Aller au contenu

gob2

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    11

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par gob2

  1. gob2
    bonjour, je fais remonter ce sujet pour la simple et bonne raison que bien que tout ces problemes de malaware aient disparu, je suis comment dire très mal etant donné que des fichiers odt que j'avais transferé sur un disque dur externe (connecte a l'ordi infecte mais que j'ai pri la peinne de bien connecte lors des manipulations cités au par avant) ne s'ouvrent plus. Je m'explique il m'est affiché option de filtre ASCII et s'en suit un affichage de page de rempli de # sur writer livré avec open office 3.1. Bref cela me chagrinne un peu etant donne que se sont tout mes cours et mes examens sont dans une semaine. je precise que certain s'ouvre encore correctment c'est a n'y rien comprendre pour moi en tout cas. Donc ma demande et la suivante est ce une facheuse consequence de ce qui c'est produit avec ces malawares ou un probleme completement exterieur a cela ? merci pour le temps accordé a ma lecture au passage joyeuse année
  2. gob2
    Bonjour, Me revoila, donc j'ai bien effectué la vaccination comme il est stippulé plus haut. Mon ordi tourne bien je n'en ai plus a m'en plaindre seul petite chose peut etre etrange apres sa mise en route au bout de 10,20 min l'ecran deveint tout blanc pendant 2 seconde puis tout reprend normalement enfin rien d'alarmant (pour moi du moins^^). Sans sa concretement plus de fenetres intempestives qui s'ouvrent et il est beaucoup plus rapide sur internet qu'avant meme toute ces attaques. Voila je te remercie enormement pour toute l'aide apporté si je dois faire qqchsoe de supplementaire je suis a ta disposition ^^
  3. gob2
    voici pour le deuxieme rapport suppression usb fix Mon pc vat mieux en tout cas!!! la vaccination sera faite demain ce soir je n'ai pas le temps je dois retourner chez moi et je n'ai aps internet. Un grand merci a toi et au site en general voila si il y a autre chose a faire fait moi parvenir tes indications un grand merci encore pour toute l'aide promulguer ############################## | UsbFix V6.068 | User : jackie (Administrateurs) # JACKYE Update on 28/12/2009 by Chiquitine29, C_XX & Chimay8 Start at: 18:01:58 | 28/12/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Atom CPU N270 @ 1.60GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : Malware Defense 1.0 [ Enabled | (!) Outdated ] AV : avast! antivirus 4.8.1368 [VPS 091227-1] 4.8.1368 [ Enabled | Updated ] C:\ -> Disque fixe local # 71,04 Go (59,57 Go free) # NTFS D:\ -> Disque fixe local # 72 Go (71,88 Go free) # NTFS E:\ -> Disque fixe local # 85,91 Go (1,79 Go free) # NTFS ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe 644 C:\WINDOWS\system32\csrss.exe 704 C:\WINDOWS\system32\winlogon.exe 728 C:\WINDOWS\system32\services.exe 772 C:\WINDOWS\system32\lsass.exe 784 C:\WINDOWS\system32\svchost.exe 952 C:\WINDOWS\system32\svchost.exe 1020 C:\WINDOWS\System32\svchost.exe 1092 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1148 C:\WINDOWS\system32\svchost.exe 1236 C:\WINDOWS\system32\svchost.exe 1280 C:\WINDOWS\Explorer.EXE 1472 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1552 C:\Program Files\Alwil Software\Avast4\ashServ.exe 1620 C:\WINDOWS\system32\spoolsv.exe 228 C:\WINDOWS\system32\svchost.exe 388 C:\Program Files\Java\jre6\bin\jqs.exe 452 C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe 552 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 568 C:\WINDOWS\system32\svchost.exe 912 C:\WINDOWS\system32\RUNDLL32.EXE 1004 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe 1244 C:\WINDOWS\system32\wuauclt.exe 1320 C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 1692 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 1768 C:\WINDOWS\System32\alg.exe 1508 C:\WINDOWS\system32\wbem\wmiprvse.exe 1896 ################## | Elements infectieux | Supprimé ! C:\Recycler\S-1-5-21-1214440339-764733703-1644491937-1003 Supprimé ! C:\Recycler\S-1-5-21-708216557-4266648099-3018337104-1005 Supprimé ! C:\Recycler\S-1-5-21-931196064-335735689-1684122734-1005 Supprimé ! D:\Recycler\S-1-5-21-708216557-4266648099-3018337104-1005 Supprimé ! E:\Recycler\S-1-5-21-1606980848-527237240-1417001333-1005 Supprimé ! E:\Recycler\S-1-5-21-1606980848-527237240-1417001333-1007 Supprimé ! E:\Recycler\S-1-5-21-1867097140-208946811-1200290295-1006 Supprimé ! E:\Recycler\S-1-5-21-2203895323-447908819-2648310342-1005 Supprimé ! E:\Recycler\S-1-5-21-507921405-1532298954-1417001333-1004 Supprimé ! E:\Recycler\S-1-5-21-682003330-1383384898-725345543-1003 Supprimé ! E:\Recycler\S-1-5-21-682003330-1383384898-725345543-1004 Supprimé ! E:\Recycler\S-1-5-21-682003330-1383384898-725345543-501 Supprimé ! E:\Recycler\S-1-5-21-708216557-4266648099-3018337104-1005 Supprimé ! E:\Recycler\S-1-5-21-790525478-220523388-725345543-1003 ################## | Registre | ################## | Mountpoints2 | Supprimé ! HKCU\...\Explorer\MountPoints2\{85e35866-98c8-11de-a24e-001377f0c7b9}\Shell\AutoRun\Command Supprimé ! HKCU\...\Explorer\MountPoints2\{eaf410dd-0404-11de-941b-0024d2295eb1}\Shell\1\Command Supprimé ! HKCU\...\Explorer\MountPoints2\{eaf410de-0404-11de-941b-0024d2295eb1}\Shell\1\Command ################## | Listing des fichiers présent | [12/02/2009 12:51|--a------|0] C:\AUTOEXEC.BAT [08/06/2009 00:59|-rahs----|216] C:\boot.ini [14/04/2008 13:00|-rahs----|4952] C:\Bootfont.bin [12/02/2009 12:51|--a------|0] C:\CONFIG.SYS [?|?|?] C:\hiberfil.sys [12/02/2009 12:51|-rahs----|0] C:\IO.SYS [12/02/2009 12:51|-rahs----|0] C:\MSDOS.SYS [14/04/2008 13:00|-rahs----|47564] C:\NTDETECT.COM [14/04/2008 13:00|-rahs----|252240] C:\ntldr [29/02/2004 16:44|--a------|52576] C:\orange.bmp [?|?|?] C:\pagefile.sys [12/02/2009 13:01|--a------|173] C:\Setup.log [28/12/2009 16:07|--a------|31948] C:\TDSSKiller.2.1.1_28.12.2009_16.07.56_log.txt [28/12/2009 18:08|--a------|4164] C:\UsbFix.txt [26/04/2008 18:13|--a------|2] E:\-1808813005 [12/09/2005 08:40|--a------|0] E:\AUTOEXEC.BAT [20/12/2007 18:22|---hs----|216] E:\boot.ini [05/08/2004 13:00|-rahs----|4952] E:\Bootfont.bin [12/09/2005 08:40|--a------|0] E:\CONFIG.SYS [27/12/2005 19:53|--ahs----|1071894528] E:\hiberfil.sys [12/09/2005 08:40|-rahs----|0] E:\IO.SYS [12/09/2005 08:40|-rahs----|0] E:\MSDOS.SYS [05/08/2004 13:00|-rahs----|47564] E:\NTDETECT.COM [05/08/2004 13:00|-rahs----|251712] E:\ntldr [19/10/2008 09:45|--ahs----|3220176896] E:\pagefile.sys [20/12/2007 19:24|--a------|86] E:\setup.log ################## | Vaccination | # C:\autorun.inf -> Dossier créé par UsbFix. # D:\autorun.inf -> Dossier créé par UsbFix. # E:\autorun.inf -> Dossier créé par UsbFix. ################## | Cracks > Keygens > Serials |
  4. gob2
    VOILA le resultat du premier rapport usb fix recherche ############################## | UsbFix V6.068 | User : jackie (Administrateurs) # JACKYE Update on 28/12/2009 by Chiquitine29, C_XX & Chimay8 Start at: 17:48:57 | 28/12/2009 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Atom CPU N270 @ 1.60GHz Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : Malware Defense 1.0 [ Enabled | (!) Outdated ] AV : avast! antivirus 4.8.1368 [VPS 091227-1] 4.8.1368 [ (!) Disabled | Updated ] C:\ -> Disque fixe local # 71,04 Go (59,6 Go free) # NTFS D:\ -> Disque fixe local # 72 Go (71,88 Go free) # NTFS E:\ -> Disque fixe local # 85,91 Go (1,79 Go free) # NTFS ############################## | Processus actifs | C:\WINDOWS\System32\smss.exe 648 C:\WINDOWS\system32\csrss.exe 704 C:\WINDOWS\system32\winlogon.exe 728 C:\WINDOWS\system32\services.exe 772 C:\WINDOWS\system32\lsass.exe 784 C:\WINDOWS\system32\svchost.exe 956 C:\WINDOWS\system32\svchost.exe 1024 C:\WINDOWS\System32\svchost.exe 1064 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1136 C:\WINDOWS\system32\svchost.exe 1192 C:\WINDOWS\system32\svchost.exe 1268 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1488 C:\WINDOWS\Explorer.EXE 1540 C:\Program Files\Alwil Software\Avast4\ashServ.exe 1604 C:\WINDOWS\RTHDCPL.EXE 1808 C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe 1824 C:\WINDOWS\system32\igfxtray.exe 1832 C:\WINDOWS\system32\igfxpers.exe 1856 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1864 C:\WINDOWS\system32\igfxsrvc.exe 1920 C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe 1940 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe 1976 C:\Program Files\Java\jre6\bin\jusched.exe 2012 C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 2040 C:\WINDOWS\system32\ctfmon.exe 164 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe 172 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe 212 C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe 356 C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe 368 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 412 C:\Program Files\OpenOffice.org 3\program\soffice.exe 544 C:\Program Files\OpenOffice.org 3\program\soffice.bin 568 C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE 1092 C:\WINDOWS\system32\spoolsv.exe 1244 C:\WINDOWS\system32\svchost.exe 2744 C:\Program Files\Java\jre6\bin\jqs.exe 2812 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 2872 C:\WINDOWS\system32\svchost.exe 3020 C:\WINDOWS\system32\RUNDLL32.EXE 3048 C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe 3112 C:\WINDOWS\system32\wbem\wmiprvse.exe 3512 C:\WINDOWS\system32\igfxext.exe 3996 C:\WINDOWS\System32\alg.exe 4056 C:\WINDOWS\system32\wuauclt.exe 608 C:\Program Files\Windows Live\Toolbar\wltuser.exe 2336 C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe 2500 C:\Program Files\Internet Explorer\iexplore.exe 2896 C:\Program Files\Internet Explorer\iexplore.exe 2124 C:\Program Files\Internet Explorer\iexplore.exe 1612 ################## | Elements infectieux | ################## | Registre | ################## | Mountpoints2 | HKCU\..\..\Explorer\MountPoints2\{85e35866-98c8-11de-a24e-001377f0c7b9} Shell\AutoRun\command =E:\setup_vmc_lite.exe /checkApplicationPresence HKCU\..\..\Explorer\MountPoints2\{eaf410dd-0404-11de-941b-0024d2295eb1} Shell\1\Command =D:\Recycled.exe Shell\2\Command =D:\Recycled.exe Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe HKCU\..\..\Explorer\MountPoints2\{eaf410de-0404-11de-941b-0024d2295eb1} Shell\1\Command =F:\Recycled.exe Shell\2\Command =F:\Recycled.exe Shell\AutoRun\command =C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe ################## | Cracks > Keygens > Serials | ################## | ! Fin du rapport # UsbFix V6.068 ! |
  5. gob2
    c'est mon coté daltonien qui me joue des tours ^^ dc j ai normalement bien fait l'etape deux et voila le rapport de l'etape 3 : Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3444 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28/12/2009 17:30:32 mbam-log-2009-12-28 (17-30-31).txt Type de recherche: Examen rapide Eléments examinés: 107121 Temps écoulé: 10 minute(s), 15 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\h8srtd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\jackie\Local Settings\Temp\richtx64.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\H8SRTmpqbnrttrf.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\system32\H8SRTyxwqtltxtq.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Documents and Settings\jackie\Local Settings\Temp\wscsvc32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\mdext.dll (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\WINDOWS\system32\krl32mainweq.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully. C:\WINDOWS\system32\H8SRTltpqnnmxdp.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\H8SRTecb1.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Documents and Settings\jackie\Local Settings\Temp\H8SRTb597.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
  6. gob2
    se pourait il que sa soit macafee qui me bloque l'instalation de l'executable si oui comment faire ? merci encore
  7. gob2
    me revoila je suis donc bloqué a la seconde etape un message d'erreur apparait: erreur lors de la copie de fichier ou du dossier impossible de copier rkill[1]: accé refusé verifiez que le disque n'est pas plein ou protégé en ecriture, et que le fichier n'est pas utilisé actuellement voila dc je n'ai pas poursuivi plus la vut que l'ordre des etapes ont l'air d'etre tres importante que faire ?
  8. gob2
    VOILA pour le 1er rapport de tdsskiller et hop je redemarre le pc 16:07:56:953 1604 TDSSKiller 2.1.1 Dec 20 2009 02:40:02 16:07:56:953 1604 ================================================================================ 16:07:56:953 1604 SystemInfo: 16:07:56:953 1604 OS Version: 5.1.2600 ServicePack: 3.0 16:07:56:953 1604 Product type: Workstation 16:07:56:953 1604 ComputerName: JACKYE 16:07:56:968 1604 UserName: jackie 16:07:56:968 1604 Windows directory: C:\WINDOWS 16:07:56:968 1604 Processor architecture: Intel x86 16:07:56:968 1604 Number of processors: 2 16:07:56:968 1604 Page size: 0x1000 16:07:56:968 1604 Boot type: Normal boot 16:07:56:968 1604 ================================================================================ 16:07:56:984 1604 ForceUnloadDriver: NtUnloadDriver error 2 16:07:56:984 1604 ForceUnloadDriver: NtUnloadDriver error 2 16:07:56:984 1604 ForceUnloadDriver: NtUnloadDriver error 2 16:07:57:000 1604 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0 16:07:57:156 1604 main: Driver KLMD successfully dropped 16:07:57:187 1604 main: Driver KLMD successfully loaded 16:07:57:187 1604 Scanning Registry ... 16:07:57:218 1604 ScanServices: Searching service UACd.sys 16:07:57:218 1604 ScanServices: Open/Create key error 2 16:07:57:218 1604 ScanServices: Searching service TDSSserv.sys 16:07:57:218 1604 ScanServices: Open/Create key error 2 16:07:57:218 1604 ScanServices: Searching service gaopdxserv.sys 16:07:57:218 1604 ScanServices: Open/Create key error 2 16:07:57:218 1604 ScanServices: Searching service gxvxcserv.sys 16:07:57:218 1604 ScanServices: Open/Create key error 2 16:07:57:218 1604 ScanServices: Searching service MSIVXserv.sys 16:07:57:218 1604 ScanServices: Open/Create key error 2 16:07:57:218 1604 UnhookRegistry: Kernel module file name: C:\windows\system32\ntoskrnl.exe, base addr: 804D7000 16:07:57:765 1604 UnhookRegistry: Kernel local addr: A40000 16:07:57:765 1604 UnhookRegistry: KeServiceDescriptorTable addr: ACB520 16:07:57:843 1604 UnhookRegistry: KiServiceTable addr: A4D8B0 16:07:57:843 1604 UnhookRegistry: NtEnumerateKey service number (local): 47 16:07:57:843 1604 UnhookRegistry: NtEnumerateKey local addr: AE1E14 16:07:57:843 1604 KLMD_OpenDevice: Trying to open KLMD device 16:07:57:843 1604 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey 16:07:57:843 1604 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey 16:07:57:843 1604 KLMD_ReadMem: Trying to ReadMemory 0x804E380F[0x4] 16:07:57:859 1604 UnhookRegistry: NtEnumerateKey service number (kernel): 47 16:07:57:859 1604 KLMD_ReadMem: Trying to ReadMemory 0x804E49CC[0x4] 16:07:57:859 1604 UnhookRegistry: NtEnumerateKey real addr: 80578E14 16:07:57:859 1604 UnhookRegistry: NtEnumerateKey calc addr: 80578E14 16:07:57:859 1604 UnhookRegistry: No SDT hooks found on NtEnumerateKey 16:07:57:859 1604 KLMD_ReadMem: Trying to ReadMemory 0x80578E14[0xA] 16:07:57:859 1604 UnhookRegistry: No splicing found on NtEnumerateKey 16:07:57:859 1604 Scanning Kernel memory ... 16:07:57:859 1604 KLMD_OpenDevice: Trying to open KLMD device 16:07:57:859 1604 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk 16:07:57:859 1604 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 16:07:57:859 1604 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 863CD890 16:07:57:859 1604 DetectCureTDL3: KLMD_GetDeviceObjectList returned 4 DevObjects 16:07:57:859 1604 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 86361C68 16:07:57:859 1604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86361C68 16:07:57:859 1604 KLMD_ReadMem: Trying to ReadMemory 0x86361C68[0x38] 16:07:57:859 1604 DetectCureTDL3: DRIVER_OBJECT addr: 863CD890 16:07:57:859 1604 KLMD_ReadMem: Trying to ReadMemory 0x863CD890[0xA8] 16:07:57:859 1604 KLMD_ReadMem: Trying to ReadMemory 0xE1002B40[0x208] 16:07:57:859 1604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 16:07:57:859 1604 DetectCureTDL3: IrpHandler (0) addr: F7651BB0 16:07:57:859 1604 DetectCureTDL3: IrpHandler (1) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (2) addr: F7651BB0 16:07:57:859 1604 DetectCureTDL3: IrpHandler (3) addr: F764BD1F 16:07:57:859 1604 DetectCureTDL3: IrpHandler (4) addr: F764BD1F 16:07:57:859 1604 DetectCureTDL3: IrpHandler (5) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (6) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (7) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler ( addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (9) addr: F764C2E2 16:07:57:859 1604 DetectCureTDL3: IrpHandler (10) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (11) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (12) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (13) addr: 804F9739 16:07:57:859 1604 DetectCureTDL3: IrpHandler (14) addr: F764C3BB 16:07:57:859 1604 DetectCureTDL3: IrpHandler (15) addr: F764FF28 16:07:57:859 1604 DetectCureTDL3: IrpHandler (16) addr: F764C2E2 16:07:57:875 1604 DetectCureTDL3: IrpHandler (17) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (18) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (19) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (20) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (21) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (22) addr: F764DC82 16:07:57:875 1604 DetectCureTDL3: IrpHandler (23) addr: F765299E 16:07:57:875 1604 DetectCureTDL3: IrpHandler (24) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (25) addr: 804F9739 16:07:57:875 1604 DetectCureTDL3: IrpHandler (26) addr: 804F9739 16:07:57:875 1604 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 16:07:57:875 1604 KLMD_ReadMem: DeviceIoControl error 1 16:07:57:875 1604 TDL3_StartIoHookDetect: Unable to get StartIo handler code 16:07:57:875 1604 TDL3_FileDetect: Processing driver: Disk 16:07:57:875 1604 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 16:07:57:875 1604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 16:07:57:875 1604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 16:07:57:890 1604 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 86362C68 16:07:57:890 1604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86362C68 16:07:57:890 1604 KLMD_ReadMem: Trying to ReadMemory 0x86362C68[0x38] 16:07:57:890 1604 DetectCureTDL3: DRIVER_OBJECT addr: 863CD890 16:07:57:890 1604 KLMD_ReadMem: Trying to ReadMemory 0x863CD890[0xA8] 16:07:57:890 1604 KLMD_ReadMem: Trying to ReadMemory 0xE1002B40[0x208] 16:07:57:890 1604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 16:07:57:890 1604 DetectCureTDL3: IrpHandler (0) addr: F7651BB0 16:07:57:890 1604 DetectCureTDL3: IrpHandler (1) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (2) addr: F7651BB0 16:07:57:890 1604 DetectCureTDL3: IrpHandler (3) addr: F764BD1F 16:07:57:890 1604 DetectCureTDL3: IrpHandler (4) addr: F764BD1F 16:07:57:890 1604 DetectCureTDL3: IrpHandler (5) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (6) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (7) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler ( addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (9) addr: F764C2E2 16:07:57:890 1604 DetectCureTDL3: IrpHandler (10) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (11) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (12) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (13) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (14) addr: F764C3BB 16:07:57:890 1604 DetectCureTDL3: IrpHandler (15) addr: F764FF28 16:07:57:890 1604 DetectCureTDL3: IrpHandler (16) addr: F764C2E2 16:07:57:890 1604 DetectCureTDL3: IrpHandler (17) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (18) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (19) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (20) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (21) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (22) addr: F764DC82 16:07:57:890 1604 DetectCureTDL3: IrpHandler (23) addr: F765299E 16:07:57:890 1604 DetectCureTDL3: IrpHandler (24) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (25) addr: 804F9739 16:07:57:890 1604 DetectCureTDL3: IrpHandler (26) addr: 804F9739 16:07:57:906 1604 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 16:07:57:906 1604 KLMD_ReadMem: DeviceIoControl error 1 16:07:57:906 1604 TDL3_StartIoHookDetect: Unable to get StartIo handler code 16:07:57:906 1604 TDL3_FileDetect: Processing driver: Disk 16:07:57:906 1604 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 16:07:57:906 1604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 16:07:57:906 1604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 16:07:57:906 1604 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 86363C68 16:07:57:906 1604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86363C68 16:07:57:906 1604 KLMD_ReadMem: Trying to ReadMemory 0x86363C68[0x38] 16:07:57:906 1604 DetectCureTDL3: DRIVER_OBJECT addr: 863CD890 16:07:57:906 1604 KLMD_ReadMem: Trying to ReadMemory 0x863CD890[0xA8] 16:07:57:906 1604 KLMD_ReadMem: Trying to ReadMemory 0xE1002B40[0x208] 16:07:57:906 1604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 16:07:57:906 1604 DetectCureTDL3: IrpHandler (0) addr: F7651BB0 16:07:57:906 1604 DetectCureTDL3: IrpHandler (1) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (2) addr: F7651BB0 16:07:57:906 1604 DetectCureTDL3: IrpHandler (3) addr: F764BD1F 16:07:57:906 1604 DetectCureTDL3: IrpHandler (4) addr: F764BD1F 16:07:57:906 1604 DetectCureTDL3: IrpHandler (5) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (6) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (7) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler ( addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (9) addr: F764C2E2 16:07:57:906 1604 DetectCureTDL3: IrpHandler (10) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (11) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (12) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (13) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (14) addr: F764C3BB 16:07:57:906 1604 DetectCureTDL3: IrpHandler (15) addr: F764FF28 16:07:57:906 1604 DetectCureTDL3: IrpHandler (16) addr: F764C2E2 16:07:57:906 1604 DetectCureTDL3: IrpHandler (17) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (18) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (19) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (20) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (21) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (22) addr: F764DC82 16:07:57:906 1604 DetectCureTDL3: IrpHandler (23) addr: F765299E 16:07:57:906 1604 DetectCureTDL3: IrpHandler (24) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (25) addr: 804F9739 16:07:57:906 1604 DetectCureTDL3: IrpHandler (26) addr: 804F9739 16:07:57:906 1604 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 16:07:57:906 1604 KLMD_ReadMem: DeviceIoControl error 1 16:07:57:906 1604 TDL3_StartIoHookDetect: Unable to get StartIo handler code 16:07:57:921 1604 TDL3_FileDetect: Processing driver: Disk 16:07:57:921 1604 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 16:07:57:921 1604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 16:07:57:921 1604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 16:07:57:921 1604 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 863A6AB8 16:07:57:921 1604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 863A6AB8 16:07:57:921 1604 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 863639E8 16:07:57:921 1604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 863639E8 16:07:57:921 1604 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8637B940 16:07:57:921 1604 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8637B940 16:07:57:921 1604 KLMD_ReadMem: Trying to ReadMemory 0x8637B940[0x38] 16:07:57:921 1604 DetectCureTDL3: DRIVER_OBJECT addr: 8637E360 16:07:57:921 1604 KLMD_ReadMem: Trying to ReadMemory 0x8637E360[0xA8] 16:07:57:921 1604 KLMD_ReadMem: Trying to ReadMemory 0xE148E468[0x208] 16:07:57:921 1604 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 16:07:57:921 1604 DetectCureTDL3: IrpHandler (0) addr: F757D6F2 16:07:57:921 1604 DetectCureTDL3: IrpHandler (1) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (2) addr: F757D6F2 16:07:57:921 1604 DetectCureTDL3: IrpHandler (3) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (4) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (5) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (6) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (7) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler ( addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (9) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (10) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (11) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (12) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (13) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (14) addr: F757D712 16:07:57:921 1604 DetectCureTDL3: IrpHandler (15) addr: F7579852 16:07:57:921 1604 DetectCureTDL3: IrpHandler (16) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (17) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (18) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (19) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (20) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (21) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (22) addr: F757D73C 16:07:57:921 1604 DetectCureTDL3: IrpHandler (23) addr: F7584336 16:07:57:921 1604 DetectCureTDL3: IrpHandler (24) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (25) addr: 804F9739 16:07:57:921 1604 DetectCureTDL3: IrpHandler (26) addr: 804F9739 16:07:57:937 1604 KLMD_ReadMem: Trying to ReadMemory 0xF757A864[0x400] 16:07:57:937 1604 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 316, 0 16:07:57:937 1604 TDL3_FileDetect: Processing driver: atapi 16:07:57:937 1604 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\atapi.sys, C:\WINDOWS\system32\Drivers\atapi.tsk, SYSTEM\CurrentControlSet\Services\atapi, system32\Drivers\atapi.tsk 16:07:57:937 1604 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\atapi.sys 16:07:57:937 1604 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\atapi.sys 16:07:57:937 1604 Completed Results: 16:07:57:937 1604 Infected objects in memory: 0 16:07:57:937 1604 Cured objects in memory: 0 16:07:57:937 1604 Infected objects on disk: 0 16:07:57:937 1604 Objects on disk cured on reboot: 0 16:07:57:953 1604 Objects on disk deleted on reboot: 0 16:07:57:953 1604 Registry nodes deleted on reboot: 0 16:07:57:953 1604
  9. gob2
    Et voila pour l'info.txt je crois avoir tout fait comme il se doit: info.txt logfile of random's system information tool 1.06 2009-12-28 14:34:48 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Atheros WLAN Client-->"C:\Program Files\InstallShield Installation Information\{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}\setup.exe" -runfromtemp -l0x040c -removeonly avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Désinstaller l'imprimante EPSON SX110 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSFBE.EXE /R /APD /P:"EPSON SX110 Series" Easy Display Manager-->"C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly Easy Network Manager-->MsiExec.exe /I{A7581D39-EA20-4883-A480-80C21047052B} Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}\SETUP.exe -runfromtemp -l0x040c UNINST -removeonly Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" imagine digital freedom - Samsung-->MsiExec.exe /X{8E106A57-A17E-431D-B48F-175E42EB9F74} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Magic Keyboard-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\Setup.exe" -l0x9 Remove Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB973874)-->"C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Namuga 1.3M Webcam-->C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Play Camera-->C:\Program Files\InstallShield Installation Information\{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}\setup.exe -runfromtemp -l0x040c Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly Samsung Battery Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\Setup.exe" -l0x40c Remove Samsung EDS-->MsiExec.exe /X{ABB14904-A11B-4F42-996C-80FD608A0F17} Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x40c Remove Samsung Recovery Solution III-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung Update Plus-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{685707A4-911C-468D-BFC4-64A50E5E3A0C} /l1036 Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" User Guide-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x40c Remove Vodafone Mobile Connect Lite-->MsiExec.exe /X{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860} WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6} Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======Security center information====== AV: Malware Defense (outdated) AV: avast! antivirus 4.8.1368 [VPS 091227-1] AV: McAfee VirusScan (outdated) FW: McAfee Personal Firewall ======System event log====== Computer Name: JACKYE Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 3 Multiprocessor Free. Record Number: 15502 Source Name: EventLog Time Written: 20091207084904.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 6006 Message: Le service d'Enregistrement d'événement a été arrêté. Record Number: 15501 Source Name: EventLog Time Written: 20091206233836.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{D77F04D3-2A66-4D28-A233-1B30B485E273} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 15500 Source Name: Tcpip Time Written: 20091206231917.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 8033 Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{D77F04D3-2A66-4D28-A233-1B30B485E273} car un maître explorateur a été arrêté. Record Number: 15499 Source Name: BROWSER Time Written: 20091206231912.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 1002 Message: Le bail de l'adresse IP 192.168.2.11 pour la carte réseau dont l'adresse réseau est 0024D2295EB1 a été refusé par le serveur DHCP 192.168.2.1 (celui-ci a envoyé un message DHCPNACK). Record Number: 15498 Source Name: Dhcp Time Written: 20091206231912.000000+060 Event Type: erreur User: =====Application event log===== Computer Name: JACKYE Event Code: 0 Message: NET REMOVAL (\\?\Root#MS_PSCHEDMP#0001) Record Number: 9201 Source Name: VMCService Time Written: 20091203151307.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 0 Message: NET REMOVAL (\\?\Root#MS_PSCHEDMP#0002) Record Number: 9200 Source Name: VMCService Time Written: 20091203151307.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 0 Message: NET REMOVAL (\\?\Root#MS_PTIMINIPORT#0000) Record Number: 9199 Source Name: VMCService Time Written: 20091203151307.000000+060 Event Type: Informations User: Computer Name: JACKYE Event Code: 5000 Message: Service McShield démarré. Version du moteur : 5301.4018 Version du fichier DAT : 5638.0000 Nombre de signatures dans le fichier EXTRA.DAT : None Nom des menaces pouvant être détectées par EXTRA.DAT : None Record Number: 9198 Source Name: McLogEvent Time Written: 20091203150351.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: JACKYE Event Code: 0 Message: INFO: dom=<JACKYE>; usr=<JACKIE> Record Number: 9197 Source Name: VMCService Time Written: 20091203150320.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=1c02 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
  10. gob2
    J'ai bien executé ce que vous m'avez demandé encore merci pour la rapidité de la prise en charge. Voila le resultat du log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by jackie at 2009-12-28 14:33:18 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 61 GB (84%) free of 73 GB Total RAM: 1014 MB (30% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:34:34, on 28/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\Program Files\McAfee\VirusScan\McShield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\DOCUME~1\jackie\LOCALS~1\Temp\richtx64.exe C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\igfxext.exe C:\DOCUME~1\jackie\LOCALS~1\Temp\wscsvc32.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe C:\DOCUME~1\jackie\LOCALS~1\Temp\Installer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\jackie\Bureau\RSIT.exe C:\Program Files\trend micro\jackie.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [batteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [bitComet] "E:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\jackie\LOCALS~1\Temp\richtx64.exe O4 - HKCU\..\Run: [Malware Defense] "C:\Program Files\Malware Defense\mdefense.exe" -noscan O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 11811 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\McDefragTask.job C:\WINDOWS\tasks\McQcTask.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - E:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}] scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2007-11-09 58688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-12 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-11 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-04 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-04 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-12 263280] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-26 16851456] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344] ""= [] "EDS"=C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe [2007-12-20 659456] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-28 1044480] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "DMHotKey"=C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe [2006-12-27 466944] "BatteryManager"=C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe [2008-10-20 2768896] "MagicKeyboard"=C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe [2006-05-14 151552] "mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-04 582992] "MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-09-22 2073088] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-04 149280] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-12 39408] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "BitComet"=E:\Program Files\BitComet\BitComet.exe /tray [] "richtx64.exe"=C:\DOCUME~1\jackie\LOCALS~1\Temp\richtx64.exe [2009-12-27 716800] "Malware Defense"=C:\Program Files\Malware Defense\mdefense.exe -noscan [] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Documents and Settings\jackie\Menu Démarrer\Programmes\Démarrage OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe"="C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "E:\My Downloads\DeezRip.exe"="E:\My Downloads\DeezRip.exe:*:Disabled:DeezRip" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{85e35866-98c8-11de-a24e-001377f0c7b9}] shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaf410dd-0404-11de-941b-0024d2295eb1}] shell\1\command - D:\Recycled.exe shell\2\command - D:\Recycled.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eaf410de-0404-11de-941b-0024d2295eb1}] shell\1\command - F:\Recycled.exe shell\2\command - F:\Recycled.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe ======List of files/folders created in the last 1 months====== 2009-12-28 14:33:20 ----D---- C:\Program Files\trend micro 2009-12-28 14:33:18 ----D---- C:\rsit 2009-12-28 13:25:50 ----D---- C:\Program Files\Malware Defense 2009-12-28 03:41:24 ----A---- C:\WINDOWS\ntbtlog.txt 2009-12-28 03:15:55 ----A---- C:\WINDOWS\system32\MSVCR71.dll 2009-12-28 03:15:55 ----A---- C:\WINDOWS\system32\MSVCP71.dll 2009-12-28 03:15:55 ----A---- C:\WINDOWS\system32\MFC71.dll 2009-12-28 03:15:55 ----A---- C:\WINDOWS\system32\aswBoot.exe 2009-12-28 03:15:51 ----D---- C:\Program Files\Alwil Software 2009-12-27 14:18:06 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-12-27 05:17:57 ----A---- C:\WINDOWS\system32\krl32mainweq.dll 2009-12-27 05:16:55 ----A---- C:\WINDOWS\system32\H8SRTmpqbnrttrf.dll 2009-12-27 05:16:53 ----A---- C:\WINDOWS\system32\H8SRTyxwqtltxtq.dll 2009-12-27 05:15:52 ----A---- C:\Documents and Settings\All Users\Application Data\sysReserve.ini 2009-12-11 07:58:04 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-11 07:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-11 07:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-11 07:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-11 07:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ ======List of files/folders modified in the last 1 months====== 2009-12-28 14:33:23 ----D---- C:\WINDOWS\Temp 2009-12-28 14:33:20 ----RD---- C:\Program Files 2009-12-28 13:28:49 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-28 12:51:13 ----D---- C:\WINDOWS\system32\drivers 2009-12-28 12:51:08 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-28 12:41:21 ----D---- C:\WINDOWS 2009-12-28 03:24:15 ----D---- C:\WINDOWS\system32\config 2009-12-28 03:18:54 ----D---- C:\WINDOWS\system32 2009-12-27 16:46:19 ----D---- C:\WINDOWS\Prefetch 2009-12-27 14:21:17 ----SHD---- C:\WINDOWS\Installer 2009-12-27 14:21:08 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-12-27 14:18:57 ----HD---- C:\WINDOWS\inf 2009-12-14 15:46:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-11 09:36:38 ----D---- C:\Program Files\Internet Explorer 2009-12-11 07:58:13 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-11 07:57:54 ----A---- C:\WINDOWS\imsins.BAK 2009-12-11 07:56:58 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-09 14:01:53 ----SD---- C:\Documents and Settings\jackie\Application Data\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320] R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 117024] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 DOSMEMIO;MEMIO; \??\C:\WINDOWS\system32\MEMIO.SYS [] R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-10-08 1334432] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-29 879832] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-27 74688] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 DNSeFilter;DNSeFilter; C:\WINDOWS\system32\drivers\SamsungEDS.sys [2008-01-14 30208] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4753920] R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304] R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-08-28 224736] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VMC326;Vimicro Camera Service VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [2008-09-23 238464] R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-11-07 291328] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 esihdrv;esihdrv; \??\C:\DOCUME~1\jackie\LOCALS~1\Temp\esihdrv.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2008-09-15 7680] S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832] S3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SUEPD;SUE NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2006-08-01 19840] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2008-09-15 104960] S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys [2008-09-15 110080] S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2008-09-15 104960] S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2008-09-15 104960] S3 ZTEusbvoice;ZTE VoUSB Port; C:\WINDOWS\system32\DRIVERS\ZTEusbvoice.sys [2008-09-15 104960] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-17 264800] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-04 153376] R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976] R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128] R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248] R2 McShield;McAfee Real-time Scanner; C:\Program Files\McAfee\VirusScan\McShield.exe [2007-07-24 144704] R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-09-22 14336] R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc [] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-08 182768] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184] S4 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
  11. gob2
    Bonjour, Me voila bien embetter et n'ayant aps les competences recquisent pour venir a bout de l'infection de mon ordi j'en appel a votre savoir afin de me guider au mieux pour l'erradication de tout c vilains malaware. Donc je vous expose maintenant mes gros probleme. J'ai la connexion internet tres lente parfois l'ordi se bloque et n'est plus reactif, tout cela s'accompagne apparement d'un faux antivirus qui me diagnostique constament troyan et autre virus win32.hala.a ou win32 agent.ich. win32.mytob.t ect Voila je suppose que tout cela represente un risque majeur pour mon ordinateur,en plus du fait qu'il ne fonctionne plus normalement. Pour info j'ai un Nc10 sous xp bon pour avoir sillonner pas mal de forum je pense quil va falloir que je fasse un beau rapport hijackthis probleme je ne sais pas comment faire, enfin bref si quelqu'un veut bien me prendre en charge je suis sage et discipliné. Merci par avance pour votre aide.
×
×
  • Créer...