Aller au contenu

bernard69330

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    13

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par bernard69330

  1. bernard69330

    Format d'un document

    bernard69330 a répondu à un(e) sujet de bernard69330 dans Software

    Merci d'avoir répondu. Le document est au format PDF par conversion...mais je pense qu'il a été crée sous word ou powerpoint Si vous connaissez bien word et/ou Powerpoint, puis-je vous envoyer quelques pages pour avis? Merci
  2. bernard69330
    Bonjour à tous, Je suis consultant en tourisme et je rédige fréquemment des devis ainsi que des rapports. A l'occasion d'un échange avec un client, j'ai récupéré un rapport dont la forme m'a assez séduit. Le rapport en question est au format PDF. Par conséquent je ne peux pas identifier le logiciel à partir duquel il a été rédigé (word ou powerpoint, avec une intégration de tableau excel à priori) mais je ne suis pas sûr du tout). Pourrais-je envoyer un extrait du rapport en question à l'un d'entre vous afin d'avoir votre avis. Par avance, je vous remercie. Dans l'attente de vous lire, Bernard69330
  3. bernard69330
    Merci pour l'info !
  4. bernard69330
    Bonjour à tous, Très satisfait de la communauté qui m'a tiré d'affaires alors que mon PC pero était complètement bloqué, je me permets d'envoyer un nouvel appel à l'aide. J'ai un nouveau PC pro portabable parckard bell easy note MJ 65 sous windows 7 Avant qu'il ne rende l'âme, j'ai exporté les contacts outlook express de mon ancien PC sur une cle usb. Sur mon pakckard Bell, j'utilise Thnuderbird et malgré plusieurs tentatives, je n'arrivé pas à importer mes contacts Merci pour votre aide
  5. bernard69330
    Les soucis ont disparu... Un Grand Merci pour ton aide !
  6. bernard69330
    Voici le dernier rapport: Malwarebytes' Anti-Malware 1.43 Version de la base de données: 3481 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 02/01/2010 23:03:29 mbam-log-2010-01-02 (23-03-29).txt Type de recherche: Examen complet (C:\|D:\|F:\|G:\|H:\|) Eléments examinés: 277513 Temps écoulé: 1 hour(s), 31 minute(s), 15 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\oneoh.sys.vir (Rootkit.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{BB8485EF-B7D6-4DB3-B162-911818587209}\RP345\A0081175.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
  7. bernard69330
    Le scan se termine bientôt
  8. bernard69330
    Voici le rapport combofix. je fais de suite la 2ème opération ComboFix 10-01-01.01 - Eidos 02/01/2010 20:22:26.3.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2351 [GMT 1:00] Lancé depuis: c:\documents and settings\Eidos\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Eidos\Bureau\CFScript.txt AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF} FW: ZoneAlarm Security Suite Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} * Un antivirus résident est actif FILE :: "c:\documents and settings\Eidos\Menu Démarrer\Programmes\Démarrage\siszyd32.exe" "c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat" "c:\windows\system32\fjhdyfhsn.bat" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Eidos\Menu Démarrer\Programmes\Démarrage\siszyd32.exe c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat c:\windows\system32\fjhdyfhsn.bat . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-02 au 2010-01-02 )))))))))))))))))))))))))))))))))))) . 2010-01-01 16:25 . 2010-01-01 16:26 -------- d-----w- c:\program files\trend micro 2010-01-01 16:25 . 2010-01-01 16:26 -------- d-----w- C:\rsit 2009-12-31 16:40 . 2008-09-24 20:33 484352 ----a-w- c:\windows\system32\lame_enc.dll 2009-12-24 17:00 . 2009-12-24 17:00 -------- d-----w- c:\documents and settings\Eidos\Application Data\Canneverbe_Limited 2009-12-24 17:00 . 2009-12-24 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2009-12-24 17:00 . 2009-09-28 19:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-12-24 16:59 . 2009-12-24 17:00 -------- d-----w- c:\program files\CDBurnerXP 2009-12-24 13:27 . 1998-07-13 16:53 44544 ----a-w- c:\windows\system32\GIF89.DLL 2009-12-24 13:27 . 2005-02-24 12:11 1212416 ----a-w- c:\windows\system32\AudioInfos.dll 2009-12-24 13:27 . 2005-02-24 11:51 348160 ----a-w- c:\windows\system32\WMAFile.dll 2009-12-24 13:27 . 2005-03-11 17:37 1986560 ----a-w- c:\windows\system32\AudFile.dll 2009-12-24 13:27 . 1998-07-12 21:00 15360 ----a-w- c:\windows\system32\inetfr.DLL 2009-12-24 13:27 . 2003-04-18 14:29 44544 ----a-w- c:\windows\system32\msxml4a.dll 2009-12-24 13:27 . 2009-12-31 18:30 -------- d-----w- c:\program files\Free Easy Burner . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-02 19:36 . 2009-05-05 12:39 90486816 --sha-w- c:\windows\system32\drivers\fidbox.dat 2010-01-02 19:36 . 2009-07-17 05:40 -------- d-----w- c:\documents and settings\Eidos\Application Data\Skype 2010-01-02 19:36 . 2009-07-17 05:43 -------- d-----w- c:\documents and settings\Eidos\Application Data\skypePM 2010-01-02 19:30 . 2009-01-29 07:02 8206428 ----a-w- c:\windows\Internet Logs\tvDebug.zip 2010-01-02 19:29 . 2009-05-05 12:39 1064456 --sha-w- c:\windows\system32\drivers\fidbox.idx 2010-01-01 16:20 . 2008-10-23 14:54 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-12-29 08:13 . 2008-10-25 20:11 75120 ----a-w- c:\documents and settings\Eidos\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-24 18:24 . 2009-05-19 21:05 -------- d-----w- c:\documents and settings\Eidos\Application Data\dvdcss 2009-12-24 17:09 . 2009-02-26 08:23 -------- d-----w- c:\program files\Yellowstone 2009-12-24 17:05 . 2008-12-30 18:17 -------- d-----w- c:\program files\GpsPrevent 2009-12-18 10:28 . 2007-12-05 05:57 129851 ----a-w- c:\windows\system32\nvModes.dat 2009-12-10 07:06 . 2009-10-16 13:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-17 06:59 . 2009-11-17 07:02 2115072 ----a-w- c:\windows\Internet Logs\xDB6.tmp 2009-11-03 20:33 . 2009-11-03 20:31 -------- d-----w- c:\program files\iTunes 2009-11-03 20:31 . 2009-11-03 20:31 -------- d-----w- c:\program files\iPod 2009-11-03 20:31 . 2009-03-16 23:23 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-11-03 20:11 . 2009-11-03 20:11 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-10-29 07:44 . 2007-12-05 07:03 832512 ------w- c:\windows\system32\wininet.dll 2009-10-29 07:44 . 2007-12-05 07:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:44 . 2007-12-05 07:02 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:39 . 2007-12-05 07:03 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2007-12-05 07:03 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 23:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-16 07:00 . 2007-12-05 07:03 86826 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-16 07:00 . 2007-12-05 07:03 516690 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-13 10:33 . 2007-12-05 07:03 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2007-12-05 07:03 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2007-12-05 07:03 150528 ----a-w- c:\windows\system32\rastls.dll . ((((((((((((((((((((((((((((( SnapShot@2010-01-01_20.31.26 ))))))))))))))))))))))))))))))))))))))))) . + 2010-01-02 19:31 . 2010-01-02 19:31 16384 c:\windows\Temp\Perflib_Perfdata_7ac.dat + 2007-12-05 06:21 . 2010-01-02 09:24 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2007-12-05 06:21 . 2009-12-15 16:23 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2007-12-05 06:21 . 2010-01-02 09:24 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2007-12-05 06:21 . 2009-12-15 16:23 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-06-26 25604904] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336] "AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-10-23 949376] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016] "lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-12 455600] "lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480] "Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-12 308144] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-10 185872] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 13:51 177440 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-12-05 21:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] 2008-11-10 14:07 1253376 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2007-06-20 04:21 1626112 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2008-12-03 11:47 1205760 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress] 2007-01-30 19:06 2475568 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-11-23 14:10 56928 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-02-08 13:42 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2008-12-10 14:58 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"= "c:\\WINDOWS\\system32\\lxdfcoms.exe"= "c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"= "c:\\WINDOWS\\system32\\lxdfcfg.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfpswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdftime.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfjswx.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [05/12/2007 07:07 39680] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [05/12/2007 07:07 35712] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [23/10/2008 15:49 15424] R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\drivers\avwebcam.sys [06/02/2009 23:51 13696] R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service --> c:\windows\system32\lxdfcoms.exe -service [?] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008] R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [05/12/2007 07:11 9088] S2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdfserv.exe [31/07/2009 11:20 99248] S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [05/12/2007 07:11 40960] S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?] . Contenu du dossier 'Tâches planifiées' 2010-01-02 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Connection Wizard,ShellNext = hxxp://update.zonelabs.com/downloadrequest?updtConfId=1547&updtReqId=1359907152 uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll FF - ProfilePath - c:\documents and settings\Eidos\Application Data\Mozilla\Firefox\Profiles\rciroi1p.default\ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-02 20:35 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(1004) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(3132) c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\lxdfcoms.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\program files\O2Micro Oz128 Driver\o2flash.exe c:\windows\system32\HPZipm12.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\AGRSMMSG.exe c:\windows\system32\rundll32.exe c:\windows\RTHDCPL.EXE c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2010-01-02 20:42:32 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-02 19:42 ComboFix2.txt 2010-01-02 09:31 ComboFix3.txt 2010-01-01 20:34 Avant-CF: 39 785 811 968 octets libres Après-CF: 39 772 082 176 octets libres - - End Of File - - 68629F692758170D32273222F89D582C
  9. bernard69330
    Je le fais de suite
  10. bernard69330
    Bonjour, Combofix a redémarré l'ordinteur tout seul. A l'ouverture nod32 et ZoneAlarm s'activent automatiquement. Nod32 a détécté un cheval de troie "une variante de Win32/Kryptik.BCA" et l' mais en quarantaine. Zone Alarm m'affiche le message suivant : Editeur de Registre tente d'empêcher de s'executer à chaque démarrage de l'ordinateur en modifiant la clé de registre : HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN Application : regdit.exe dois-je "autoriser" ou "refusé"? Je préfère attendre ta réponse avant de télécharger et lancer le 2 ème outils Voici le premier rapport ComboFix 10-01-01.01 - Eidos 02/01/2010 10:06:36.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2473 [GMT 1:00] Lancé depuis: c:\documents and settings\Eidos\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Eidos\Bureau\CFScript.txt AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF} FW: ZoneAlarm Security Suite Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} * Un antivirus résident est actif FILE :: "c:\documents and settings\Eidos\Menu D‚marrer\Programmes\D‚marrage\" "c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat" "c:\windows\system32\drivers\oneoh.sys" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat c:\windows\system32\drivers\oneoh.sys . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ONEOH -------\Service_oneoh ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-02 au 2010-01-02 )))))))))))))))))))))))))))))))))))) . 2010-01-01 16:25 . 2010-01-01 16:26 -------- d-----w- c:\program files\trend micro 2010-01-01 16:25 . 2010-01-01 16:26 -------- d-----w- C:\rsit 2009-12-31 16:40 . 2008-09-24 20:33 484352 ----a-w- c:\windows\system32\lame_enc.dll 2009-12-24 17:00 . 2009-12-24 17:00 -------- d-----w- c:\documents and settings\Eidos\Application Data\Canneverbe_Limited 2009-12-24 17:00 . 2009-12-24 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2009-12-24 17:00 . 2009-09-28 19:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-12-24 16:59 . 2009-12-24 17:00 -------- d-----w- c:\program files\CDBurnerXP 2009-12-24 13:27 . 1998-07-13 16:53 44544 ----a-w- c:\windows\system32\GIF89.DLL 2009-12-24 13:27 . 2005-02-24 12:11 1212416 ----a-w- c:\windows\system32\AudioInfos.dll 2009-12-24 13:27 . 2005-02-24 11:51 348160 ----a-w- c:\windows\system32\WMAFile.dll 2009-12-24 13:27 . 2005-03-11 17:37 1986560 ----a-w- c:\windows\system32\AudFile.dll 2009-12-24 13:27 . 1998-07-12 21:00 15360 ----a-w- c:\windows\system32\inetfr.DLL 2009-12-24 13:27 . 2003-04-18 14:29 44544 ----a-w- c:\windows\system32\msxml4a.dll 2009-12-24 13:27 . 2009-12-31 18:30 -------- d-----w- c:\program files\Free Easy Burner . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-02 09:25 . 2009-07-17 05:40 -------- d-----w- c:\documents and settings\Eidos\Application Data\Skype 2010-01-02 09:25 . 2009-07-17 05:43 -------- d-----w- c:\documents and settings\Eidos\Application Data\skypePM 2010-01-02 09:25 . 2009-05-05 12:39 90347552 --sha-w- c:\windows\system32\drivers\fidbox.dat 2010-01-02 09:24 . 2010-01-02 09:24 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2010-01-02 09:24 . 2010-01-02 09:24 20 ----a-w- c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat 2010-01-02 09:18 . 2009-05-05 12:39 1062824 --sha-w- c:\windows\system32\drivers\fidbox.idx 2010-01-01 16:20 . 2008-10-23 14:54 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-12-29 08:13 . 2008-10-25 20:11 75120 ----a-w- c:\documents and settings\Eidos\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-24 18:24 . 2009-05-19 21:05 -------- d-----w- c:\documents and settings\Eidos\Application Data\dvdcss 2009-12-24 17:09 . 2009-02-26 08:23 -------- d-----w- c:\program files\Yellowstone 2009-12-24 17:05 . 2008-12-30 18:17 -------- d-----w- c:\program files\GpsPrevent 2009-12-18 10:28 . 2007-12-05 05:57 129851 ----a-w- c:\windows\system32\nvModes.dat 2009-12-10 07:06 . 2009-10-16 13:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-17 06:59 . 2009-11-17 07:02 2115072 ----a-w- c:\windows\Internet Logs\xDB6.tmp 2009-11-03 20:33 . 2009-11-03 20:31 -------- d-----w- c:\program files\iTunes 2009-11-03 20:31 . 2009-11-03 20:31 -------- d-----w- c:\program files\iPod 2009-11-03 20:31 . 2009-03-16 23:23 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-11-03 20:11 . 2009-11-03 20:11 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-10-29 07:44 . 2007-12-05 07:03 832512 ------w- c:\windows\system32\wininet.dll 2009-10-29 07:44 . 2007-12-05 07:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:44 . 2007-12-05 07:02 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:39 . 2007-12-05 07:03 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2007-12-05 07:03 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 23:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-16 07:00 . 2007-12-05 07:03 86826 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-16 07:00 . 2007-12-05 07:03 516690 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-13 10:33 . 2007-12-05 07:03 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2007-12-05 07:03 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2007-12-05 07:03 150528 ----a-w- c:\windows\system32\rastls.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-06-26 25604904] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336] "AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-10-23 949376] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016] "lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-12 455600] "lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480] "Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-12 308144] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-10 185872] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Eidos\Menu D‚marrer\Programmes\D‚marrage\ siszyd32.exe [2008-4-14 36352] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 13:51 177440 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-12-05 21:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] 2008-11-10 14:07 1253376 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2007-06-20 04:21 1626112 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2008-12-03 11:47 1205760 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress] 2007-01-30 19:06 2475568 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-11-23 14:10 56928 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-02-08 13:42 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2008-12-10 14:58 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"= "c:\\WINDOWS\\system32\\lxdfcoms.exe"= "c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"= "c:\\WINDOWS\\system32\\lxdfcfg.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfpswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdftime.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfjswx.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [05/12/2007 07:07 39680] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [05/12/2007 07:07 35712] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [23/10/2008 15:49 15424] R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\drivers\avwebcam.sys [06/02/2009 23:51 13696] R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service --> c:\windows\system32\lxdfcoms.exe -service [?] R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [05/12/2007 07:11 40960] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008] R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [05/12/2007 07:11 9088] S2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdfserv.exe [31/07/2009 11:20 99248] S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?] . Contenu du dossier 'Tâches planifiées' 2010-01-02 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Connection Wizard,ShellNext = hxxp://update.zonelabs.com/downloadrequest?updtConfId=1547&updtReqId=1359907152 uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll FF - ProfilePath - c:\documents and settings\Eidos\Application Data\Mozilla\Firefox\Profiles\rciroi1p.default\ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-02 10:22 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... c:\windows\system32\fjhdyfhsn.bat 116 bytes Scan terminé avec succès Fichiers cachés: 1 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(1004) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(3860) c:\progra~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll c:\windows\system32\eappprxy.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ZoneLabs\vsmon.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\lxdfcoms.exe c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\Eset\nod32krn.exe c:\windows\system32\nvsvc32.exe c:\program files\O2Micro Oz128 Driver\o2flash.exe c:\windows\system32\HPZipm12.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\AGRSMMSG.exe c:\windows\system32\rundll32.exe c:\windows\RTHDCPL.EXE c:\program files\iPod\bin\iPodService.exe c:\progra~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe c:\program files\HP\Digital Imaging\bin\hpqimzone.exe c:\windows\TEMP\~TM5A.tmp . ************************************************************************** . Heure de fin: 2010-01-02 10:31:24 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-02 09:31 ComboFix2.txt 2010-01-01 20:34 Avant-CF: 39 988 076 544 octets libres Après-CF: 39 871 782 912 octets libres - - End Of File - - 4094BD71FA9FA29F6DF1F5421BC6375A
  11. bernard69330
    Voici le rapport demandé. ComboFix 09-12-31.A1 - Eidos 01/01/2010 21:06:21.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2475 [GMT 1:00] Lancé depuis: c:\documents and settings\Eidos\Bureau\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF} FW: ZoneAlarm Security Suite Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} * Un antivirus résident est actif . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Eidos\Application Data\avdrn.dat c:\recycler\S-1-5-21-2432988260-1931002446-3130974514-500 c:\recycler\S-1-5-21-842925246-1343024091-839522115-500 . ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-01 au 2010-01-01 )))))))))))))))))))))))))))))))))))) . 2010-01-01 16:25 . 2010-01-01 16:26 -------- d-----w- c:\program files\trend micro 2010-01-01 16:25 . 2010-01-01 16:26 -------- d-----w- C:\rsit 2009-12-31 16:40 . 2008-09-24 20:33 484352 ----a-w- c:\windows\system32\lame_enc.dll 2009-12-24 17:00 . 2009-12-24 17:00 -------- d-----w- c:\documents and settings\Eidos\Application Data\Canneverbe_Limited 2009-12-24 17:00 . 2009-12-24 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2009-12-24 17:00 . 2009-09-28 19:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-12-24 16:59 . 2009-12-24 17:00 -------- d-----w- c:\program files\CDBurnerXP 2009-12-24 13:27 . 1998-07-13 16:53 44544 ----a-w- c:\windows\system32\GIF89.DLL 2009-12-24 13:27 . 2005-02-24 12:11 1212416 ----a-w- c:\windows\system32\AudioInfos.dll 2009-12-24 13:27 . 2005-02-24 11:51 348160 ----a-w- c:\windows\system32\WMAFile.dll 2009-12-24 13:27 . 2005-03-11 17:37 1986560 ----a-w- c:\windows\system32\AudFile.dll 2009-12-24 13:27 . 1998-07-12 21:00 15360 ----a-w- c:\windows\system32\inetfr.DLL 2009-12-24 13:27 . 2003-04-18 14:29 44544 ----a-w- c:\windows\system32\msxml4a.dll 2009-12-24 13:27 . 2009-12-31 18:30 -------- d-----w- c:\program files\Free Easy Burner 2009-12-15 16:25 . 2010-01-01 20:31 704512 ----a-w- c:\windows\system32\drivers\oneoh.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-01 20:31 . 2009-05-05 12:39 90058784 --sha-w- c:\windows\system32\drivers\fidbox.dat 2010-01-01 16:20 . 2008-10-23 14:54 4212 ---h--w- c:\windows\system32\zllictbl.dat 2009-12-30 23:11 . 2009-07-17 05:43 -------- d-----w- c:\documents and settings\Eidos\Application Data\skypePM 2009-12-30 23:11 . 2009-07-17 05:40 -------- d-----w- c:\documents and settings\Eidos\Application Data\Skype 2009-12-30 23:08 . 2009-05-05 12:39 1050176 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-12-29 08:13 . 2008-10-25 20:11 75120 ----a-w- c:\documents and settings\Eidos\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-24 18:24 . 2009-05-19 21:05 -------- d-----w- c:\documents and settings\Eidos\Application Data\dvdcss 2009-12-24 17:09 . 2009-02-26 08:23 -------- d-----w- c:\program files\Yellowstone 2009-12-24 17:05 . 2008-12-30 18:17 -------- d-----w- c:\program files\GpsPrevent 2009-12-18 10:28 . 2007-12-05 05:57 129851 ----a-w- c:\windows\system32\nvModes.dat 2009-12-15 16:23 . 2009-12-08 22:48 20 ----a-w- c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat 2009-12-10 07:06 . 2009-10-16 13:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-17 06:59 . 2009-11-17 07:02 2115072 ----a-w- c:\windows\Internet Logs\xDB6.tmp 2009-11-03 20:33 . 2009-11-03 20:31 -------- d-----w- c:\program files\iTunes 2009-11-03 20:31 . 2009-11-03 20:31 -------- d-----w- c:\program files\iPod 2009-11-03 20:31 . 2009-03-16 23:23 -------- d-----w- c:\program files\Fichiers communs\Apple 2009-11-03 20:11 . 2009-11-03 20:11 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-10-29 07:44 . 2007-12-05 07:03 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-29 07:44 . 2007-12-05 07:03 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:44 . 2007-12-05 07:02 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:39 . 2007-12-05 07:03 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2007-12-05 07:03 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 23:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-16 07:00 . 2007-12-05 07:03 86826 ----a-w- c:\windows\system32\perfc00C.dat 2009-10-16 07:00 . 2007-12-05 07:03 516690 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-13 10:33 . 2007-12-05 07:03 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2007-12-05 07:03 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2007-12-05 07:03 150528 ----a-w- c:\windows\system32\rastls.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-06-26 25604904] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-11-13 247144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-20 8462336] "AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-10-19 180224] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "RTHDCPL"="RTHDCPL.EXE" [2007-10-16 16855552] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-10-23 949376] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016] "lxdfmon.exe"="c:\program files\Lexmark 6500 Series\lxdfmon.exe" [2007-06-12 455600] "lxdfamon"="c:\program files\Lexmark 6500 Series\lxdfamon.exe" [2007-06-01 20480] "Lexmark 6500 Series Fax Server"="c:\program files\Lexmark 6500 Series\fm3032.exe" [2007-06-12 308144] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-10 185872] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Eidos\Menu D‚marrer\Programmes\D‚marrage\ siszyd32.exe [2008-4-14 36352] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2009-08-13 13:51 177440 ----a-w- c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-10-28 19:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-12-05 21:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] 2008-11-10 14:07 1253376 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2007-06-20 04:21 1626112 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2008-12-03 11:47 1205760 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress] 2007-01-30 19:06 2475568 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2006-11-23 14:10 56928 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-02-08 13:42 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2008-12-10 14:58 185872 ----a-w- c:\program files\Fichiers communs\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"= "c:\\WINDOWS\\system32\\lxdfcoms.exe"= "c:\\Program Files\\Lexmark 6500 Series\\lxdfmon.exe"= "c:\\WINDOWS\\system32\\lxdfcfg.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfpswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdftime.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdfjswx.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Lexmark 6500 Series\\LXDFFax.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [05/12/2007 07:07 39680] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [05/12/2007 07:07 35712] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [23/10/2008 15:49 15424] R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\drivers\avwebcam.sys [06/02/2009 23:51 13696] R2 lxdf_device;lxdf_device;c:\windows\system32\lxdfcoms.exe -service --> c:\windows\system32\lxdfcoms.exe -service [?] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008] R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [05/12/2007 07:11 9088] S2 lxdfCATSCustConnectService;lxdfCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdfserv.exe [31/07/2009 11:20 99248] S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [05/12/2007 07:11 40960] S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?] --- Autres Services/Pilotes en mémoire --- *Deregistered* - oneoh . Contenu du dossier 'Tâches planifiées' 2009-12-30 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ uInternet Connection Wizard,ShellNext = hxxp://update.zonelabs.com/downloadrequest?updtConfId=1547&updtReqId=1359907152 uInternet Settings,ProxyOverride = *.local IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll FF - ProfilePath - c:\documents and settings\Eidos\Application Data\Mozilla\Firefox\Profiles\rciroi1p.default\ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-Cld2000 - c:\program files\Calendrier\Cld2000.exe MSConfigStartUp-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-01 21:31 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\oneoh] . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(1012) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll . Heure de fin: 2010-01-01 21:34:48 ComboFix-quarantined-files.txt 2010-01-01 20:34 Avant-CF: 39 172 345 856 octets libres Après-CF: 40 012 066 816 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 45A3EAA5DB643F0E19B8C8A23AE1D091 Le problème semble avoir disparu!
  12. bernard69330
    Bonjour Gof, Bonne année 2010 et merci pour ton aide! Voici les 2 rapports demandés : Log.txt: Logfile of random's system information tool 1.06 (written by random/random) Run by Eidos at 2010-01-01 17:25:12 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 35 GB (38%) free of 92 GB Total RAM: 3071 MB (72% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:26:33, on 01/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\lxdfcoms.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\System Control Manager\edd.exe C:\Program Files\Lexmark 6500 Series\lxdfmon.exe C:\Program Files\Lexmark 6500 Series\lxdfamon.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\O2Micro Oz128 Driver\o2flash.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Documents and Settings\Eidos\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\Eidos.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.zonelabs.com/downloadrequest...eqId=1359907152 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [lxdfmon.exe] "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe" O4 - HKLM\..\Run: [lxdfamon] "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe" O4 - HKLM\..\Run: [Lexmark 6500 Series Fax Server] "C:\Program Files\Lexmark 6500 Series\fm3032.exe" /s O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: siszyd32.exe O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: START_PAGE_URL=http://www.msi.com.tw O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1224774296578 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxdfCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe O23 - Service: lxdf_device - - C:\WINDOWS\system32\lxdfcoms.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 9561 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\OGALogon.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-08 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-08 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-08 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-20 8462336] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-06-29 89541] "MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2007-10-19 180224] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-16 16855552] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-10-23 949376] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] "lxdfmon.exe"=C:\Program Files\Lexmark 6500 Series\lxdfmon.exe [2007-06-12 455600] "lxdfamon"=C:\Program Files\Lexmark 6500 Series\lxdfamon.exe [2007-06-01 20480] "Lexmark 6500 Series Fax Server"=C:\Program Files\Lexmark 6500 Series\fm3032.exe [2007-06-12 308144] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792] "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-12-10 185872] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cld2000.exe] C:\Program Files\Calendrier\Cld2000.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe [2008-11-10 1253376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress] C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-01-30 2475568] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-08 136600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-12-10 185872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\Eidos\Menu Démarrer\Programmes\Démarrage siszyd32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service" "C:\WINDOWS\system32\lxdfcoms.exe"="C:\WINDOWS\system32\lxdfcoms.exe:*:Enabled:6500 Series Server" "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"="C:\Program Files\Lexmark 6500 Series\lxdfmon.exe:*:Enabled:Printer Device Monitor" "C:\WINDOWS\system32\lxdfcfg.exe"="C:\WINDOWS\system32\lxdfcfg.exe:*:Enabled:Printer Communication System" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfpswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfpswx.exe:*:Enabled:Printer Status Window Interface" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdftime.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdftime.exe:*:Enabled:Lexmark Connect Time Executable" "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfjswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfjswx.exe:*:Enabled:Job Status Window Interface" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\Lexmark 6500 Series\LXDFFax.exe"="C:\Program Files\Lexmark 6500 Series\LXDFFax.exe:*:Enabled:Fax Solutions Software" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{564d5d84-eb0a-11dd-a945-002185550348}] shell\AutoRun\command - F:\InstallTomTomHOME.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6f03e39-1606-11de-977d-002185550348}] shell\AutoRun\command - F:\NokiaPCIA_Autorun.exe ======List of files/folders created in the last 1 months====== 2010-01-01 17:25:14 ----D---- C:\Program Files\trend micro 2010-01-01 17:25:12 ----D---- C:\rsit 2009-12-31 17:40:08 ----A---- C:\WINDOWS\system32\lame_enc.dll 2009-12-24 18:00:53 ----D---- C:\Documents and Settings\Eidos\Application Data\Canneverbe_Limited 2009-12-24 18:00:49 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited 2009-12-24 17:59:53 ----D---- C:\Program Files\CDBurnerXP 2009-12-24 14:27:46 ----A---- C:\WINDOWS\system32\GIF89.DLL 2009-12-24 14:27:19 ----A---- C:\WINDOWS\system32\WMAFile.dll 2009-12-24 14:27:19 ----A---- C:\WINDOWS\system32\AudioInfos.dll 2009-12-24 14:27:18 ----A---- C:\WINDOWS\system32\inetfr.DLL 2009-12-24 14:27:18 ----A---- C:\WINDOWS\system32\AudFile.dll 2009-12-24 14:27:15 ----A---- C:\WINDOWS\system32\msxml4a.dll 2009-12-24 14:27:13 ----D---- C:\Program Files\Free Easy Burner 2009-12-10 08:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-10 08:06:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-10 08:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-10 08:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-10 08:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ ======List of files/folders modified in the last 1 months====== 2010-01-01 17:26:33 ----D---- C:\WINDOWS\Prefetch 2010-01-01 17:26:17 ----D---- C:\WINDOWS\Temp 2010-01-01 17:25:15 ----D---- C:\WINDOWS\Internet Logs 2010-01-01 17:25:14 ----RD---- C:\Program Files 2009-12-31 17:42:18 ----D---- C:\Program Files\Mozilla Firefox 2009-12-31 17:40:10 ----D---- C:\WINDOWS\system32 2009-12-31 17:39:55 ----D---- C:\WINDOWS\system32\CatRoot 2009-12-31 17:39:52 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-31 00:11:46 ----D---- C:\Documents and Settings\Eidos\Application Data\skypePM 2009-12-31 00:11:46 ----D---- C:\Documents and Settings\Eidos\Application Data\Skype 2009-12-31 00:11:16 ----D---- C:\WINDOWS 2009-12-31 00:08:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-12-30 23:46:58 ----D---- C:\WINDOWS\system32\ZoneLabs 2009-12-24 19:24:52 ----D---- C:\Documents and Settings\Eidos\Application Data\dvdcss 2009-12-24 18:11:52 ----D---- C:\Games 2009-12-24 18:09:43 ----SHD---- C:\WINDOWS\Installer 2009-12-24 18:09:26 ----D---- C:\Program Files\Yellowstone 2009-12-24 18:05:12 ----D---- C:\Program Files\GpsPrevent 2009-12-24 18:00:02 ----D---- C:\WINDOWS\system32\drivers 2009-12-24 10:17:35 ----SD---- C:\Documents and Settings\Eidos\Application Data\Microsoft 2009-12-18 10:13:28 ----HD---- C:\WINDOWS\inf 2009-12-15 17:25:25 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-12-11 08:14:07 ----D---- C:\Program Files\Internet Explorer 2009-12-11 08:08:41 ----D---- C:\WINDOWS\system32\fr-fr 2009-12-11 08:08:20 ----D---- C:\WINDOWS\ie7updates 2009-12-10 08:07:11 ----A---- C:\WINDOWS\imsins.BAK 2009-12-10 08:06:21 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2009-12-10 08:04:54 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-10 08:04:45 ----RSD---- C:\WINDOWS\assembly ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-10-23 15424] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032] R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-10-23 512096] R2 AVWEBCAM;AV WebCam, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\avwebcam.sys [2008-01-11 13696] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-06-29 1160320] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-16 4615168] R3 MGHwCtrl;MGHwCtrl; \??\C:\WINDOWS\system32\drivers\MGHwCtrl.sys [] R3 NETw4x32;Pilote de carte Intel® Wireless WiFi Link pour Windows XP 32 bits; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-20 2208512] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-20 6804416] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-04-05 546112] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016] S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064] S3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-08 152984] R2 lxdf_device;lxdf_device; C:\WINDOWS\system32\lxdfcoms.exe [2007-05-29 598960] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096] R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-10-23 552064] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-20 155716] R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-11-28 272024] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568] S2 lxdfCATSCustConnectService;lxdfCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe [2007-05-29 99248] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt : info.txt logfile of random's system information tool 1.06 2010-01-01 17:26:40 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002} Agere Systems HDA Modem-->agrsmdel Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" DVD Solution-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall Free Easy Burner V 3.9-->"C:\Program Files\Free Easy Burner\unins000.exe" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Lexmark 6500 Series-->C:\Program Files\Lexmark 6500 Series\Install\x86\Uninst.exe Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NOD32 Antivirus System-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe" Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625} Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_fre.exe Nokia PC Suite-->MsiExec.exe /I{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870} OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf Package de pilotes Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf Package de pilotes Windows - Nokia Modem (10/27/2008 3.9)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_79486EC6AA0D1732FB17E5167077C07ECAE1B870\nokia_bluetooth.inf Package de pilotes Windows - Nokia Modem (10/27/2008 7.01.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_247189AEBF39EB69A7C75429610DFED2F2EDC1B6\nokbtmdm.inf Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD} PDFCreator-->C:\Program Files\PDFCreator\unins000.exe PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed Power2Go 5.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall PowerDirector Express-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD} RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x040c -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08} Sauvegarde des Dossiers personnels Microsoft Outlook-->MsiExec.exe /X{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5} Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype web features-->MsiExec.exe /I{F1362843-0E0E-4F74-8662-724CF101ADCE} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} SplitCam-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00718491-55BF-46C6-83EF-4B3B95AC807A}\setup.exe" -l0x9 -removeonly System Control Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe" -l0x9 -removeonly TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0} VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE} VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Driver Package - Atheros (AR5211) Net (04/05/2007 5.3.0.35)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\net5211_83E4E86F1350732D629D737DAECF97C35FD29B0F\net5211.inf Windows Driver Package - Bluetooth Dongle Maker Bluetooth (10/17/2002 5.1.2535.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\btdongle_C611B404EDF86A7B57EE0533F4910CD4A2F70D93\btdongle.inf Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->C:\Program Files\WinRAR 3.61 Multi\Uninstall.exe ZoneAlarm Security Suite-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Security center information====== AV: ZoneAlarm Security Suite Antivirus (disabled) (outdated) AV: ESET NOD32 antivirus system 2.70 FW: ZoneAlarm Security Suite Firewall ======System event log====== Computer Name: B Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{05E9C881-BF61-4D48-9265-F6365AA7C44A} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 22840 Source Name: Tcpip Time Written: 20091118134729.000000+060 Event Type: Informations User: Computer Name: B Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{05E9C881-BF61-4D48-9265-F6365AA7C44A} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 22839 Source Name: Tcpip Time Written: 20091118134618.000000+060 Event Type: Informations User: Computer Name: B Event Code: 8033 Message: L'explorateur a forcé une élection sur le réseau \Device\NetBT_Tcpip_{05E9C881-BF61-4D48-9265-F6365AA7C44A} car un maître explorateur a été arrêté. Record Number: 22838 Source Name: BROWSER Time Written: 20091118134618.000000+060 Event Type: Informations User: Computer Name: B Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{05E9C881-BF61-4D48-9265-F6365AA7C44A} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 22837 Source Name: Tcpip Time Written: 20091118134554.000000+060 Event Type: Informations User: Computer Name: B Event Code: 7036 Message: Le service Service de l’iPod est entré dans l'état : en cours d'exécution. Record Number: 22836 Source Name: Service Control Manager Time Written: 20091118134451.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: B Event Code: 30 Message: Le magasin C:\Documents and Settings\Eidos\Local Settings\Application Data\Microsoft\Outlook\Outlook1.pst est réconcilié avec l'indexeur pour la raison suivante : The store was last opened on a different machine. Record Number: 5 Source Name: Outlook Time Written: 20091118134746.000000+060 Event Type: Informations User: Computer Name: B Event Code: 0 Message: Record Number: 4 Source Name: iPod Service Time Written: 20091118134451.000000+060 Event Type: Informations User: Computer Name: B Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 3 Source Name: SecurityCenter Time Written: 20091118134412.000000+060 Event Type: Informations User: Computer Name: B Event Code: 0 Message: Record Number: 2 Source Name: RichVideo Time Written: 20091118134409.000000+060 Event Type: Informations User: Computer Name: B Event Code: 1 Message: Record Number: 1 Source Name: Bonjour Service Time Written: 20091118134404.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "tvdumpflags"=8 "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  13. bernard69330
    Bonjour à tous, ma config: PC portable MSI EX 600, windows XP Pro, Nod 32 comme antivirus et zone alarm pour le reste (l'antivirus n'est pas activé sur zone alarm). Voici mon souci: depuis 18h, le message suivant s'affiche dans le coin inférieur droit de mon écran : Alerte Zone Alarm security Protection mailsafe en sortie Applications Services controleur a violé les règles de messages sortants. Souhaitez-vous l'envoi de ce message : application : servies.exe violation : plus de 5 message en 2 secondes destination : l'adresse mail change à chaque fois. Je clique sur "refusé" mais le même message apparait avec une nouvelle adresse mail... J'ai fait un scan complet par Nod 32 qui a trouvé un cheval de troie qu'il a supprimé. Le problème persiste. Pour l'instant, je ne constate pas d'autre anomalie (lenteur, ...) Merci pour votre aide.
×
×
  • Créer...