Aller au contenu

Massa

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    32

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Massa

  1. Massa
    Voici le dernier rapport... ComboFix 10-03-04.01 - Marie-pierre 04/03/2010 22:03:35.3.1 - FAT32x86 Lancé depuis: c:\documents and settings\Marie-pierre\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Marie-pierre\Bureau\CFscript.txt FILE :: "c:\windows\Tasks\At1.job" "c:\windows\Tasks\At10.job" "c:\windows\Tasks\At11.job" "c:\windows\Tasks\At12.job" "c:\windows\Tasks\At13.job" "c:\windows\Tasks\At14.job" "c:\windows\Tasks\At15.job" "c:\windows\Tasks\At16.job" "c:\windows\Tasks\At17.job" "c:\windows\Tasks\At18.job" "c:\windows\Tasks\At19.job" "c:\windows\Tasks\At2.job" "c:\windows\Tasks\At20.job" "c:\windows\Tasks\At21.job" "c:\windows\Tasks\At22.job" "c:\windows\Tasks\At23.job" "c:\windows\Tasks\At24.job" "c:\windows\Tasks\At3.job" "c:\windows\Tasks\At4.job" "c:\windows\Tasks\At5.job" "c:\windows\Tasks\At6.job" "c:\windows\Tasks\At7.job" "c:\windows\Tasks\At8.job" "c:\windows\Tasks\At9.job" . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Marie-pierre\rthdcpl.exe c:\documents and settings\Marie-pierre\skytel.exe c:\program files\Internet Explorer\js.mui c:\program files\Internet Explorer\wmpscfgs.exe c:\windows\system32\ctfmon .exe c:\windows\Tasks\At1.job c:\windows\Tasks\At10.job c:\windows\Tasks\At11.job c:\windows\Tasks\At12.job c:\windows\Tasks\At13.job c:\windows\Tasks\At14.job c:\windows\Tasks\At15.job c:\windows\Tasks\At16.job c:\windows\Tasks\At17.job c:\windows\Tasks\At18.job c:\windows\Tasks\At19.job c:\windows\Tasks\At2.job c:\windows\Tasks\At20.job c:\windows\Tasks\At21.job c:\windows\Tasks\At22.job c:\windows\Tasks\At23.job c:\windows\Tasks\At24.job c:\windows\Tasks\At3.job c:\windows\Tasks\At4.job c:\windows\Tasks\At5.job c:\windows\Tasks\At6.job c:\windows\Tasks\At7.job c:\windows\Tasks\At8.job c:\windows\Tasks\At9.job . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TPZDJYYQ -------\Service_tpzdjyyq ((((((((((((((((((((((((((((( Fichiers créés du 2010-02-04 au 2010-03-04 )))))))))))))))))))))))))))))))))))) . 2010-02-28 10:34 . 2010-02-28 10:34 -------- d-----w- C:\FOUND.009 2010-02-28 04:37 . 2010-03-04 21:35 792064 ----a-w- c:\windows\system32\drivers\tpzdjyyq.sys 2010-02-28 03:49 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-27 18:20 . 2010-02-27 18:20 -------- d-----w- C:\rsit 2010-02-27 18:11 . 2010-02-27 18:11 -------- d-----w- C:\FOUND.008 2010-02-27 17:31 . 2010-02-27 17:31 -------- d-----w- C:\FOUND.007 2010-02-27 17:08 . 2010-02-27 17:08 -------- d-----w- C:\FOUND.006 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\documents and settings\Marie-pierre\Application Data\Malwarebytes 2010-02-27 16:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-27 16:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-27 15:41 . 2010-02-27 15:41 -------- d-----w- C:\FOUND.005 2010-02-27 15:01 . 2010-02-27 15:01 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-02-27 13:26 . 2010-02-27 13:26 -------- d-----w- C:\FOUND.004 2010-02-27 10:26 . 2010-02-27 10:26 -------- d-----w- C:\FOUND.003 2010-02-23 22:01 . 2010-02-23 22:01 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\system32\fr 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\system32\bits 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\l2schemas 2010-02-23 20:58 . 2010-02-23 20:58 -------- d-----w- c:\windows\EHome 2010-02-23 19:50 . 2010-02-18 21:53 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-02-22 20:53 . 2010-02-22 20:54 -------- d-----w- c:\windows\BDOSCAN8 2010-02-22 20:50 . 2010-02-22 20:50 -------- d-sh--w- c:\documents and settings\Marie-pierre\PrivacIE 2010-02-22 20:46 . 2010-02-22 20:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-02-22 20:42 . 2010-02-22 20:42 -------- d-sh--w- c:\documents and settings\Marie-pierre\IETldCache 2010-02-22 20:37 . 2009-12-11 08:38 69120 ------w- c:\windows\system32\dllcache\iecompat.dll 2010-02-22 20:37 . 2010-02-22 20:37 -------- d-----w- c:\windows\ie8updates 2010-02-22 20:36 . 2009-12-21 19:06 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2010-02-22 20:36 . 2009-12-21 19:06 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2010-02-22 20:36 . 2009-12-21 19:07 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2010-02-22 20:36 . 2009-12-21 19:06 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-02-22 20:36 . 2009-12-21 19:06 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2010-02-22 20:36 . 2009-12-21 19:06 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll 2010-02-22 20:34 . 2010-02-22 20:34 -------- d--h--w- c:\windows\ie8 2010-02-22 20:34 . 2010-02-22 20:34 -------- d-----w- c:\windows\system32\fr-FR 2010-02-22 18:47 . 2010-02-22 18:47 -------- d-----w- C:\FOUND.002 2010-02-21 22:20 . 2010-02-22 19:39 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-02-21 14:58 . 2010-02-21 14:58 -------- d-----w- C:\FOUND.001 2010-02-21 02:03 . 2010-02-21 02:03 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-02-21 01:42 . 2010-02-21 01:42 -------- d-----w- c:\program files\CCleaner 2010-02-21 01:31 . 2010-02-21 01:31 -------- d-----w- C:\FOUND.000 2010-02-21 01:18 . 2010-02-21 01:18 -------- d-----w- c:\program files\ESET 2010-02-20 22:57 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-02-20 22:57 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-02-20 22:57 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-02-20 22:57 . 2010-02-20 22:57 -------- d-----w- c:\program files\Avira 2010-02-20 22:57 . 2010-02-20 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-02-20 09:49 . 2010-02-05 09:03 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-02-18 21:54 . 2010-02-05 09:03 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-02-18 21:49 . 2010-02-18 21:49 -------- d--h--w- c:\documents and settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B} 2010-02-18 21:49 . 2010-02-18 21:49 -------- d-----w- c:\program files\Lavasoft 2010-02-18 21:49 . 2010-02-18 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-02-18 21:39 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-02-18 17:45 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-02-18 17:45 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-02-18 17:45 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-02-18 17:45 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-02-18 17:45 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-02-18 17:45 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-02-18 17:45 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-02-18 17:44 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-02-18 17:44 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-02-18 17:44 . 2010-02-18 17:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-15 19:03 . 2010-02-15 19:03 -------- d-----r- c:\documents and settings\NetworkService\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-04 21:38 . 2010-03-04 21:37 55296 ----a-w- c:\documents and settings\Marie-pierre\skytel.exe 2010-03-04 21:38 . 2010-03-04 21:37 55296 ----a-w- c:\documents and settings\Marie-pierre\rthdcpl.exe 2010-03-04 20:35 . 2004-08-05 04:00 17920 ----a-w- c:\windows\system32\tftp.exe 2010-02-28 04:34 . 2010-02-28 04:34 16 ----a-w- c:\documents and settings\LocalService\Application Data\pdytbs.dat 2010-02-27 13:02 . 2006-05-23 15:54 86612 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-27 13:02 . 2006-05-23 15:54 512410 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-27 12:59 . 2010-02-27 12:59 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\pdytbs.dat 2010-02-24 20:51 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3a78.tmp 2010-02-24 20:50 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3ab7.tmp 2010-02-24 17:56 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3a59.tmp 2010-02-23 21:09 . 2006-05-23 15:29 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-23 19:51 . 2010-02-18 21:53 884176 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe 2010-02-23 19:50 . 2010-02-23 19:50 94712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll 2010-02-23 19:50 . 2010-02-18 21:53 150888 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe 2010-02-23 19:50 . 2010-02-23 19:50 961984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll 2010-02-23 19:50 . 2010-02-18 21:53 835312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe 2010-02-23 19:50 . 2010-02-18 21:53 842992 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe 2010-02-23 19:50 . 2010-02-18 21:53 1593320 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe 2010-02-23 19:50 . 2010-02-18 21:53 735008 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe 2010-02-23 19:50 . 2010-02-18 21:53 815184 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe 2010-02-23 19:50 . 2010-02-18 21:53 1229232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe 2010-02-22 20:45 . 2006-12-01 19:16 91952 ----a-w- c:\documents and settings\Marie-pierre\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-20 09:08 . 2007-03-10 21:21 110592 ----a-w- c:\documents and settings\Marie-pierre\Application Data\U3\temp\cleanup.exe 2010-02-20 09:08 . 2009-08-21 14:37 1962232 ----a-w- c:\documents and settings\Marie-pierre\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2010-02-20 08:35 . 2010-02-18 21:49 3802016 ----a-w- c:\documents and settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe 2010-02-20 08:35 . 2008-10-01 18:26 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.0.1.11\SetupAdmin.exe 2010-02-20 08:35 . 2008-07-04 12:35 54632 ----a-w- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DifXInstall32.exe 2010-02-20 08:35 . 2007-05-17 17:31 21489968 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre_web[1].exe 2010-02-20 08:35 . 2007-05-17 17:30 8704 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe 2010-02-20 08:35 . 2007-05-17 17:30 15872 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2010-02-20 08:35 . 2007-05-17 17:30 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe 2010-02-18 21:53 . 2010-02-18 21:53 95024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys 2010-02-18 21:53 . 2010-02-18 21:53 598368 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\EmailScanner.dll 2010-02-18 21:53 . 2010-02-18 21:53 566608 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll 2010-02-18 21:53 . 2010-02-18 21:53 562272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll 2010-02-18 21:53 . 2010-02-18 21:53 1230160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll 2010-02-18 21:53 . 2010-02-18 21:53 247120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll 2009-12-31 16:50 . 2004-08-05 04:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:07 . 2006-01-09 19:02 916480 ------w- c:\windows\system32\wininet.dll 2009-12-17 07:41 . 2004-08-05 04:00 347648 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09 . 2004-08-05 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 10:09 . 2004-08-05 04:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:08 . 2004-08-05 04:00 2025984 ------w- c:\windows\system32\ntkrnlpa.exe . <pre> c:\program files\Avira\AntiVir Desktop\avgnt .exe c:\program files\Acer\Acer Arcade\pcmservice .exe c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntimui .exe c:\program files\Launch Manager\lmanager .exe c:\program files\HP\Digital Imaging\bin\hpqsrmon .exe c:\program files\HP\HP Software Update\hpwuschd2 .exe c:\program files\Java\jre1.5.0_03\bin\jusched .exe c:\program files\SuperCopier2\supercopier2 .exe c:\program files\iTunes\ituneshelper .exe c:\windows\system32\IME\TINTLGNT\tintsetp .exe c:\windows\ime\imjp8_1\imjpmig .exe </pre> ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2010-03-04 55296] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2010-03-04 55296] "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2010-03-04 55296] "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2010-03-04 55296] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2010-03-04 55296] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2010-03-04 55296] "RTHDCPL"="RTHDCPL.EXE" [N/A] "SkyTel"="SkyTel.EXE" [N/A] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2010-03-04 55296] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2010-03-04 55296] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-04 55296] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_03\bin\jusched.exe" [2010-03-04 55296] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-04 55296] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2010-03-04 55296] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-04 55296] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\System32\\dpvsetup.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqpsapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqpse.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqgpc01.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 aswFsBlk;aswFsBlk;aswFsBlk.sys [x] R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [x] R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [x] R3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2010-02-20 705376] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-05 64288] S1 aswSP;aswSP; [x] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-23 1229232] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - UBHELPER *Deregistered* - mchInjDrv [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contenu du dossier 'Tâches planifiées' 2010-03-04 c:\windows\Tasks\At1.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At2.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At3.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At4.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At5.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At6.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At7.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At8.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At9.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At10.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At11.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At12.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At13.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At14.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At15.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At16.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At17.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At18.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At19.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At20.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At21.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At22.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At23.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\At24.job - c:\program files\internet explorer\wmpscfgs.exe [2010-03-04 21:38] 2010-03-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-18 19:50] 2009-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?c21d5a10bc914a7e9314dc6980c18ff2 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?c21d5a10bc914a7e9314dc6980c18ff2 TCP: {AC661682-0D11-4141-81A3-0BA777EB820F} = 192.168.1.1 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-04 22:39 Windows 5.1.2600 Service Pack 3 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mchInjDrv] "ImagePath"="\??\c:\docume~1\MARIE-~1\LOCALS~1\Temp\mc21.tmp" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(628) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(184) c:\program files\SuperCopier2\SC2Hook.dll c:\acer\Empowering Technology\ePower\SysHook.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\acer\Empowering Technology\ePerformance\MemCheck.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\HP\Digital Imaging\bin\hpqtra08.exe c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe . ************************************************************************** . Heure de fin: 2010-03-04 23:55:43 - La machine a redémarré ComboFix-quarantined-files.txt 2010-03-04 22:54 ComboFix2.txt 2010-02-28 13:46 ComboFix3.txt 2010-02-28 04:49 Avant-CF: 26 393 509 888 octets libres Après-CF: 26 723 352 576 octets libres - - End Of File - - 9EA6922816BE0FCCFB8E3487A53C67A4
  2. Massa
    Salut Falfkra, J'étais en déplacement et n'ai pu faire les dernières actions Désolé. Peux-tu me refaire la procédure ? Par avance, merci.
  3. Massa
    Voici le dernier rapport. Bonne lecture ! ComboFix 10-02-27.04 - Marie-pierre 28/02/2010 13:14:14.2.1 - FAT32x86 Lancé depuis: c:\documents and settings\Marie-pierre\Bureau\ComboFix.exe Commutateurs utilisés :: c:\documents and settings\Marie-pierre\Bureau\CFscript.txt FILE :: "c:\windows\Tasks\At1153.job" "c:\windows\Tasks\At1154.job" "c:\windows\Tasks\At1155.job" "c:\windows\Tasks\At1156.job" "c:\windows\Tasks\At1157.job" "c:\windows\Tasks\At1158.job" "c:\windows\Tasks\At1159.job" "c:\windows\Tasks\At1160.job" "c:\windows\Tasks\At1161.job" "c:\windows\Tasks\At1162.job" "c:\windows\Tasks\At1163.job" "c:\windows\Tasks\At1164.job" "c:\windows\Tasks\At1165.job" "c:\windows\Tasks\At1166.job" "c:\windows\Tasks\At1167.job" "c:\windows\Tasks\At1168.job" "c:\windows\Tasks\At1169.job" "c:\windows\Tasks\At1170.job" "c:\windows\Tasks\At1171.job" "c:\windows\Tasks\At1172.job" "c:\windows\Tasks\At1173.job" "c:\windows\Tasks\At1174.job" "c:\windows\Tasks\At1175.job" "c:\windows\Tasks\At1176.job" file zipped: c:\program files\Internet Explorer\wmpscfgs.exe file zipped: c:\windows\system32\fjhdyfhsn.bat file zipped: c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DifXInstall32.exe . Les fichiers ci-dessous ont été désactivés pendant l'exécution: c:\program files\supercopier2\SC2Hook.dll (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Marie-pierre\rthdcpl .exe c:\documents and settings\Marie-pierre\rthdcpl.exe c:\documents and settings\Marie-pierre\skytel .exe c:\documents and settings\Marie-pierre\skytel.exe c:\program files\Internet Explorer\js.mui c:\program files\internet explorer\wmpscfgs.exe c:\windows\system32\ctfmon .exe c:\windows\system32\fjhdyfhsn.bat c:\windows\system32\tftp.exe . . . est infecté!! . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_TLLTRAQ -------\Legacy_UCMVM -------\Service_tlltraq -------\Service_ucmvm ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-28 au 2010-02-28 )))))))))))))))))))))))))))))))))))) . 2010-02-28 10:34 . 2010-02-28 10:34 -------- d-----w- C:\FOUND.009 2010-02-28 03:49 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-27 18:20 . 2010-02-27 18:20 -------- d-----w- C:\rsit 2010-02-27 18:11 . 2010-02-27 18:11 -------- d-----w- C:\FOUND.008 2010-02-27 17:31 . 2010-02-27 17:31 -------- d-----w- C:\FOUND.007 2010-02-27 17:08 . 2010-02-27 17:08 -------- d-----w- C:\FOUND.006 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\documents and settings\Marie-pierre\Application Data\Malwarebytes 2010-02-27 16:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-27 16:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-27 15:41 . 2010-02-27 15:41 -------- d-----w- C:\FOUND.005 2010-02-27 15:01 . 2010-02-27 15:01 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-02-27 13:26 . 2010-02-27 13:26 -------- d-----w- C:\FOUND.004 2010-02-27 13:12 . 2010-02-27 13:12 -------- d-----w- c:\program files\Dr. Guard 2010-02-27 10:26 . 2010-02-27 10:26 -------- d-----w- C:\FOUND.003 2010-02-23 22:01 . 2010-02-23 22:01 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\system32\fr 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\system32\bits 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\l2schemas 2010-02-23 20:58 . 2010-02-23 20:58 -------- d-----w- c:\windows\EHome 2010-02-23 19:50 . 2010-02-18 21:53 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-02-22 20:53 . 2010-02-22 20:54 -------- d-----w- c:\windows\BDOSCAN8 2010-02-22 20:50 . 2010-02-22 20:50 -------- d-sh--w- c:\documents and settings\Marie-pierre\PrivacIE 2010-02-22 20:46 . 2010-02-22 20:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-02-22 20:42 . 2010-02-22 20:42 -------- d-sh--w- c:\documents and settings\Marie-pierre\IETldCache 2010-02-22 20:37 . 2009-12-11 08:38 69120 ------w- c:\windows\system32\dllcache\iecompat.dll 2010-02-22 20:37 . 2010-02-22 20:37 -------- d-----w- c:\windows\ie8updates 2010-02-22 20:36 . 2009-12-21 19:06 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2010-02-22 20:36 . 2009-12-21 19:06 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2010-02-22 20:36 . 2009-12-21 19:07 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2010-02-22 20:36 . 2009-12-21 19:06 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-02-22 20:36 . 2009-12-21 19:06 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2010-02-22 20:36 . 2009-12-21 19:06 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll 2010-02-22 20:34 . 2010-02-22 20:34 -------- d--h--w- c:\windows\ie8 2010-02-22 20:34 . 2010-02-22 20:34 -------- d-----w- c:\windows\system32\fr-FR 2010-02-22 18:47 . 2010-02-22 18:47 -------- d-----w- C:\FOUND.002 2010-02-21 22:20 . 2010-02-22 19:39 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-02-21 14:58 . 2010-02-21 14:58 -------- d-----w- C:\FOUND.001 2010-02-21 02:03 . 2010-02-21 02:03 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-02-21 01:42 . 2010-02-21 01:42 -------- d-----w- c:\program files\CCleaner 2010-02-21 01:31 . 2010-02-21 01:31 -------- d-----w- C:\FOUND.000 2010-02-21 01:18 . 2010-02-21 01:18 -------- d-----w- c:\program files\ESET 2010-02-20 22:57 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-02-20 22:57 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-02-20 22:57 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-02-20 22:57 . 2010-02-20 22:57 -------- d-----w- c:\program files\Avira 2010-02-20 22:57 . 2010-02-20 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-02-20 09:49 . 2010-02-05 09:03 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-02-18 21:54 . 2010-02-05 09:03 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-02-18 21:49 . 2010-02-18 21:49 -------- d--h--w- c:\documents and settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B} 2010-02-18 21:49 . 2010-02-18 21:49 -------- d-----w- c:\program files\Lavasoft 2010-02-18 21:49 . 2010-02-18 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-02-18 21:39 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-02-18 17:45 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-02-18 17:45 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-02-18 17:45 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-02-18 17:45 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-02-18 17:45 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-02-18 17:45 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-02-18 17:45 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-02-18 17:44 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-02-18 17:44 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-02-18 17:44 . 2010-02-18 17:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-15 19:03 . 2010-02-15 19:03 -------- d-----r- c:\documents and settings\NetworkService\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-28 13:19 . 2010-02-28 13:19 55296 ----a-w- c:\documents and settings\Marie-pierre\skytel.exe 2010-02-28 13:19 . 2010-02-28 13:19 55296 ----a-w- c:\documents and settings\Marie-pierre\rthdcpl.exe 2010-02-28 04:34 . 2010-02-28 04:34 16 ----a-w- c:\documents and settings\LocalService\Application Data\pdytbs.dat 2010-02-27 13:02 . 2006-05-23 15:54 86612 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-27 13:02 . 2006-05-23 15:54 512410 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-27 12:59 . 2010-02-27 12:59 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\pdytbs.dat 2010-02-24 20:51 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3a78.tmp 2010-02-24 20:50 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3ab7.tmp 2010-02-24 17:56 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3a59.tmp 2010-02-22 20:45 . 2006-12-01 19:16 91952 ----a-w- c:\documents and settings\Marie-pierre\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-31 16:50 . 2004-08-05 04:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:07 . 2006-01-09 19:02 916480 ------w- c:\windows\system32\wininet.dll 2009-12-17 07:41 . 2004-08-05 04:00 347648 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09 . 2004-08-05 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 10:09 . 2004-08-05 04:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:08 . 2004-08-05 04:00 2025984 ------w- c:\windows\system32\ntkrnlpa.exe 2009-12-04 18:22 . 2004-08-05 04:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . <pre> c:\program files\Avira\AntiVir Desktop\avgnt .exe c:\program files\Realtek\InstallShield\azmixersel .exe c:\program files\Acer\Acer Arcade\pcmservice .exe c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntimui .exe c:\program files\Launch Manager\lmanager .exe c:\program files\HP\Digital Imaging\bin\hpqsrmon .exe c:\program files\HP\HP Software Update\hpwuschd2 .exe c:\program files\Java\jre1.5.0_03\bin\jusched .exe c:\program files\SuperCopier2\supercopier2 .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\iTunes\ituneshelper .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\windows\system32\IME\TINTLGNT\tintsetp .exe c:\windows\ime\imjp8_1\imjpmig .exe c:\windows\pchealth\helpctr\binaries\msconfig .exe </pre> ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2010-02-28 55296] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2010-02-28 55296] "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2010-02-28 55296] "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2010-02-28 55296] "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2010-02-28 55296] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2010-02-28 55296] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2010-02-28 55296] "RTHDCPL"="RTHDCPL.EXE" [N/A] "SkyTel"="SkyTel.EXE" [N/A] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2010-02-28 55296] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2010-02-28 55296] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-02-28 55296] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_03\bin\jusched.exe" [2010-02-28 55296] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-28 55296] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2010-02-28 55296] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-02-28 55296] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\System32\\dpvsetup.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqpsapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqpse.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqgpc01.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R2 aswFsBlk;aswFsBlk;aswFsBlk.sys [x] R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [x] R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [x] R3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2010-02-20 705376] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-05 64288] S1 aswSP;aswSP; [x] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-23 1229232] --- Autres Services/Pilotes en mémoire --- *Deregistered* - mchInjDrv *Deregistered* - tpzdjyyq [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contenu du dossier 'Tâches planifiées' 2010-02-28 c:\windows\Tasks\At1.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At2.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At3.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At4.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At5.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At6.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At7.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At8.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At9.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At10.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At11.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At12.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At13.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At14.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At15.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At16.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At17.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At18.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At19.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At20.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At21.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At22.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At23.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\At24.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 13:20] 2010-02-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-18 19:50] 2009-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-02-18 c:\windows\Tasks\WebReg HP Deskjet F4200 series.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2008-03-25 19:42] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?c21d5a10bc914a7e9314dc6980c18ff2 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?c21d5a10bc914a7e9314dc6980c18ff2 TCP: {AC661682-0D11-4141-81A3-0BA777EB820F} = 192.168.1.1 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-28 14:20 Windows 5.1.2600 Service Pack 3 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mchInjDrv] "ImagePath"="\??\c:\docume~1\MARIE-~1\LOCALS~1\Temp\mc24.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\tpzdjyyq] . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(636) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3620) c:\program files\SuperCopier2\SC2Hook.dll c:\acer\empowering technology\epower\SysHook.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\acer\Empowering Technology\ePerformance\MemCheck.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\HP\Digital Imaging\bin\hpqtra08.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe c:\acer\empowering technology\epower\epower_dmc .exe c:\acer\empowering technology\erecovery\eragent .exe c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe c:\program files\Windows Live\Toolbar\wltuser.exe c:\program files\Internet Explorer\IEXPLORE.EXE c:\program files\Internet Explorer\IEXPLORE.EXE . ************************************************************************** . Heure de fin: 2010-02-28 14:45:45 - La machine a redémarré ComboFix-quarantined-files.txt 2010-02-28 13:44 ComboFix2.txt 2010-02-28 04:49 Avant-CF: 26 180 583 424 octets libres Après-CF: 26 237 337 600 octets libres - - End Of File - - DDF76FD2EC67CB0BA16C9AC972F5ED68 L'envoi a r‚ussi
  4. Massa
    Bonjour Falkra. Voici le rapport combofix. Encore merci pour le temps consacré à mes nombreux virus ! ComboFix 10-02-27.04 - Marie-pierre 28/02/2010 5:20.1.1 - FAT32x86 Lancé depuis: c:\documents and settings\Marie-pierre\Bureau\ComboFix.exe . Les fichiers ci-dessous ont été désactivés pendant l'exécution: c:\program files\supercopier2\SC2Hook.dll (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Marie-pierre\alcmtr .exe c:\documents and settings\Marie-pierre\alcmtr.exe c:\documents and settings\Marie-pierre\Local Settings\Application Data\uigka .exe c:\documents and settings\Marie-pierre\rthdcpl .exe c:\documents and settings\Marie-pierre\rthdcpl.exe c:\documents and settings\Marie-pierre\skytel .exe c:\documents and settings\Marie-pierre\skytel.exe c:\program files\Adobe\acrotray .exe c:\program files\Internet Explorer\js.mui c:\program files\Internet Explorer\wmpscfgs.exe c:\recycler\S-1-5-21-0692937325-8338908061-556774224-3609 c:\recycler\S-1-5-21-1465164915-9777143122-004361626-5375 c:\recycler\S-1-5-21-1718367439-6131418811-041733774-7605 c:\recycler\S-1-5-21-3048521287-1334010259-655417555-8760 c:\recycler\S-1-5-21-3528510646-1025032674-814116027-4351 c:\recycler\S-1-5-21-3799388263-7546126667-585334487-0909 c:\recycler\S-1-5-21-4060137786-1808214808-063569376-8198 c:\recycler\S-1-5-21-4461765001-2685699955-412929427-3460 c:\recycler\S-1-5-21-4872586370-4433696876-874451543-4152 c:\recycler\S-1-5-21-5052965197-2741902215-001083398-6693 c:\recycler\S-1-5-21-6555348034-9584265188-623813722-9406 c:\windows\alcmtr .exe c:\windows\dat.txt c:\windows\Help\rgb.chm c:\windows\rthdcpl .exe c:\windows\search_res.txt c:\windows\skytel .exe c:\windows\system32\4DW4R3ALOtLLLvOE.dll c:\windows\system32\4DW4R3c.dll c:\windows\system32\4DW4R3fQdJSdUXDq.dll c:\windows\system32\4DW4R3jTSlEXpbSn.dll c:\windows\system32\4DW4R3mTKLYLJTGQ.dll c:\windows\system32\4DW4R3phlsrEQwqe.dll c:\windows\system32\4DW4R3rpvJjLlBXI.dll c:\windows\system32\4DW4R3SFooOmObpn.dll c:\windows\system32\4DW4R3sv.dat c:\windows\system32\4DW4R3uknOnKiepM.dll c:\windows\system32\4DW4R3VKGMLdoDoY.dll c:\windows\system32\4DW4R3YeMhCRdAAn.dll c:\windows\system32\ctfmon .exe c:\windows\system32\drivers\4DW4R3.sys c:\windows\system32\drivers\4DW4R3IAROsnynRO.sys c:\windows\system32\drivers\4DW4R3KFodxUlRjX.sys c:\windows\system32\drivers\4DW4R3oyViYjocrj.sys c:\windows\system32\drivers\4DW4R3pAvfQCXSNn.sys c:\windows\system32\drivers\4DW4R3rfHYbkdbDk.sys c:\windows\system32\drivers\4DW4R3TWyvPpxvcb.sys c:\windows\system32\drivers\4DW4R3vNTUPcMdvR.sys c:\windows\system32\drivers\4DW4R3WnfvjKYvmd.sys c:\windows\system32\drivers\4DW4R3WrMttSrtjJ.sys c:\windows\system32\drivers\4DW4R3YOvPkoptef.sys c:\windows\system32\Microsoft\backup.ftp c:\windows\system32\Microsoft\backup.tftp C:\xksbjacq.exe c:\windows\system32\drivers\ntfs.sys . . . est infecté!! c:\windows\system32\tftp.exe . . . est infecté!! . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_4DW4R3 -------\Legacy_4DW4R3 -------\Legacy_KGOOTKIT ((((((((((((((((((((((((((((( Fichiers créés du 2010-01-28 au 2010-02-28 )))))))))))))))))))))))))))))))))))) . 2010-02-28 04:35 . 2010-02-28 04:35 -------- d-----w- c:\documents and settings\All Users\Application Data\96225428 2010-02-27 18:20 . 2010-02-27 18:20 -------- d-----w- C:\rsit 2010-02-27 18:11 . 2010-02-27 18:11 -------- d-----w- C:\FOUND.008 2010-02-27 17:31 . 2010-02-27 17:31 -------- d-----w- C:\FOUND.007 2010-02-27 17:08 . 2010-02-27 17:08 -------- d-----w- C:\FOUND.006 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\documents and settings\Marie-pierre\Application Data\Malwarebytes 2010-02-27 16:15 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-02-27 16:15 . 2010-02-27 16:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-02-27 16:15 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-02-27 15:41 . 2010-02-27 15:41 -------- d-----w- C:\FOUND.005 2010-02-27 15:01 . 2010-02-27 15:01 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-02-27 13:26 . 2010-02-27 13:26 -------- d-----w- C:\FOUND.004 2010-02-27 13:12 . 2010-02-27 13:12 -------- d-----w- c:\program files\Dr. Guard 2010-02-27 10:26 . 2010-02-27 10:26 -------- d-----w- C:\FOUND.003 2010-02-23 22:01 . 2010-02-23 22:01 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\system32\fr 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\system32\bits 2010-02-23 21:06 . 2010-02-23 21:06 -------- d-----w- c:\windows\l2schemas 2010-02-23 20:58 . 2010-02-23 20:58 -------- d-----w- c:\windows\EHome 2010-02-23 19:50 . 2010-02-18 21:53 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-02-22 20:53 . 2010-02-22 20:54 -------- d-----w- c:\windows\BDOSCAN8 2010-02-22 20:50 . 2010-02-22 20:50 -------- d-sh--w- c:\documents and settings\Marie-pierre\PrivacIE 2010-02-22 20:46 . 2010-02-22 20:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2010-02-22 20:42 . 2010-02-22 20:42 -------- d-sh--w- c:\documents and settings\Marie-pierre\IETldCache 2010-02-22 20:37 . 2009-12-11 08:38 69120 ------w- c:\windows\system32\dllcache\iecompat.dll 2010-02-22 20:37 . 2010-02-22 20:37 -------- d-----w- c:\windows\ie8updates 2010-02-22 20:36 . 2009-12-21 19:06 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2010-02-22 20:36 . 2009-12-21 19:06 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2010-02-22 20:36 . 2009-12-21 19:07 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2010-02-22 20:36 . 2009-12-21 19:06 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-02-22 20:36 . 2009-12-21 19:06 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2010-02-22 20:36 . 2009-12-21 19:06 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll 2010-02-22 20:34 . 2010-02-22 20:34 -------- d--h--w- c:\windows\ie8 2010-02-22 20:34 . 2010-02-22 20:34 -------- d-----w- c:\windows\system32\fr-FR 2010-02-22 18:47 . 2010-02-22 18:47 -------- d-----w- C:\FOUND.002 2010-02-21 22:20 . 2010-02-22 19:39 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-02-21 14:58 . 2010-02-21 14:58 -------- d-----w- C:\FOUND.001 2010-02-21 02:03 . 2010-02-21 02:03 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-02-21 01:42 . 2010-02-21 01:42 -------- d-----w- c:\program files\CCleaner 2010-02-21 01:31 . 2010-02-21 01:31 -------- d-----w- C:\FOUND.000 2010-02-21 01:18 . 2010-02-21 01:18 -------- d-----w- c:\program files\ESET 2010-02-20 22:57 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-02-20 22:57 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-02-20 22:57 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-02-20 22:57 . 2010-02-20 22:57 -------- d-----w- c:\program files\Avira 2010-02-20 22:57 . 2010-02-20 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-02-20 09:49 . 2010-02-05 09:03 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-02-18 21:54 . 2010-02-05 09:03 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-02-18 21:49 . 2010-02-18 21:49 -------- d--h--w- c:\documents and settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B} 2010-02-18 21:49 . 2010-02-18 21:49 -------- d-----w- c:\program files\Lavasoft 2010-02-18 21:49 . 2010-02-18 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-02-18 21:39 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-02-18 17:45 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-02-18 17:45 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-02-18 17:45 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-02-18 17:45 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-02-18 17:45 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-02-18 17:45 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-02-18 17:45 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-02-18 17:44 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-02-18 17:44 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-02-18 17:44 . 2010-02-18 17:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-15 19:03 . 2010-02-15 19:03 -------- d-----r- c:\documents and settings\NetworkService\Favoris . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-28 04:35 . 2010-02-28 04:35 55296 ----a-w- c:\documents and settings\All Users\Application Data\96225428\96225428.exe 2010-02-28 04:35 . 2010-02-28 04:35 55296 ----a-w- c:\documents and settings\Marie-pierre\skytel.exe 2010-02-28 04:35 . 2010-02-28 04:35 55296 ----a-w- c:\documents and settings\Marie-pierre\rthdcpl.exe 2010-02-28 04:35 . 2010-02-28 04:35 1050112 ----a-w- c:\documents and settings\All Users\Application Data\96225428\96225428 .exe 2010-02-28 04:34 . 2010-02-28 04:34 116 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2010-02-28 04:34 . 2010-02-28 04:34 16 ----a-w- c:\documents and settings\LocalService\Application Data\pdytbs.dat 2010-02-27 13:02 . 2006-05-23 15:54 86612 ----a-w- c:\windows\system32\perfc00C.dat 2010-02-27 13:02 . 2006-05-23 15:54 512410 ----a-w- c:\windows\system32\perfh00C.dat 2010-02-27 12:59 . 2010-02-27 12:59 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\pdytbs.dat 2010-02-24 20:51 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3a78.tmp 2010-02-24 20:50 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3ab7.tmp 2010-02-24 17:56 . 2006-12-01 19:10 90112 ----a-w- c:\windows\DUMP3a59.tmp 2010-02-23 21:09 . 2006-05-23 15:29 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-23 19:51 . 2010-02-18 21:53 884176 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe 2010-02-23 19:50 . 2010-02-23 19:50 94712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll 2010-02-23 19:50 . 2010-02-18 21:53 150888 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\AAWDriverTool.exe 2010-02-23 19:50 . 2010-02-23 19:50 961984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll 2010-02-23 19:50 . 2010-02-18 21:53 835312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe 2010-02-23 19:50 . 2010-02-18 21:53 842992 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe 2010-02-23 19:50 . 2010-02-18 21:53 1593320 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe 2010-02-23 19:50 . 2010-02-18 21:53 735008 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe 2010-02-23 19:50 . 2010-02-18 21:53 815184 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe 2010-02-23 19:50 . 2010-02-18 21:53 1229232 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe 2010-02-22 20:45 . 2006-12-01 19:16 91952 ----a-w- c:\documents and settings\Marie-pierre\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-20 09:08 . 2007-03-10 21:21 110592 ----a-w- c:\documents and settings\Marie-pierre\Application Data\U3\temp\cleanup.exe 2010-02-20 09:08 . 2009-08-21 14:37 1962232 ----a-w- c:\documents and settings\Marie-pierre\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2010-02-20 08:35 . 2010-02-18 21:49 3802016 ----a-w- c:\documents and settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe 2010-02-20 08:35 . 2008-10-01 18:26 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.0.1.11\SetupAdmin.exe 2010-02-20 08:35 . 2008-07-04 12:35 54632 ----a-w- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\DifXInstall32.exe 2010-02-20 08:35 . 2007-05-17 17:31 21489968 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre_web[1].exe 2010-02-20 08:35 . 2007-05-17 17:30 8704 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe 2010-02-20 08:35 . 2007-05-17 17:30 15872 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2010-02-20 08:35 . 2007-05-17 17:30 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe 2010-02-18 21:53 . 2010-02-18 21:53 95024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys 2010-02-18 21:53 . 2010-02-18 21:53 598368 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\EmailScanner.dll 2010-02-18 21:53 . 2010-02-18 21:53 566608 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll 2010-02-18 21:53 . 2010-02-18 21:53 562272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll 2010-02-18 21:53 . 2010-02-18 21:53 1230160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll 2010-02-18 21:53 . 2010-02-18 21:53 247120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll 2009-12-31 16:50 . 2004-08-05 04:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:07 . 2006-01-09 19:02 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-17 07:41 . 2004-08-05 04:00 347648 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:09 . 2004-08-05 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-09 10:09 . 2004-08-05 04:00 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-09 10:08 . 2004-08-05 04:00 2025984 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-04 18:22 . 2004-08-05 04:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . <pre> c:\program files\Avira\AntiVir Desktop\avgnt .exe c:\program files\ATI Technologies\ATI.ACE\cli .exe c:\program files\Realtek\InstallShield\azmixersel .exe c:\program files\Acer\Acer Arcade\pcmservice .exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\rthdcpl .exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\skytel .exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\alcmtr .exe c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntimui .exe c:\program files\Launch Manager\lmanager .exe c:\program files\HP\Digital Imaging\bin\hpqsrmon .exe c:\program files\HP\HP Software Update\hpwuschd2 .exe c:\program files\Java\jre1.5.0_03\bin\jusched .exe c:\program files\SuperCopier2\supercopier2 .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\QuickTime\qttask .exe c:\program files\iTunes\ituneshelper .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\program files\Windows Live\Messenger\msnmsgr .exe c:\windows\system32\IME\TINTLGNT\tintsetp .exe c:\windows\ime\imjp8_1\imjpmig .exe </pre> ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\progra~1\wi1f86~1\messen~1\msnmsgr .exe" [2009-07-26 3883856] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2010-02-28 55296] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\quicktime\qttask .exe -atboottime" [X] "LaunchApp"="" [N/A] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2010-02-28 55296] "PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2010-02-28 55296] "ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2010-02-28 55296] "Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2010-02-28 55296] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2010-02-28 55296] "ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2010-02-28 55296] "Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2010-02-28 55296] "RTHDCPL"="RTHDCPL.EXE" [N/A] "SkyTel"="SkyTel.EXE" [N/A] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2010-02-28 55296] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2010-02-28 55296] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-02-28 55296] "SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_03\bin\jusched.exe" [2010-02-28 55296] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-28 55296] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2010-02-28 55296] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "96225428"="c:\docume~1\ALLUSE~1\APPLIC~1\96225428\96225428.exe" [2010-02-28 55296] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\System32\\dpvsetup.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqnrs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqpsapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqpse.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqgpc01.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 tlltraq;tlltraq; [x] R0 ucmvm;ucmvm; [x] R2 aswFsBlk;aswFsBlk;aswFsBlk.sys [x] R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [x] R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [x] R3 fsssvc;Service Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2010-02-20 705376] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-05 64288] S1 aswSP;aswSP; [x] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-23 1229232] --- Autres Services/Pilotes en mémoire --- *NewlyCreated* - TPZDJYYQ *Deregistered* - mchInjDrv *Deregistered* - tpzdjyyq [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contenu du dossier 'Tâches planifiées' 2010-02-28 c:\windows\Tasks\At1153.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1154.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1155.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1156.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1157.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1158.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1159.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1160.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1161.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1162.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1163.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1164.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1165.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1166.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1167.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1168.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1169.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1170.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1171.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1172.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1173.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1174.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1175.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\At1176.job - c:\program files\internet explorer\wmpscfgs.exe [2010-02-28 04:35] 2010-02-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-18 19:50] 2009-12-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2010-02-18 c:\windows\Tasks\WebReg HP Deskjet F4200 series.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2008-03-25 19:42] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?c21d5a10bc914a7e9314dc6980c18ff2 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?c21d5a10bc914a7e9314dc6980c18ff2 TCP: {AC661682-0D11-4141-81A3-0BA777EB820F} = 192.168.1.1 . - - - - ORPHELINS SUPPRIMES - - - - Notify-WgaLogon - (no file) AddRemove-uigka - c:\documents and settings\marie-pierre\local settings\application data\uigka.exe AddRemove-{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31} - c:\program files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-28 05:37 Windows 5.1.2600 Service Pack 3 FAT NTAPI Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mchInjDrv] "ImagePath"="\??\c:\docume~1\MARIE-~1\LOCALS~1\Temp\mc26.tmp" [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\tpzdjyyq] . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(628) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3780) c:\program files\supercopier2\SC2Hook.dll c:\acer\empowering technology\epower\SysHook.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\acer\Empowering Technology\ePerformance\MemCheck.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe c:\program files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe c:\program files\HP\Digital Imaging\bin\hpqtra08.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\acer\empowering technology\epower\epower_dmc .exe c:\program files\acer\acer arcade\pcmservice .exe c:\program files\ati technologies\ati.ace\cli .exe c:\progra~1\launch~1\lmanager .exe c:\program files\OpenOffice.org 2.0\program\soffice.exe c:\program files\hp\hp software update\hpwuschd2 .exe c:\program files\java\jre1.5.0_03\bin\jusched .exe c:\program files\itunes\ituneshelper .exe c:\program files\supercopier2\supercopier2 .exe c:\program files\OpenOffice.org 2.0\program\soffice.BIN c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Acer\Acer Arcade\Kernel\TV\CLSched.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\ati technologies\ati.ace\cli .exe c:\program files\ati technologies\ati.ace\cli .exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\wbem\wmiapsrv.exe c:\program files\iPod\bin\iPodService.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe . ************************************************************************** . Heure de fin: 2010-02-28 05:49:23 - La machine a redémarré ComboFix-quarantined-files.txt 2010-02-28 04:49 Avant-CF: 26 293 501 952 octets libres Après-CF: 26 262 470 656 octets libres WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - FE1D55729D921B78E367833F41E880A0
  5. Massa
    Voici le raport log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by Marie-pierre at 2010-02-27 19:20:28 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 26 GB (47%) free of 54 GB Total RAM: 446 MB (30% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:20:35, on 27/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Marie-pierre\Mes documents\RSIT.exe C:\Documents and Settings\Marie-pierre\Mes documents\Marie-pierre.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - - (no file) O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {BFB5F154-9212-46F3-B547-AC6106030A54} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "c:\program files\quicktime\qttask .exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "c:\progra~1\wi1f86~1\messen~1\msnmsgr .exe" /background O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: sysfgs32.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?c21d5a10bc914a7e9314dc6980c18ff2 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?c21d5a10bc914a7e9314dc6980c18ff2 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AC661682-0D11-4141-81A3-0BA777EB820F}: NameServer = 192.168.1.1 O20 - AppInit_DLLs: app_dll.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 9804 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\At1105.job C:\WINDOWS\tasks\At1106.job C:\WINDOWS\tasks\At1107.job C:\WINDOWS\tasks\At1108.job C:\WINDOWS\tasks\At1109.job C:\WINDOWS\tasks\At1110.job C:\WINDOWS\tasks\At1111.job C:\WINDOWS\tasks\At1112.job C:\WINDOWS\tasks\At1113.job C:\WINDOWS\tasks\At1114.job C:\WINDOWS\tasks\At1115.job C:\WINDOWS\tasks\At1116.job C:\WINDOWS\tasks\At1117.job C:\WINDOWS\tasks\At1118.job C:\WINDOWS\tasks\At1119.job C:\WINDOWS\tasks\At1120.job C:\WINDOWS\tasks\At1121.job C:\WINDOWS\tasks\At1122.job C:\WINDOWS\tasks\At1123.job C:\WINDOWS\tasks\At1124.job C:\WINDOWS\tasks\At1125.job C:\WINDOWS\tasks\At1126.job C:\WINDOWS\tasks\At1127.job C:\WINDOWS\tasks\At1128.job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\At52.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\WebReg HP Deskjet F4200 series.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872] {BFB5F154-9212-46F3-B547-AC6106030A54} {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"= [] "AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2010-02-27 55296] "PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2010-02-27 55296] "ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2010-02-27 55296] ""= [] "Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2010-02-27 55296] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2010-02-27 55296] "ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2010-02-27 55296] "Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2010-02-27 55296] "RTHDCPL"=RTHDCPL.EXE [] "SkyTel"=SkyTel.EXE [] "Alcmtr"=ALCMTR.EXE [] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2010-02-27 55296] "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2010-02-27 55296] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-02-27 55296] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe [2010-02-27 55296] "QuickTime Task"=c:\program files\quicktime\qttask .exe [2010-02-27 55296] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-02-27 55296] "hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2010-02-27 55296] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MsnMsgr"=c:\progra~1\wi1f86~1\messen~1\msnmsgr .exe [2010-02-27 55296] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2010-02-27 55296] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\Marie-pierre\Menu Démarrer\Programmes\Démarrage OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe sysfgs32.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="app_dll.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoFolderOptions"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Call" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpiscnapp.exe:*:Enabled:hpiscnapp.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqpsapp.exe:*:Enabled:hpqpsapp.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpofxs08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxs08.exe:*:Enabled:hpofxs08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqpse.exe:*:Enabled:hpqpse.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqsudi.exe:*:Enabled:hpqsudi.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqgpc01.exe:*:Enabled:hpqgpc01.exe" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "\"="C:\WINDOWS\system\svchost.exe:*:Enabled:KL" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpiscnapp.exe:*:Enabled:hpiscnapp.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqpsapp.exe:*:Enabled:hpqpsapp.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpofxs08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxs08.exe:*:Enabled:hpofxs08.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqpse.exe:*:Enabled:hpqpse.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqsudi.exe:*:Enabled:hpqsudi.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe" "C:\Program Files\HP\Digital Imaging\BIN\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqgpc01.exe:*:Enabled:hpqgpc01.exe" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ee7adc2-d0df-11db-93ac-0016d451a39d}] shell\Auto\command - AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{554e2f20-b949-11db-937e-0016d451a39d}] shell\Auto\command - F:\auto.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58f94784-f269-11db-93f9-0016d451a39d}] shell\Auto\command - AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6cb5ae74-a42d-11dd-978c-0016cf6a6331}] shell\Auto\command - DanlcU.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL DanlcU.exe e ======List of files/folders created in the last 1 months====== 2010-02-27 19:20:28 ----D---- C:\rsit 2010-02-27 19:11:12 ----SHD---- C:\FOUND.008 2010-02-27 18:31:00 ----SHD---- C:\FOUND.007 2010-02-27 18:08:11 ----A---- C:\WINDOWS\ntbtlog.txt 2010-02-27 18:08:06 ----SHD---- C:\FOUND.006 2010-02-27 17:53:21 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-02-27 17:15:49 ----D---- C:\Documents and Settings\Marie-pierre\Application Data\Malwarebytes 2010-02-27 17:15:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-02-27 17:15:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-02-27 16:41:50 ----SHD---- C:\FOUND.005 2010-02-27 14:26:06 ----SHD---- C:\FOUND.004 2010-02-27 14:12:09 ----D---- C:\Program Files\Dr. Guard 2010-02-27 11:26:38 ----SHD---- C:\FOUND.003 2010-02-24 20:17:10 ----HD---- C:\WINDOWS\$NtUninstallKB946648$ 2010-02-24 20:16:56 ----HD---- C:\WINDOWS\$NtUninstallKB951978$ 2010-02-24 20:16:47 ----HD---- C:\WINDOWS\$NtUninstallKB956744$ 2010-02-24 20:16:12 ----HD---- C:\WINDOWS\$NtUninstallKB979306$ 2010-02-23 22:27:45 ----D---- C:\WINDOWS\Prefetch 2010-02-23 22:22:55 ----HD---- C:\WINDOWS\$NtUninstallKB977165$ 2010-02-23 22:22:42 ----HD---- C:\WINDOWS\$NtUninstallKB971468$ 2010-02-23 22:22:34 ----HD---- C:\WINDOWS\$NtUninstallKB978251$ 2010-02-23 22:22:26 ----HD---- C:\WINDOWS\$NtUninstallKB978037$ 2010-02-23 22:22:18 ----HD---- C:\WINDOWS\$NtUninstallKB975713$ 2010-02-23 22:22:09 ----HD---- C:\WINDOWS\$NtUninstallKB975560$ 2010-02-23 22:22:01 ----HD---- C:\WINDOWS\$NtUninstallKB977914$ 2010-02-23 22:21:53 ----HD---- C:\WINDOWS\$NtUninstallKB978706$ 2010-02-23 22:21:41 ----HD---- C:\WINDOWS\$NtUninstallKB972270$ 2010-02-23 22:21:31 ----HD---- C:\WINDOWS\$NtUninstallKB955759$ 2010-02-23 22:21:19 ----HD---- C:\WINDOWS\$NtUninstallKB970430$ 2010-02-23 22:21:10 ----HD---- C:\WINDOWS\$NtUninstallKB974318$ 2010-02-23 22:21:01 ----HD---- C:\WINDOWS\$NtUninstallKB974392$ 2010-02-23 22:20:53 ----HD---- C:\WINDOWS\$NtUninstallKB971737$ 2010-02-23 22:20:44 ----HD---- C:\WINDOWS\$NtUninstallKB973687$ 2010-02-23 22:20:36 ----HD---- C:\WINDOWS\$NtUninstallKB969947$ 2010-02-23 22:20:21 ----HD---- C:\WINDOWS\$NtUninstallKB971486$ 2010-02-23 22:20:05 ----HD---- C:\WINDOWS\$NtUninstallKB969059$ 2010-02-23 22:19:57 ----HD---- C:\WINDOWS\$NtUninstallKB974112$ 2010-02-23 22:19:49 ----HD---- C:\WINDOWS\$NtUninstallKB975025$ 2010-02-23 22:19:40 ----HD---- C:\WINDOWS\$NtUninstallKB974571$ 2010-02-23 22:19:32 ----HD---- C:\WINDOWS\$NtUninstallKB975467$ 2010-02-23 22:19:24 ----HD---- C:\WINDOWS\$NtUninstallKB961503$ 2010-02-23 22:19:17 ----HD---- C:\WINDOWS\$NtUninstallKB956844$ 2010-02-23 22:18:53 ----HD---- C:\WINDOWS\$NtUninstallKB961118$ 2010-02-23 22:18:45 ----HD---- C:\WINDOWS\$NtUninstallKB973354$ 2010-02-23 22:18:37 ----HD---- C:\WINDOWS\$NtUninstallKB973869$ 2010-02-23 22:18:30 ----HD---- C:\WINDOWS\$NtUninstallKB971557$ 2010-02-23 22:18:22 ----HD---- C:\WINDOWS\$NtUninstallKB960859$ 2010-02-23 22:18:14 ----HD---- C:\WINDOWS\$NtUninstallKB971657$ 2010-02-23 22:18:07 ----HD---- C:\WINDOWS\$NtUninstallKB973507$ 2010-02-23 22:17:57 ----HD---- C:\WINDOWS\$NtUninstallKB973815$ 2010-02-23 22:17:48 ----HD---- C:\WINDOWS\$NtUninstallKB968389$ 2010-02-23 22:17:33 ----HD---- C:\WINDOWS\$NtUninstallKB971633$ 2010-02-23 22:17:25 ----HD---- C:\WINDOWS\$NtUninstallKB961371$ 2010-02-23 22:17:13 ----HD---- C:\WINDOWS\$NtUninstallKB961501$ 2010-02-23 22:17:01 ----HD---- C:\WINDOWS\$NtUninstallKB970238$ 2010-02-23 22:16:53 ----HD---- C:\WINDOWS\$NtUninstallKB968537$ 2010-02-23 22:16:45 ----HD---- C:\WINDOWS\$NtUninstallKB960763$ 2010-02-23 22:16:31 ----HD---- C:\WINDOWS\$NtUninstallKB956572$ 2010-02-23 22:16:20 ----HD---- C:\WINDOWS\$NtUninstallKB960803$ 2010-02-23 22:16:11 ----HD---- C:\WINDOWS\$NtUninstallKB923561$ 2010-02-23 22:16:01 ----HD---- C:\WINDOWS\$NtUninstallKB959426$ 2010-02-23 22:15:52 ----HD---- C:\WINDOWS\$NtUninstallKB961373$ 2010-02-23 22:15:43 ----HD---- C:\WINDOWS\$NtUninstallKB952004$ 2010-02-23 22:15:31 ----HD---- C:\WINDOWS\$NtUninstallKB960225$ 2010-02-23 22:15:23 ----HD---- C:\WINDOWS\$NtUninstallKB958690$ 2010-02-23 22:15:12 ----HD---- C:\WINDOWS\$NtUninstallKB967715$ 2010-02-23 22:14:59 ----HD---- C:\WINDOWS\$NtUninstallKB958687$ 2010-02-23 22:14:44 ----HD---- C:\WINDOWS\$NtUninstallKB974112_1$ 2010-02-23 22:14:37 ----HD---- C:\WINDOWS\$NtUninstallKB954600$ 2010-02-23 22:14:29 ----HD---- C:\WINDOWS\$NtUninstallKB956802$ 2010-02-23 22:14:17 ----HD---- C:\WINDOWS\$NtUninstallKB957097$ 2010-02-23 22:14:09 ----HD---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-02-23 22:14:01 ----HD---- C:\WINDOWS\$NtUninstallKB955069$ 2010-02-23 22:13:53 ----HD---- C:\WINDOWS\$NtUninstallKB958644$ 2010-02-23 22:13:45 ----HD---- C:\WINDOWS\$NtUninstallKB956803$ 2010-02-23 22:13:34 ----HD---- C:\WINDOWS\$NtUninstallKB957095$ 2010-02-23 22:13:26 ----HD---- C:\WINDOWS\$NtUninstallKB954211$ 2010-02-23 22:13:16 ----HD---- C:\WINDOWS\$NtUninstallKB956841$ 2010-02-23 22:13:06 ----HD---- C:\WINDOWS\$NtUninstallKB938464$ 2010-02-23 22:12:56 ----HD---- C:\WINDOWS\$NtUninstallKB952287$ 2010-02-23 22:12:48 ----HD---- C:\WINDOWS\$NtUninstallKB951066$ 2010-02-23 22:12:40 ----HD---- C:\WINDOWS\$NtUninstallKB952954$ 2010-02-23 22:12:31 ----HD---- C:\WINDOWS\$NtUninstallKB950974$ 2010-02-23 22:12:16 ----HD---- C:\WINDOWS\$NtUninstallKB951748$ 2010-02-23 22:12:07 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-02-23 22:11:59 ----HD---- C:\WINDOWS\$NtUninstallKB950762$ 2010-02-23 22:11:48 ----HD---- C:\WINDOWS\$NtUninstallKB951376$ 2010-02-23 22:11:39 ----HD---- C:\WINDOWS\$NtUninstallKB951698$ 2010-02-23 22:07:15 ----D---- C:\Program Files\Messenger 2010-02-23 22:06:58 ----D---- C:\Program Files\msn 2010-02-23 22:06:57 ----D---- C:\WINDOWS\system32\fr 2010-02-23 22:06:57 ----D---- C:\WINDOWS\system32\bits 2010-02-23 22:06:57 ----D---- C:\WINDOWS\l2schemas 2010-02-23 22:03:24 ----D---- C:\WINDOWS\network diagnostic 2010-02-23 21:58:21 ----HD---- C:\WINDOWS\$NtServicePackUninstall$ 2010-02-23 21:58:13 ----D---- C:\WINDOWS\EHome 2010-02-22 21:53:58 ----D---- C:\WINDOWS\BDOSCAN8 2010-02-22 21:37:08 ----D---- C:\WINDOWS\ie8updates 2010-02-22 21:35:53 ----D---- C:\WINDOWS\WBEM 2010-02-22 21:34:42 ----HD---- C:\WINDOWS\ie8 2010-02-22 21:34:42 ----D---- C:\WINDOWS\system32\fr-FR 2010-02-22 19:47:00 ----SHD---- C:\FOUND.002 2010-02-21 15:58:18 ----SHD---- C:\FOUND.001 2010-02-21 02:42:35 ----D---- C:\Program Files\CCleaner 2010-02-21 02:31:38 ----SHD---- C:\FOUND.000 2010-02-21 02:18:35 ----D---- C:\Program Files\ESET 2010-02-20 23:57:09 ----D---- C:\Program Files\Avira 2010-02-20 23:57:09 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-02-20 10:49:21 ----A---- C:\WINDOWS\system32\lsdelete.exe 2010-02-18 23:22:12 ----HD---- C:\WINDOWS\$NtUninstallKB977165_0$ 2010-02-18 22:49:39 ----HD---- C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B} 2010-02-18 22:49:10 ----D---- C:\Program Files\Lavasoft 2010-02-18 22:49:10 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2010-02-18 18:47:03 ----D---- C:\WINDOWS\Minidump 2010-02-18 18:44:49 ----A---- C:\WINDOWS\system32\aswBoot.exe 2010-02-18 18:44:43 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software 2010-02-18 12:40:22 ----HD---- C:\WINDOWS\$NtUninstallKB978207$ 2010-02-18 12:21:26 ----HD---- C:\WINDOWS\$NtUninstallKB955759_0$ 2010-02-15 20:46:28 ----HD---- C:\WINDOWS\$NtUninstallKB978262$ 2010-02-15 20:46:19 ----HD---- C:\WINDOWS\$NtUninstallKB971468_0$ 2010-02-15 20:45:49 ----HD---- C:\WINDOWS\$NtUninstallKB970430_0$ 2010-02-15 20:45:34 ----HD---- C:\WINDOWS\$NtUninstallKB974318_0$ 2010-02-15 20:45:26 ----HD---- C:\WINDOWS\$NtUninstallKB978037_0$ 2010-02-15 20:44:55 ----HD---- C:\WINDOWS\$NtUninstallKB975713_0$ 2010-02-15 20:44:45 ----HD---- C:\WINDOWS\$NtUninstallKB972270_0$ 2010-02-15 20:44:11 ----HD---- C:\WINDOWS\$NtUninstallKB978251_0$ 2010-02-15 20:43:58 ----HD---- C:\WINDOWS\$NtUninstallKB975560_0$ 2010-02-15 20:43:15 ----HD---- C:\WINDOWS\$NtUninstallKB973904$ 2010-02-15 20:43:06 ----HD---- C:\WINDOWS\$NtUninstallKB977914_0$ 2010-02-15 20:42:54 ----HD---- C:\WINDOWS\$NtUninstallKB978706_0$ 2010-02-07 22:23:43 ----A---- C:\xksbjacq.exe ======List of files/folders modified in the last 1 months====== 2010-02-27 19:11:54 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt 2010-02-27 14:02:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-02-24 21:51:56 ----A---- C:\WINDOWS\DUMP3a78.tmp 2010-02-24 21:50:38 ----A---- C:\WINDOWS\DUMP3ab7.tmp 2010-02-24 18:56:16 ----A---- C:\WINDOWS\DUMP3a59.tmp 2010-02-01 11:26:22 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-01-24 488448] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-07 16896] R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-24 61056] R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-24 40064] R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-24 74752] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-05-23 6144] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880] S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880] S1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43520] S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-02-11 162512] S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-02-11 46672] S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] S2 aswFsBlk;aswFsBlk; aswFsBlk.sys [] S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-02-11 100432] S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816] S2 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [] S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys [] S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys [] S2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] S2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys [] S2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-14 12672] S2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys [] S2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys [] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-02-11 23376] S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-24 49920] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-24 21568] S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-06-12 990592] S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-06-12 208384] S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-01-11 194048] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320] S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288] S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288] S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [] S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [] S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20071030.001\symidsco.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-06-12 727808] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-23 1229232] S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672] S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504] S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384] S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] S2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2010-02-20 254050] S2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2010-02-20 114784] S2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2006-04-27 61440] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-02-17 73728] S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2010-02-20 143360] S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384] S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-02-20 705376] S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2010-02-20 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- et info.txt info.txt logfile of random's system information tool 1.06 2010-02-27 19:20:39 ======Uninstall list====== -->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu" -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13E613EF-BB55-11D9-9D77-000129760D75}\setup.exe" -uninstall -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB} Acer Arcade-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall Acer Empowering Technology-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly Acer ePerformance Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x40c -removeonly Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x40c Acer ePresentation Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\Setup.exe" -l0x40c Acer eSettings Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x40c -removeonly Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2} Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000} Adobe Shockwave Player-->C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->MsiExec.exe /I{79B05AF4-8894-49A1-9FF4-53F0142D85E1} ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI Parental Control & Encoder-->MsiExec.exe /I{8D70145A-3BD3-4DBF-9CBF-223EF4A43257} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{6E15BEDF-7EB5-4010-998E-B430DB4EFE45} Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{A425C250-A0E1-4D78-B1C1-A5CBC7385E7C} Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} CashBarre-->regsvr32 /u /s "C:\Program Files\CashBarre\CashBarre.dll" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976} DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER eMule-->"C:\Program Files\eMule\Uninstall.exe" Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D} Favorit-->"c:\documents and settings\marie-pierre\local settings\application data\uigka.exe" -uninstall Full Tilt Poker-->"C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x040c -removeonly Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\Marie-pierre\Mes documents\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Customer Participation Program 11.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop HP Imaging Device Functions 11.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential 3.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70} HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat HP Solution Center 11.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7} Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843} J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929} Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB960763)-->"C:\WINDOWS\$NtUninstallKB960763$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB50016326A} Nokia Connectivity Cable Driver-->MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1} NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4 NTI CD & DVD-Maker-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7 OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{6D7F8D4B-D1A4-402A-973E-31E90940E585} OpenOffice.org 2.0-->MsiExec.exe /I{E2055AB2-D1C7-4147-A384-2B4B1C04282B} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Package de pilotes Windows - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPINST.EXE /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_4C9003F79A472E408F11C51BDF222156676824AF\amdk8.inf PC Connectivity Solution-->MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E} Photo SlideShow Maker-->C:\Program Files\Photo SlideShow Maker\uninstall.exe Photorécit 3 pour Windows-->MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E} PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Print@Fujicolor-->C:\PROGRA~1\FUJIFILM\UNWISE.EXE C:\PROGRA~1\FUJIFILM\INSTALL.LOG QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB} Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x40c -removeonly SA31xx Device Manager & Media Converter-->C:\Program Files\InstallShield Installation Information\{E572B060-C98B-4984-A48E-E4FA56265903}\setup.exe -runfromtemp -l0x040c -removeonly Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2BFA&SUBSYS_1025009F\HXFSETUP.EXE -U -IAcrS09Fp.inf SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7} Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1} VideoLAN VLC media player 0.8.6a-->C:\Program Files\VideoLAN\VLC\uninstall.exe Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Winamax Poker (remove only)-->"C:\Program Files\WinamaxPoker\uninst.exe" Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf Windows Driver Package - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\YAHOO!\common\unyt.exe ======Security center information====== AV: Dr. Guard (outdated) ======System event log====== Computer Name: ACER-318DE0055E Event Code: 26 Message: Application popup : Windows - Fichier endommagé : Le fichier ou le répertoire \WINDOWS\System32\drivers\ucmvm.sys est endommagé et illisible. Exécutez l'utilitaire CHKDSK. Record Number: 9483535 Source Name: Application Popup Time Written: 20100227183632.000000+060 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 26 Message: Application popup : Windows - Fichier endommagé : Le fichier ou le répertoire \WINDOWS\System32\drivers\ucmvm.sys est endommagé et illisible. Exécutez l'utilitaire CHKDSK. Record Number: 9483534 Source Name: Application Popup Time Written: 20100227183631.000000+060 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 26 Message: Application popup : Windows - Fichier endommagé : Le fichier ou le répertoire \WINDOWS\System32\drivers\ucmvm.sys est endommagé et illisible. Exécutez l'utilitaire CHKDSK. Record Number: 9483533 Source Name: Application Popup Time Written: 20100227183630.000000+060 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 26 Message: Application popup : Windows - Fichier endommagé : Le fichier ou le répertoire \WINDOWS\System32\drivers\ucmvm.sys est endommagé et illisible. Exécutez l'utilitaire CHKDSK. Record Number: 9483532 Source Name: Application Popup Time Written: 20100227183630.000000+060 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 26 Message: Application popup : Windows - Fichier endommagé : Le fichier ou le répertoire \WINDOWS\System32\drivers\ucmvm.sys est endommagé et illisible. Exécutez l'utilitaire CHKDSK. Record Number: 9483531 Source Name: Application Popup Time Written: 20100227183629.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: ACER-318DE0055E Event Code: 0 Message: Service started Record Number: 32088 Source Name: SeaPort Time Written: 20091022174738.000000+120 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 0 Message: Record Number: 32087 Source Name: CLCapSvc Time Written: 20091022174737.000000+120 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 0 Message: Record Number: 32086 Source Name: RichVideo Time Written: 20091022174737.000000+120 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 4 Message: The LightScribe Service started successfully. Record Number: 32085 Source Name: LightScribeService Time Written: 20091022174736.000000+120 Event Type: Informations User: Computer Name: ACER-318DE0055E Event Code: 1 Message: Record Number: 32084 Source Name: Bonjour Service Time Written: 20091022174731.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 76 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=4c02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip "SAFEBOOT_OPTION"=NETWORK -----------------EOF-----------------
  6. Massa
    Merci Falkra, de ta réponse. Ci-dessous le rapport Malwarebytes: Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3802 Windows 5.1.2600 Service Pack 3 (Safe Mode) Internet Explorer 8.0.6001.18702 27/02/2010 18:24:20 mbam-log-2010-02-27 (18-24-20).txt Type de recherche: Examen rapide Eléments examinés: 129519 Temps écoulé: 7 minute(s), 54 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 1 Clé(s) du Registre infectée(s): 37 Valeur(s) du Registre infectée(s): 15 Elément(s) de données du Registre infecté(s): 8 Dossier(s) infecté(s): 10 Fichier(s) infecté(s): 155 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): C:\WINDOWS\system32\bpbkr2f9v.dll (Trojan.Agent) -> Delete on reboot. Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{a3ba40a2-74f0-42bd-f434-00b15a2c8953} (Trojan.Agent) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a3ba40a2-74f0-42bd-f434-00b15a2c8953} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a3ba40a2-74f0-42bd-f434-00b15a2c8953} (Trojan.Agent) -> Delete on reboot. HKEY_CLASSES_ROOT\vac.video (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b6a3935f-8fe4-49a4-b987-a1c09e53589f} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ef94a58f-599b-4602-9c34-99683c5859b1} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{cdc0999c-999c-4ee1-875b-5c3542641768} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kgootkit (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{06ba1f5e-15a6-46b7-8c04-97f88ff13f4f} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1a9053e3-f794-45c1-9bcf-d8b1ddcd6df2} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{57162e66-8128-4d94-9a4d-85f8104979c9} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6ebff9e0-4c78-4767-8d35-5d4c561fa06a} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{acf0580f-7080-4405-a815-37945cfff200} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bcb33298-06d5-4483-bc33-369a11bf6e72} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d20a2ed9-97ab-4684-8b3b-198bdbfdf274} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d888fb49-3924-4d85-8755-f3d3526f15dc} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f5436145-540b-4092-be81-84b75641444f} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f761616e-f046-4aae-9665-a304adb30f10} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{fecf56d5-52ad-4c71-9b90-96dca805be06} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\_VOID (Rootkit.TDSS) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenU) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Ultimate Defender (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Ultimate Defender (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Darkness (Trojan.Backdoor) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uigka (Trojan.Agent.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{a3ba40a2-74f0-42bd-f434-00b15a2c8953} (Trojan.Agent) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\remote system protection (Trojan.Agent) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\runner1 (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\insider (Adware.DnsInsider) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.Gibmedia) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\gootkitsso (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asg984jgkfmgasi8ug98jgkfgfb (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uishf9wuifwuh387fh3wufinhjfdwefe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asr64_ldm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (Userinit.exe) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Documents and Settings\Marie-pierre\Application Data\Ultimate Defender (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Application Data\Ultimate Defender\logs (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\Carlson (Trojan.Dialer) -> Quarantined and deleted successfully. C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully. C:\Program Files\Temporary (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec (Stolen.data) -> Delete on reboot. C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\Marie-pierre\Local Settings\Application Data\oksmy_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Application Data\oksmy_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Application Data\oksmy.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully. c:\documents and settings\marie-pierre\local settings\application data\uigka.exe (Trojan.Agent.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\bpbkr2f9v.dll (Trojan.Agent) -> Delete on reboot. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\iei57zbsg.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\rthdcpl.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rthdcpl.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\SkyTel.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\skytel.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Alcmtr.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\alcmtr.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Launch Manager\LManager.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\mrofinu1148.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Internet Explorer\js.mui (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\Internet Explorer\wmpscfgs.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\nkorf.exe (Trojan.PWS) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-6555348034-9584265188-623813722-9406\nissan.exe (Worm.Autorun.B) -> Delete on reboot. C:\Documents and Settings\Marie-pierre\Menu Démarrer\Programmes\Démarrage\ihaupd32.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\WINDOWS\system32\amb9c6v.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\alcmtr.exe.delme343 (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\w2d6pc.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ujxax3.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\swgqix.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\pfj3b6.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tmjtj44yo.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\s6a8eqf.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\taayh.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lrww5n6.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\myrd8e12i.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\moiylrc42m.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\i3adfua5yv.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hp8joxi0xm.dll (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\o8t114o0z.dll (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\rthdcpl .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\skytel .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\alcmtr .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\KGootkit.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\g5orm9k3 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\g5orm9k3 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\vwwixjz.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\msinits.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\wlql03.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM28.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM6.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\iei57zbsg .exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\jf073c.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TMA.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM11.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\rc1dvpnv.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\a27uyxc0.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\krznuwaz.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\wlafd.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\nvsvc32.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\mdm.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\winlogon.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM9.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\srlwqj.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\begv5wlxo.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~DFA94B.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\o44tu.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\odzmfy.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\mh54vgvy.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM8.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\wlql03 .exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\rev189w8o.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\jf073c .exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM23.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\o44tu .exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\mxqpipk.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\wf32fxn.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM1B.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM15.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\kq17jcf.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM2D.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\wabv2ew.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\eu8r1xo.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\ycmw0tq.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM26.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\SPAM.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\zc74gohb.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\cz9d0.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM37.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\e5hgk7.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\pmip6hhc.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\oh5asqy.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\oatp4rg.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\~TM3F.tmp (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\vrpp49j467.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\g5orm9k3 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\avp .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\g5orm9k3 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\lsass.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\winamp.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\wmpscfgs.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\nvrvp5ho .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\g5orm9k3 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\rthdcpl.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\skytel.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\alcmtr.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\rundll32.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\rundll32 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ETD4BY8P\gibidl[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ETD4BY8P\gibcom[1].dll (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2TSJOJ25\gibupt[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\2TSJOJ25\gibusr[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G3Y3MDA7\gibsvc[1].exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G3Y3MDA7\gibsvc[2].exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\WINDOWS\mrofinu1148 .exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Application Data\Ultimate Defender\logs\1192480506.log (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Application Data\Ultimate Defender\logs\1192480878.log (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Application Data\Ultimate Defender\logs\1192485781.log (Rogue.Ultimate.Defender) -> Quarantined and deleted successfully. C:\Program Files\Insider\insider .exe (Adware.DnsInsider) -> Quarantined and deleted successfully. C:\Program Files\Insider\insider.exe (Adware.DnsInsider) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Delete on reboot. C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Delete on reboot. C:\WINDOWS\privacy_danger\images\capt.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\danger.jpg (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\down.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\privacy_danger\images\spacer.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibusr .exe (Adware.Gibmedia) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msxsltsso.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Help\kfdtk.chm (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Application Data\wiaservg.log (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Favoris\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Favoris\Privacy Protector.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Favoris\Spyware&Malware Protection.url (Rogue.Link) -> Quarantined and deleted successfully. C:\.protected (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\carlton (Trojan.Dialer) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\.protected (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Menu Démarrer\Programmes\Démarrage\.protected (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\etc\.protected (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sdra64.exe (Spyware.Zbot) -> Delete on reboot. C:\WINDOWS\.protected (Rogue.Multiple) -> Quarantined and deleted successfully. C:\WINDOWS\rs.txt (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Marie-pierre\Local Settings\Temp\asr64_ldm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  7. Massa
    Bonjour, J'ai un portable infecté par plusieurs virus dont Dr Guard depuis ce matin. Quelqu'un peut-il m'aider? J'ai téléchargé Antivir mais la base virale n'arrive pas à se mettre à jour. J'ai aussi téléchargé Ad-Aware qui a supprimé des malwares mais ce n'est pas suffisant. Ci-dessous le rapport HijackThis que j'ai lancé en mode sans échec. Par avance, merci pour votre aide. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:33:44, on 27/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\svchost.exe C:\Documents and Settings\Marie-pierre\rundll32.exe C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\jf073c.exe C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\asr64_ldm.exe C:\WINDOWS\system32\ctfmon.exe C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\ctv216.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Marie-pierre\Mes documents\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, O2 - BHO: C:\WINDOWS\system32\bpbkr2f9v.dll - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - C:\WINDOWS\system32\bpbkr2f9v.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {BFB5F154-9212-46F3-B547-AC6106030A54} - (no file) O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe" O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1148.exe 61A847B5BBF72813339F30466188719AB689201522886B092CBD44BD8689220221DD3257 O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktime\qttask .exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "c:\progra~1\wi1f86~1\messen~1\msnmsgr .exe" /background O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [insider] C:\Program Files\Insider\Insider.exe O4 - HKCU\..\Run: [uigka] "c:\documents and settings\marie-pierre\local settings\application data\uigka.exe" uigka O4 - HKCU\..\Run: [WinUsr] c:\program files\winsudate\gibusr .exe O4 - HKCU\..\Run: [uishf9wuifwuh387fh3wufinhjfdwefe] C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\jf073c.exe O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] c:\docume~1\marie-~1\locals~1\temp\avp .exe O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\bpbkr2f9v.dll, HUI_proc O4 - HKCU\..\Run: [asr64_ldm.exe] C:\DOCUME~1\MARIE-~1\LOCALS~1\Temp\asr64_ldm.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe O4 - Startup: .protected O4 - Startup: ihaupd32.exe O4 - Startup: sysfgs32.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe O4 - Global Startup: .protected O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?c21d5a10bc914a7e9314dc6980c18ff2 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?c21d5a10bc914a7e9314dc6980c18ff2 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AC661682-0D11-4141-81A3-0BA777EB820F}: NameServer = 192.168.1.1 O20 - AppInit_DLLs: app_dll.dll O21 - SSODL: GootkitSSO - {FECF56D5-52AD-4C71-9B90-96DCA805BE06} - C:\WINDOWS\System32\msxsltsso.dll O22 - SharedTaskScheduler: 7whfiudhf8s7f3oifhif7syfdhsof - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - C:\WINDOWS\system32\bpbkr2f9v.dll O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: IPsec Service (Darkness) - Unknown owner - C:\WINDOWS\system\svchost.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 11488 bytes
×
×
  • Créer...