Name: SSDPSRV displayname: Service de découvertes SSDP Name: stisvc displayname: Acquisition d'image Windows (WIA) Name: TapiSrv displayname: Téléphonie Name: TermService displayname: Services Terminal Server Name: Themes displayname: Thèmes Name: TrkWks displayname: Client de suivi de lien distribué Name: W32Time displayname: Horloge Windows Name: WebClient displayname: WebClient Name: winmgmt displayname: Infrastructure de gestion Windows Name: wscsvc displayname: Centre de sécurité Name: wuauserv displayname: Mises à jour automatiques Name: WZCSVC displayname: Configuration automatique sans fil je parcours les forums depuis 2 jours et j'ai des doutes sur ces trucs: Description: www.securesoftwarebill.com(74.125.45.100) @ 3 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752071 Family ID: 560 Description: secure-plus-payments.com(74.125.45.100) @ 4 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752067 Family ID: 560 Description: www.getantivirusplusnow.com(74.125.45.100) @ 5 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752066 Family ID: 560 Description: www.secure-plus-payments.com(74.125.45.100) @ 6 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752067 Family ID: 560 Description: secure.paysecuresystem.com(74.125.45.100) @ 7 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752072 Family ID: 560 Description: paysoftbillsolution.com(74.125.45.100) @ 8 Family Name: Redirected hostfile entry Engine: 1 Clean status: Reboot required Item ID: 1752073 Family ID: 560 mais je ne sais pas comment faire...car ad aware me dit qu'un redemarrage est necessaire mais à la remise en route internet est deconnecté et MAB ne trouve rien alors que adaware les retrouve... à noter mon antivirus est macafee ( de mon entreprise) mis à jour également. Merci pour votre aide
  12. franck81
    Bonjour à tous, je me présente, Franck, 35 ans j'habite dans le Tarn ( 60kms de Toulouse). j'ouvre un post vous présentant mon problème dans la rubrique qui va bien j'espère vraiment me sortir de ce foutou machin qui m'embête depuis quelques temps , j'ai tout essayé mais je m'en remets à des pros car là je sais plus quoi faire
×
×
  • Créer...