punavia

autre info je viens de lire sur le Gestionnaire des tâches Windows et ce quand mon PC a démarré avec aucune application lancée (autre qu Avast et Windows Defender), Processus : 35 UC: 0% (variant brièvpent jusquà 5% ) la charge dédiée: 512 Mo variant jusquà 490 Mo J'ai 512 Mo de RAM , est ce que cela a un lien ? mon PC s'éteint beaucoup plus rapidement. Pour le démarrage, petite amélioration avec semble-t-il moins de blocage si j 'essaie d"ouvrir un page internet explorer. Par contre au démarrage, je reste longtemsp sur les pages de démarrage de Windows XP: comme celle sur fond bleu avec la mention "démarrage". Plus tard la musique Windows peut être entendue longtemps après aprsè que les icones du bureau se soient affichés Cordialement

Bonjour merci Le sioux. le redémarrage après l 'execution d'OTM a été long et inquiétant avec des affichages inhabituels et lents. Pour les P2P, je n'utilise plus depuis longtemps , j'ai du len désinstalller : Tous ? j espere Pour Mlaware : je l'ai viré hier peu etre trop tôt? je peux le réinstaller si c est nécessaire? voici les Log OTM et RSIT merci pour les conseils à venir Log OTM All processes killed ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\I:\Program Files\DNA\btdna.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\I:\Documents and Settings\Propriétaire\Bureau\msnmsgr.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\I:\Program Files\FrostWire\FrostWire.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\I:\Program Files\BitComet\BitComet.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\I:\Program Files\BitTorrent\bittorrent.exe deleted successfully. Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\I:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{53F6FCCD-9E22-4d71-86EA-6E43136192AB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53F6FCCD-9E22-4d71-86EA-6E43136192AB}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{925DAB62-F9AC-4221-806A-057BFB1014AA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{925DAB62-F9AC-4221-806A-057BFB1014AA}\ not found. ========== FILES ========== I:\Program Files\DNA\plugins folder moved successfully. I:\Program Files\DNA folder moved successfully. File/Folder I:\Documents and Settings\Propriétaire\Bureau\msnmsgr.exe not found. File/Folder I:\Program Files\FrostWire not found. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\xml\schemas folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\xml\misc folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\xml\data folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\xml folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\themes\frostwire_theme folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\themes folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\.NetworkShare\Incomplete folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire\.NetworkShare folder moved successfully. I:\Documents and Settings\Propriétaire\Application Data\FrostWire folder moved successfully. I:\Program Files\BitComet\torrents folder moved successfully. I:\Program Files\BitComet\share folder moved successfully. I:\Program Files\BitComet\rules folder moved successfully. I:\Program Files\BitComet\archive folder moved successfully. I:\Program Files\BitComet folder moved successfully. File/Folder I:\Documents and Settings\Propriétaire\Application Data\BitComet not found. I:\Program Files\BitTorrent folder moved successfully. File/Folder I:\Documents and Settings\Propriétaire\Application Data\BitTorrent not found. I:\Program Files\Shareaza Applications\Shareaza folder moved successfully. I:\Program Files\Shareaza Applications folder moved successfully. File/Folder I:\Documents and Settings\Propriétaire\Application Data\Shareaza Applications not found. I:\Program Files\Registry Mechanic\backup folder moved successfully. I:\Program Files\Registry Mechanic folder moved successfully. File/Folder I:\Documents and Settings\Propriétaire\Application Data\Registry Mechanic not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: LocalService ->Temp folder emptied: 115616 bytes ->Temporary Internet Files folder emptied: 3151507 bytes User: NetworkService ->Temp folder emptied: 1379354 bytes ->Temporary Internet Files folder emptied: 35320959 bytes User: Propritaire ->Temp folder emptied: 12539516 bytes User: Propriétaire ->Temp folder emptied: 178235244 bytes ->Temporary Internet Files folder emptied: 20147614 bytes ->Java cache emptied: 37607072 bytes ->FireFox cache emptied: 78890493 bytes ->Apple Safari cache emptied: 1022340 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1099861 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1326434 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23972804 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 576958328 bytes Total Files Cleaned = 927,00 mb OTM by OldTimer - Version 3.1.9.0 log created on 02262010_065815 ------------------------------------------------------------------------------------------------------------------------- et pour RSIT Logfile of random's system information tool 1.06 (written by random/random) Run by Propriétaire at 2010-02-26 07:27:12 Microsoft Windows XP Édition familiale Service Pack 3 System drive I: has 13 GB (18%) free of 76 GB Total RAM: 511 MB (22% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:27:27, on 26/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Windows Defender\MsMpEng.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe I:\Program Files\Alwil Software\Avast4\ashServ.exe I:\WINDOWS\system32\spoolsv.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\Explorer.EXE I:\Program Files\Java\jre6\bin\jqs.exe I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe I:\Program Files\lotus\notes\ntmulti.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\SearchIndexer.exe I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe I:\Program Files\Alwil Software\Avast4\ashWebSv.exe I:\Program Files\Windows Defender\MSASCui.exe I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Internet Explorer\iexplore.exe I:\WINDOWS\system32\ctfmon.exe I:\WINDOWS\system32\SearchProtocolHost.exe I:\Documents and Settings\Propriétaire\Mes documents\RSIT.exe I:\Program Files\trend micro\Propriétaire.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Windows Defender] "I:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'Default user') O4 - Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/contr...vex/TmHcmsX.CAB O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://mail.airfrance.fr/s35/iNotes6W.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1207004692906 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1186123516187 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Multi-user Cleanup Service - IBM Corp - I:\Program Files\lotus\notes\ntmulti.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - I:\Program Files\WinPcap\rpcapd.exe (file missing) O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - I:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 8909 bytes ======Scheduled tasks folder====== I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job I:\WINDOWS\tasks\MP Scheduled Scan.job I:\WINDOWS\tasks\PCConfidential.job I:\WINDOWS\tasks\Registry Winner Schedule.job I:\WINDOWS\tasks\User_Feed_Synchronization-{E6895412-2799-40F3-B889-069966A82934}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2009-12-18 320928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=I:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "avast!"=I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] I:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] I:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] I:\Program Files\Freecorder\FLVSrvc.exe /run [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] I:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2009-11-10 5244216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] I:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] I:\Program Files\QuickTime\qttask.exe [2008-11-04 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] I:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection] I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] I:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection] I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Barre d'état système d'ATI CATALYST.lnk] I:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] I:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Windows Desktop Search.lnk] I:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2007-02-05 118784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk] I:\DOCUME~1\PROPRI~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [] I:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage Internet Explorer.lnk - I:\Program Files\Internet Explorer\iexplore.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] I:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=I:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=I:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\Program Files\Internet Explorer\iexplore.exe"="I:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "I:\Program Files\Yahoo!\Messenger\YServer.exe"="I:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "I:\WINDOWS\system32\dpvsetup.exe"="I:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "I:\WINDOWS\system32\rundll32.exe"="I:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "I:\Program Files\AIM6\aim6.exe"="I:\Program Files\AIM6\aim6.exe:*:Disabled:AIM" "I:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="I:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Disabled:AOL Loader" "I:\Program Files\IncrediMail\bin\IncMail.exe"="I:\Program Files\IncrediMail\bin\IncMail.exe:*:Disabled:IncrediMail" "I:\Program Files\IncrediMail\bin\ImpCnt.exe"="I:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Disabled:IncrediMail" "I:\Program Files\IncrediMail\bin\ImApp.exe"="I:\Program Files\IncrediMail\bin\ImApp.exe:*:Disabled:IncrediMail" "I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4PEJOPEV\incredimail_install[1].exe"="I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4PEJOPEV\incredimail_install[1].exe:*:Disabled:IncrediMail Installer" "I:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe"="I:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:*:Disabled:IncrediMail Installer" "I:\Program Files\Magentic\bin\MgImp.exe"="I:\Program Files\Magentic\bin\MgImp.exe:*:Disabled:Magentic" "I:\Program Files\Magentic\bin\MgApp.exe"="I:\Program Files\Magentic\bin\MgApp.exe:*:Disabled:Magentic" "I:\Program Files\Magentic\bin\Magentic.exe"="I:\Program Files\Magentic\bin\Magentic.exe:*:Disabled:Magentic" "I:\Program Files\AOL\Active Virus Shield\avp.exe"="I:\Program Files\AOL\Active Virus Shield\avp.exe:*:Disabled:Active Virus Shield" "I:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe"="I:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Disabled:Camfrog Client Module" "I:\Program Files\Motorola\Software Update\msu.exe"="I:\Program Files\Motorola\Software Update\msu.exe:*:Disabled:msu" "I:\Program Files\Winamp Remote\bin\Orb.exe"="I:\Program Files\Winamp Remote\bin\Orb.exe:*:Disabled:Orb" "I:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="I:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Disabled:Orb Stream Client" "I:\Program Files\Winamp Remote\bin\OrbTray.exe"="I:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Disabled:OrbTray" "I:\Program Files\SopCast\adv\SopAdver.exe"="I:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver" "I:\Program Files\SopCast\SopCast.exe"="I:\Program Files\SopCast\SopCast.exe:*:Disabled:SopCast Main Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a56f2b7c-55f9-11de-8c77-00138fd9fd77}] shell\AutoRun\command - J:\start.exe ======List of files/folders created in the last 1 months====== 2010-02-26 07:27:12 ----D---- I:\rsit 2010-02-26 06:58:15 ----D---- I:\_OTM 2010-02-25 19:47:11 ----D---- I:\Program Files\trend micro 2010-02-16 09:54:00 ----D---- I:\Documents and Settings\All Users\Application Data\NOS 2010-01-27 12:23:22 ----A---- I:\WINDOWS\system32\ptpusb.dll 2010-01-27 12:23:20 ----A---- I:\WINDOWS\system32\ptpusd.dll ======List of files/folders modified in the last 1 months====== 2010-02-26 07:27:20 ----D---- I:\WINDOWS\Prefetch 2010-02-26 07:27:11 ----D---- I:\WINDOWS\Temp 2010-02-26 07:06:31 ----D---- I:\WINDOWS\system32\CatRoot2 2010-02-26 07:06:18 ----SD---- I:\WINDOWS\Tasks 2010-02-26 07:00:46 ----A---- I:\WINDOWS\SchedLgU.Txt 2010-02-26 06:59:23 ----D---- I:\WINDOWS 2010-02-26 06:58:40 ----RD---- I:\Program Files 2010-02-26 06:49:17 ----D---- I:\WINDOWS\pss 2010-02-25 22:13:32 ----D---- I:\Program Files\PyGrenouille 2010-02-25 21:49:35 ----D---- I:\WINDOWS\system32\drivers 2010-02-25 21:49:35 ----D---- I:\WINDOWS\system32 2010-02-25 20:38:53 ----D---- I:\Program Files\Spybot - Search & Destroy 2010-02-25 20:38:51 ----D---- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-02-25 00:57:48 ----SHD---- I:\WINDOWS\Installer 2010-02-24 10:10:16 ----HD---- I:\WINDOWS\inf 2010-02-24 10:10:15 ----RSHDC---- I:\WINDOWS\system32\dllcache 2010-02-24 10:10:13 ----D---- I:\WINDOWS\ie8updates 2010-02-24 10:09:23 ----HD---- I:\WINDOWS\$hf_mig$ 2010-02-24 10:09:15 ----A---- I:\WINDOWS\imsins.BAK 2010-02-24 09:16:06 ----N---- I:\WINDOWS\system32\MpSigStub.exe 2010-02-22 08:01:45 ----D---- I:\Config.Msi 2010-02-16 20:27:40 ----SD---- I:\WINDOWS\Downloaded Program Files 2010-02-07 07:01:12 ----D---- I:\Program Files\Google 2010-02-05 20:22:24 ----D---- I:\Program Files\lotus 2010-02-01 20:26:20 ----A---- I:\WINDOWS\system32\MRT.exe 2010-01-28 22:34:36 ----SD---- I:\Documents and Settings\Propriétaire\Application Data\Microsoft 2010-01-27 12:08:43 ----D---- I:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; I:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 aswSP;avast! Self Protection; I:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; I:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 intelppm;Pilote de processeur Intel; I:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; I:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; I:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 aswFsBlk;aswFsBlk; I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; I:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 tmcomm;tmcomm; \??\I:\WINDOWS\system32\drivers\tmcomm.sys [] R3 aswRdr;aswRdr; I:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 ati2mtag;ati2mtag; I:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 Camdrv30;Philips ToUcam XS; I:\WINDOWS\System32\Drivers\camdrv30.sys [2001-08-17 171264] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; I:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; I:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 mouhid;Pilote HID de souris; I:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 tunmp;Pilote de carte miniport Tun Microsoft; I:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbccgp;Pilote parent générique USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; I:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 incdrm;InCD EasyWrite Reader; I:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520] S3 CCDECODE;Décodeur sous-titre fermé; I:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\I:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 GEARAspiWDM;GEAR ASPI Filter Driver; I:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [] S3 motccgp;Motorola USB Composite Device Driver; I:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-11-02 18176] S3 motccgpfl;MotCcgpFlService; I:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-23 7680] S3 MotDev;Motorola Inc. USB Device; I:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 42112] S3 motmodem;Motorola USB CDC ACM Driver; I:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-20 23680] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; I:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; I:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; I:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 QV2KUX;Appareil photo numérique Casio; I:\WINDOWS\System32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; I:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; I:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; I:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbscan;Pilote de scanneur USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 Wdf01000;Wdf01000; I:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; I:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; I:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 XUIF;X10 USB Wireless Transceiver; I:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; I:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 aswUpdSv;avast! iAVS4 Control Service; I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 Ati HotKey Poller;Ati HotKey Poller; I:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; I:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 MDM;Machine Debug Manager; I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 Multi-user Cleanup Service;Multi-user Cleanup Service; I:\Program Files\lotus\notes\ntmulti.exe [2005-08-15 53248] R2 WinDefend;Windows Defender; I:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WSearch;Recherche Windows; I:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032] R2 YahooAUService;Yahoo! Updater; I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] R3 avast! Mail Scanner;avast! Mail Scanner; I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; I:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] S2 ATI Smart;ATI Smart; I:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096] S2 gupdate;Service Google Update (gupdate); I:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-27 133104] S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-06 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; i:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); I:\Program Files\WinPcap\rpcapd.exe -d -f I:\Program Files\WinPcap\rpcapd.ini [] S3 WLSetupSvc;Windows Live Setup Service; I:\Program Files\Windows Live\installer\WLSetupSvc.exe [] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; I:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2010-02-25 19:47:47 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 I:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 8.2.1 Professional-->msiexec /I {AC76BA86-1033-F400-7760-000000000003} Adobe Flash Player 10 ActiveX-->I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin-->I:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.2.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A82000000003} Adobe Shockwave Player 11.5-->I:\WINDOWS\system32\Adobe\uninstaller.exe Agfa ScanWise 2.00-->I:\WINDOWS\IsUn040c.exe -f"I:\Program Files\Agfa\ScanWise 2_00\uninst.isu" -c"I:\Program Files\Agfa\ScanWise 2_00\UNINSTALL.DLL" Ahead InCD EasyWrite Reader-->I:\WINDOWS\unmrw.exe /UNINSTALL Ahead Nero OEM-->I:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} ATI - Utilitaire de désinstallation du logiciel-->I:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center-->MsiExec.exe /I{86EC42B5-346E-4BAB-948D-58E021EA4BD1} ATI Display Driver-->rundll32 I:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI HYDRAVISION-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe" AudibleManager-->I:\Program Files\Audible\Bin\Upgrade.exe /Uninstall Avanquest update-->I:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly avast! Antivirus-->I:\Program Files\Alwil Software\Avast4\aswRunDll.exe "I:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Camfrog Video Chat 5.3-->"I:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe" CCleaner-->"I:\Program Files\CCleaner\uninst.exe" Correctif pour Lecteur Windows Media 11 (KB939683)-->"I:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"I:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"I:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Correctif pour Windows XP (KB970653-v3)-->"I:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Correctif pour Windows XP (KB976098-v2)-->"I:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"I:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Digsby-->I:\Program Files\Digsby\uninstall.exe Freecorder 4.0 Application-->"I:\WINDOWS\Freecorder\uninstall.exe" "/U:I:\Program Files\Freecorder\Uninstall\uninstall.xml" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466} High Definition Audio Driver Package - KB888111-->"I:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\KHG1H0VN\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->I:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->I:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"I:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Installation Windows Live-->I:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Lecteur Windows Media 11-->"I:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Live Downloader 1.1.0.0-->"I:\Program Files\Live Downloader\unins000.exe" Lotus Notes 7.0-->MsiExec.exe /I{628789DC-75F8-4302-A268-27EF628E6906} Ma-Config.com plugin-->MsiExec.exe /I{BF85A9D4-030F-4D2A-83CF-D4DDA0D3E68C} Magic ISO Maker v5.3 (build 0216)-->I:\PROGRA~1\MagicISO\UNWISE.EXE I:\PROGRA~1\MagicISO\INSTALL.LOG Malwarebytes' Anti-Malware-->"I:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB953297)-->"I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"I:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"I:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"I:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"I:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9} Microsoft Office XP Professional-->MsiExec.exe /I{9111040C-6000-11D3-8CFE-0050048383C9} Microsoft Office XP Small Business-->MsiExec.exe /I{9113040C-6000-11D3-8CFE-0050048383C9} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"I:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"I:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"I:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"I:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"I:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"I:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"I:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"I:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734)-->"I:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"I:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"I:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"I:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"I:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"I:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"I:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"I:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"I:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"I:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB978207)-->"I:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->I:\WINDOWS\system32\MacroMed\Flash\genuinst.exe I:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB938464)-->"I:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"I:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"I:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"I:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"I:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"I:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"I:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"I:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"I:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"I:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"I:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"I:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"I:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"I:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"I:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"I:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"I:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"I:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"I:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"I:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"I:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"I:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"I:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"I:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"I:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"I:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"I:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"I:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"I:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"I:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"I:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"I:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"I:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"I:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"I:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"I:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"I:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"I:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"I:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"I:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"I:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"I:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"I:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"I:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"I:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"I:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971486)-->"I:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"I:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"I:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"I:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"I:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"I:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"I:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"I:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973525)-->"I:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"I:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"I:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"I:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"I:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"I:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"I:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"I:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"I:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"I:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"I:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165)-->"I:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"I:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"I:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"I:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"I:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"I:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"I:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"I:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"I:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"I:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"I:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"I:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"I:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"I:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"I:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"I:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"I:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Motorola Phone Tools-->I:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe -runfromtemp -l0x0009 -removeonly Motorola Software Update-->MsiExec.exe /I{D523D985-7E7D-4A06-BEB6-3F49131A118C} Mozilla Firefox (3.0.13)-->I:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDFCreator-->I:\Program Files\PDFCreator\unins000.exe Philips ToUcam XS Camera-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\Philips ToUcam Camera\Kill820.exe" 820 ToUcamVProperty VProperty PyGrenouille version 1.12-->"I:\Program Files\PyGrenouille\unins000.exe" QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Realtek High Definition Audio Driver-->RunDll32 I:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly Registry Mechanic 7.0-->"I:\Program Files\Registry Mechanic\unins000.exe" Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Shadow Stream Recorder 3.0.1.7 2009.01.09-->"I:\Program Files\Mini-stream\Shadow Stream Recorder\unins000.exe" SopCast 3.2.4-->I:\Program Files\SopCast\uninst.exe Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Spybot - Search & Destroy-->"I:\Program Files\Spybot - Search & Destroy\unins000.exe" TagScanner 5.0 build 516-->"I:\Program Files\TagScanner\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->I:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Viewpoint Media Player-->I:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Winamp-->"I:\Program Files\Winamp\UninstWA.exe" Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Desktop Search 3.01-->"I:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe" Windows Imaging Component-->"I:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Internet Explorer 8-->"I:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Media Format 11 runtime-->"I:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"I:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"I:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"I:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" winpcap-nmap 4.02-->"I:\Program Files\WinPcap\uninstall.exe" WinRAR archiver-->I:\Program Files\WinRAR\uninstall.exe Yahoo! Messenger-->I:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U I:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Search Protection-->I:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE Yahoo! Software Update-->I:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE ======Security center information====== AV: avast! antivirus 4.8.1368 [VPS 100224-1] ======System event log====== Computer Name: MOA-UFMMC7CC2XD Event Code: 7036 Message: Le service Windows CardSpace est entré dans l'état : arrêté. Record Number: 2347 Source Name: Service Control Manager Time Written: 20100122212408.000000+060 Event Type: Informations User: Computer Name: MOA-UFMMC7CC2XD Event Code: 7035 Message: Un contrôle Arrêter a correctement été envoyé au service Windows CardSpace. Record Number: 2346 Source Name: Service Control Manager Time Written: 20100122212408.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: MOA-UFMMC7CC2XD Event Code: 7036 Message: Le service Windows CardSpace est entré dans l'état : en cours d'exécution. Record Number: 2345 Source Name: Service Control Manager Time Written: 20100122202359.000000+060 Event Type: Informations User: Computer Name: MOA-UFMMC7CC2XD Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Windows CardSpace. Record Number: 2344 Source Name: Service Control Manager Time Written: 20100122202358.000000+060 Event Type: Informations User: MOA-UFMMC7CC2XD\Propriétaire Computer Name: MOA-UFMMC7CC2XD Event Code: 7036 Message: Le service Carte de performance WMI est entré dans l'état : arrêté. Record Number: 2343 Source Name: Service Control Manager Time Written: 20100122202140.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: MOA-UFMMC7CC2XD Event Code: 1000 Message: Les compteurs de performances pour le service aspnet_state (ASP.NET State Service) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 21242 Source Name: LoadPerf Time Written: 20090823221722.000000+120 Event Type: Informations User: Computer Name: MOA-UFMMC7CC2XD Event Code: 1001 Message: Les compteurs de performances pour le service aspnet_state (ASP.NET State Service) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide. Record Number: 21241 Source Name: LoadPerf Time Written: 20090823221721.000000+120 Event Type: Informations User: Computer Name: MOA-UFMMC7CC2XD Event Code: 1001 Message: Les compteurs de performances pour le service ASP.NET_2.0.50727 (ASP.NET_2.0.50727) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide. Record Number: 21240 Source Name: LoadPerf Time Written: 20090823221715.000000+120 Event Type: Informations User: Computer Name: MOA-UFMMC7CC2XD Event Code: 1017 Message: Start registering ASP.NET (version 2.0.50727.0) (internal flag: 0x00000406) Record Number: 21239 Source Name: ASP.NET 2.0.50727.0 Time Written: 20090823221713.000000+120 Event Type: Informations User: Computer Name: MOA-UFMMC7CC2XD Event Code: 1025 Message: Produit : Microsoft .NET Framework 2.0 Service Pack 2. Le fichier i:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll est actuellement utilisé par le processus de nom 'jqs' et d'identificateur '1388'. Record Number: 21238 Source Name: MsiInstaller Time Written: 20090823221442.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;I:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=0407 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;I:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=I:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------

Logfile of random's system information tool 1.06 (written by random/random) Run by Propriétaire at 2010-02-25 22:24:54 Microsoft Windows XP Édition familiale Service Pack 3 System drive I: has 13 GB (17%) free of 76 GB Total RAM: 511 MB (11% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:25:20, on 25/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Windows Defender\MsMpEng.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe I:\Program Files\Alwil Software\Avast4\ashServ.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\Explorer.EXE I:\Program Files\Windows Defender\MSASCui.exe I:\WINDOWS\RTHDCPL.EXE I:\Program Files\ATI Technologies\ATI.ACE\cli.exe I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe I:\Program Files\Java\jre6\bin\jusched.exe I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe I:\Program Files\Messenger\msmsgs.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\Windows Desktop Search\WindowsSearch.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Java\jre6\bin\jqs.exe I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe I:\Program Files\lotus\notes\ntmulti.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe I:\WINDOWS\system32\SearchIndexer.exe I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Alwil Software\Avast4\ashWebSv.exe I:\WINDOWS\system32\taskmgr.exe I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\PyGrenouille\pygrenouille.exe I:\WINDOWS\system32\SearchProtocolHost.exe I:\Documents and Settings\Propriétaire\Mes documents\RSIT.exe I:\Program Files\trend micro\Propriétaire.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Windows Defender] "I:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATICCC] "I:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [YSearchProtection] "I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [search Protection] I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'Default user') O4 - Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = I:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Desktop Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/contr...vex/TmHcmsX.CAB O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://mail.airfrance.fr/s35/iNotes6W.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1207004692906 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1186123516187 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Multi-user Cleanup Service - IBM Corp - I:\Program Files\lotus\notes\ntmulti.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - I:\Program Files\WinPcap\rpcapd.exe (file missing) O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - I:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 11080 bytes ======Scheduled tasks folder====== I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job I:\WINDOWS\tasks\MP Scheduled Scan.job I:\WINDOWS\tasks\PCConfidential.job I:\WINDOWS\tasks\Registry Winner Schedule.job I:\WINDOWS\tasks\User_Feed_Synchronization-{E6895412-2799-40F3-B889-069966A82934}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2009-12-18 320928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=I:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320] "Alcmtr"=I:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "ATICCC"=I:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440] "avast!"=I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] "SunJavaUpdateSched"=I:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "Adobe ARM"=I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "QuickTime Task"=I:\Program Files\QuickTime\qttask.exe [2008-11-04 413696] "Adobe Reader Speed Launcher"=I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] "YSearchProtection"=I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=I:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] "ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "msnmsgr"=I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "Search Protection"=I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] I:\Program Files\Freecorder\FLVSrvc.exe /run [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] I:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2009-11-10 5244216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk] I:\DOCUME~1\PROPRI~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [] I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Barre d'état système d'ATI CATALYST.lnk - I:\Program Files\ATI Technologies\ATI.ACE\CLI.exe Microsoft Office.lnk - I:\Program Files\Microsoft Office\Office10\OSA.EXE Windows Desktop Search.lnk - I:\Program Files\Windows Desktop Search\WindowsSearch.exe I:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage Internet Explorer.lnk - I:\Program Files\Internet Explorer\iexplore.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] I:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=I:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=I:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\Program Files\Internet Explorer\iexplore.exe"="I:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "I:\Program Files\Yahoo!\Messenger\YServer.exe"="I:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "I:\Documents and Settings\Propriétaire\Bureau\msnmsgr.exe"="I:\Documents and Settings\Propriétaire\Bureau\msnmsgr.exe:*:Disabled:Windows Live Messenger" "I:\Program Files\DNA\btdna.exe"="I:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "I:\WINDOWS\system32\dpvsetup.exe"="I:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "I:\WINDOWS\system32\rundll32.exe"="I:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "I:\Program Files\AIM6\aim6.exe"="I:\Program Files\AIM6\aim6.exe:*:Disabled:AIM" "I:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="I:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Disabled:AOL Loader" "I:\Program Files\IncrediMail\bin\IncMail.exe"="I:\Program Files\IncrediMail\bin\IncMail.exe:*:Disabled:IncrediMail" "I:\Program Files\IncrediMail\bin\ImpCnt.exe"="I:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Disabled:IncrediMail" "I:\Program Files\IncrediMail\bin\ImApp.exe"="I:\Program Files\IncrediMail\bin\ImApp.exe:*:Disabled:IncrediMail" "I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4PEJOPEV\incredimail_install[1].exe"="I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4PEJOPEV\incredimail_install[1].exe:*:Disabled:IncrediMail Installer" "I:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe"="I:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:*:Disabled:IncrediMail Installer" "I:\Program Files\FrostWire\FrostWire.exe"="I:\Program Files\FrostWire\FrostWire.exe:*:Disabled:LimeWire" "I:\Program Files\Magentic\bin\MgImp.exe"="I:\Program Files\Magentic\bin\MgImp.exe:*:Disabled:Magentic" "I:\Program Files\Magentic\bin\MgApp.exe"="I:\Program Files\Magentic\bin\MgApp.exe:*:Disabled:Magentic" "I:\Program Files\Magentic\bin\Magentic.exe"="I:\Program Files\Magentic\bin\Magentic.exe:*:Disabled:Magentic" "I:\Program Files\AOL\Active Virus Shield\avp.exe"="I:\Program Files\AOL\Active Virus Shield\avp.exe:*:Disabled:Active Virus Shield" "I:\Program Files\BitComet\BitComet.exe"="I:\Program Files\BitComet\BitComet.exe:*:Disabled:BitComet - a BitTorrent Client" "I:\Program Files\BitTorrent\bittorrent.exe"="I:\Program Files\BitTorrent\bittorrent.exe:*:Disabled:BitTorrent" "I:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe"="I:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Disabled:Camfrog Client Module" "I:\Program Files\Motorola\Software Update\msu.exe"="I:\Program Files\Motorola\Software Update\msu.exe:*:Disabled:msu" "I:\Program Files\Winamp Remote\bin\Orb.exe"="I:\Program Files\Winamp Remote\bin\Orb.exe:*:Disabled:Orb" "I:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="I:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Disabled:Orb Stream Client" "I:\Program Files\Winamp Remote\bin\OrbTray.exe"="I:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Disabled:OrbTray" "I:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe"="I:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Disabled:Shareaza" "I:\Program Files\SopCast\adv\SopAdver.exe"="I:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver" "I:\Program Files\SopCast\SopCast.exe"="I:\Program Files\SopCast\SopCast.exe:*:Disabled:SopCast Main Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a56f2b7c-55f9-11de-8c77-00138fd9fd77}] shell\AutoRun\command - J:\start.exe ======List of files/folders created in the last 1 months====== 2010-02-25 19:47:11 ----D---- I:\Program Files\trend micro 2010-02-25 19:47:07 ----D---- I:\rsit 2010-02-16 09:54:00 ----D---- I:\Documents and Settings\All Users\Application Data\NOS 2010-01-27 12:23:22 ----A---- I:\WINDOWS\system32\ptpusb.dll 2010-01-27 12:23:20 ----A---- I:\WINDOWS\system32\ptpusd.dll ======List of files/folders modified in the last 1 months====== 2010-02-25 22:24:52 ----D---- I:\WINDOWS\Temp 2010-02-25 22:17:02 ----D---- I:\Program Files\Registry Mechanic 2010-02-25 22:13:32 ----D---- I:\Program Files\PyGrenouille 2010-02-25 22:07:21 ----RD---- I:\Program Files 2010-02-25 21:49:35 ----D---- I:\WINDOWS\system32\drivers 2010-02-25 21:49:35 ----D---- I:\WINDOWS\system32 2010-02-25 21:45:19 ----D---- I:\WINDOWS 2010-02-25 20:38:53 ----D---- I:\Program Files\Spybot - Search & Destroy 2010-02-25 20:38:51 ----D---- I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-02-25 19:04:36 ----D---- I:\WINDOWS\system32\CatRoot2 2010-02-25 19:04:31 ----SD---- I:\WINDOWS\Tasks 2010-02-25 08:59:27 ----A---- I:\WINDOWS\SchedLgU.Txt 2010-02-25 07:56:58 ----D---- I:\WINDOWS\Prefetch 2010-02-25 00:57:48 ----SHD---- I:\WINDOWS\Installer 2010-02-24 10:10:16 ----HD---- I:\WINDOWS\inf 2010-02-24 10:10:15 ----RSHDC---- I:\WINDOWS\system32\dllcache 2010-02-24 10:10:13 ----D---- I:\WINDOWS\ie8updates 2010-02-24 10:09:23 ----HD---- I:\WINDOWS\$hf_mig$ 2010-02-24 10:09:15 ----A---- I:\WINDOWS\imsins.BAK 2010-02-24 09:16:06 ----N---- I:\WINDOWS\system32\MpSigStub.exe 2010-02-22 08:01:45 ----D---- I:\Config.Msi 2010-02-16 20:27:40 ----SD---- I:\WINDOWS\Downloaded Program Files 2010-02-07 07:01:12 ----D---- I:\Program Files\Google 2010-02-05 20:22:24 ----D---- I:\Program Files\lotus 2010-02-01 20:26:20 ----A---- I:\WINDOWS\system32\MRT.exe 2010-01-28 22:34:36 ----SD---- I:\Documents and Settings\Propriétaire\Application Data\Microsoft 2010-01-27 12:08:43 ----D---- I:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; I:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 aswSP;avast! Self Protection; I:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; I:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 intelppm;Pilote de processeur Intel; I:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; I:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; I:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 aswFsBlk;aswFsBlk; I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; I:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 tmcomm;tmcomm; \??\I:\WINDOWS\system32\drivers\tmcomm.sys [] R3 aswRdr;aswRdr; I:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 ati2mtag;ati2mtag; I:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 Camdrv30;Philips ToUcam XS; I:\WINDOWS\System32\Drivers\camdrv30.sys [2001-08-17 171264] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; I:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; I:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 mouhid;Pilote HID de souris; I:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 tunmp;Pilote de carte miniport Tun Microsoft; I:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbccgp;Pilote parent générique USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; I:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 incdrm;InCD EasyWrite Reader; I:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520] S3 CCDECODE;Décodeur sous-titre fermé; I:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\I:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 GEARAspiWDM;GEAR ASPI Filter Driver; I:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [] S3 motccgp;Motorola USB Composite Device Driver; I:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-11-02 18176] S3 motccgpfl;MotCcgpFlService; I:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-23 7680] S3 MotDev;Motorola Inc. USB Device; I:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 42112] S3 motmodem;Motorola USB CDC ACM Driver; I:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-20 23680] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; I:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; I:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; I:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 QV2KUX;Appareil photo numérique Casio; I:\WINDOWS\System32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; I:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; I:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; I:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbscan;Pilote de scanneur USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 Wdf01000;Wdf01000; I:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; I:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; I:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 XUIF;X10 USB Wireless Transceiver; I:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; I:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 aswUpdSv;avast! iAVS4 Control Service; I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 Ati HotKey Poller;Ati HotKey Poller; I:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; I:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 MDM;Machine Debug Manager; I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 Multi-user Cleanup Service;Multi-user Cleanup Service; I:\Program Files\lotus\notes\ntmulti.exe [2005-08-15 53248] R2 WinDefend;Windows Defender; I:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WSearch;Recherche Windows; I:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032] R2 YahooAUService;Yahoo! Updater; I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] R3 avast! Mail Scanner;avast! Mail Scanner; I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] S2 ATI Smart;ATI Smart; I:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096] S2 gupdate;Service Google Update (gupdate); I:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-27 133104] S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 avast! Web Scanner;avast! Web Scanner; I:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-06 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; i:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); I:\Program Files\WinPcap\rpcapd.exe -d -f I:\Program Files\WinPcap\rpcapd.ini [] S3 WLSetupSvc;Windows Live Setup Service; I:\Program Files\Windows Live\installer\WLSetupSvc.exe [] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; I:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

tu me dis : Ton rapport démontre une infection, En bas de la réponse Dans signaler un contenue abusif Tu demandes un transfert pour la désinfection avec L'URL de ton post et je fais quoi alors?

Mon PC a un processor Pentium D CPU 2.80 HHtz avec 512 de RAM , et une carte Radeon 9250

Bonsoir depuis plusieurs mois monOP est extrêment lent aun démarrage. J'ai fait un check ont le résultat est ci-dessous Mer d'avance pour vo conseils et ais pour retrouerun fontionnemet normal Cordialement Logfile of random's system information tool 1.06 (written by random/random) Run by Propriétaire at 2010-02-25 19:47:07 Microsoft Windows XP Édition familiale Service Pack 3 System drive I: has 13 GB (17%) free of 76 GB Total RAM: 511 MB (13% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:47:39, on 25/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Windows Defender\MsMpEng.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe I:\Program Files\Alwil Software\Avast4\ashServ.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\Explorer.EXE I:\Program Files\Windows Defender\MSASCui.exe I:\WINDOWS\RTHDCPL.EXE I:\Program Files\ATI Technologies\ATI.ACE\cli.exe I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe I:\Program Files\Java\jre6\bin\jusched.exe I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe I:\Program Files\Messenger\msmsgs.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\Windows Desktop Search\WindowsSearch.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Java\jre6\bin\jqs.exe I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe I:\Program Files\lotus\notes\ntmulti.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe I:\WINDOWS\system32\SearchIndexer.exe I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Alwil Software\Avast4\ashWebSv.exe I:\WINDOWS\system32\taskmgr.exe I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe I:\Program Files\Internet Explorer\iexplore.exe I:\WINDOWS\system32\SearchProtocolHost.exe I:\WINDOWS\system32\SearchProtocolHost.exe I:\Documents and Settings\Propriétaire\Mes documents\RSIT.exe I:\Program Files\trend micro\Propriétaire.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Windows Defender] "I:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATICCC] "I:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [YSearchProtection] "I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [search Protection] I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'Default user') O4 - Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = I:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Desktop Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/contr...vex/TmHcmsX.CAB O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://mail.airfrance.fr/s35/iNotes6W.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1207004692906 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1186123516187 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Multi-user Cleanup Service - IBM Corp - I:\Program Files\lotus\notes\ntmulti.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - I:\Program Files\WinPcap\rpcapd.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - I:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 11054 bytes ======Scheduled tasks folder====== I:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job I:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job I:\WINDOWS\tasks\MP Scheduled Scan.job I:\WINDOWS\tasks\PCConfidential.job I:\WINDOWS\tasks\Registry Winner Schedule.job I:\WINDOWS\tasks\User_Feed_Synchronization-{E6895412-2799-40F3-B889-069966A82934}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2009-12-18 320928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=I:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "RTHDCPL"=I:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320] "Alcmtr"=I:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "ATICCC"=I:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440] "avast!"=I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] "SunJavaUpdateSched"=I:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "Adobe ARM"=I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "QuickTime Task"=I:\Program Files\QuickTime\qttask.exe [2008-11-04 413696] "Adobe Reader Speed Launcher"=I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] "YSearchProtection"=I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=I:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] "ctfmon.exe"=I:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "msnmsgr"=I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "Search Protection"=I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service] I:\Program Files\Freecorder\FLVSrvc.exe [2009-11-15 158752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] I:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2009-11-10 5244216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^Propriétaire^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk] I:\DOCUME~1\PROPRI~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [] I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Barre d'état système d'ATI CATALYST.lnk - I:\Program Files\ATI Technologies\ATI.ACE\CLI.exe Microsoft Office.lnk - I:\Program Files\Microsoft Office\Office10\OSA.EXE Windows Desktop Search.lnk - I:\Program Files\Windows Desktop Search\WindowsSearch.exe I:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage Internet Explorer.lnk - I:\Program Files\Internet Explorer\iexplore.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] I:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=I:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=I:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\Program Files\Internet Explorer\iexplore.exe"="I:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "I:\Program Files\Yahoo!\Messenger\YServer.exe"="I:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "I:\Documents and Settings\Propriétaire\Bureau\msnmsgr.exe"="I:\Documents and Settings\Propriétaire\Bureau\msnmsgr.exe:*:Disabled:Windows Live Messenger" "I:\Program Files\DNA\btdna.exe"="I:\Program Files\DNA\btdna.exe:*:Enabled:DNA" "I:\WINDOWS\system32\dpvsetup.exe"="I:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "I:\WINDOWS\system32\rundll32.exe"="I:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "I:\Program Files\AIM6\aim6.exe"="I:\Program Files\AIM6\aim6.exe:*:Disabled:AIM" "I:\Program Files\Fichiers communs\AOL\Loader\aolload.exe"="I:\Program Files\Fichiers communs\AOL\Loader\aolload.exe:*:Disabled:AOL Loader" "I:\Program Files\IncrediMail\bin\IncMail.exe"="I:\Program Files\IncrediMail\bin\IncMail.exe:*:Disabled:IncrediMail" "I:\Program Files\IncrediMail\bin\ImpCnt.exe"="I:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Disabled:IncrediMail" "I:\Program Files\IncrediMail\bin\ImApp.exe"="I:\Program Files\IncrediMail\bin\ImApp.exe:*:Disabled:IncrediMail" "I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4PEJOPEV\incredimail_install[1].exe"="I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\4PEJOPEV\incredimail_install[1].exe:*:Disabled:IncrediMail Installer" "I:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe"="I:\Documents and Settings\Propriétaire\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:*:Disabled:IncrediMail Installer" "I:\Program Files\FrostWire\FrostWire.exe"="I:\Program Files\FrostWire\FrostWire.exe:*:Disabled:LimeWire" "I:\Program Files\Magentic\bin\MgImp.exe"="I:\Program Files\Magentic\bin\MgImp.exe:*:Disabled:Magentic" "I:\Program Files\Magentic\bin\MgApp.exe"="I:\Program Files\Magentic\bin\MgApp.exe:*:Disabled:Magentic" "I:\Program Files\Magentic\bin\Magentic.exe"="I:\Program Files\Magentic\bin\Magentic.exe:*:Disabled:Magentic" "I:\Program Files\AOL\Active Virus Shield\avp.exe"="I:\Program Files\AOL\Active Virus Shield\avp.exe:*:Disabled:Active Virus Shield" "I:\Program Files\BitComet\BitComet.exe"="I:\Program Files\BitComet\BitComet.exe:*:Disabled:BitComet - a BitTorrent Client" "I:\Program Files\BitTorrent\bittorrent.exe"="I:\Program Files\BitTorrent\bittorrent.exe:*:Disabled:BitTorrent" "I:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe"="I:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe:*:Disabled:Camfrog Client Module" "I:\Program Files\Motorola\Software Update\msu.exe"="I:\Program Files\Motorola\Software Update\msu.exe:*:Disabled:msu" "I:\Program Files\Winamp Remote\bin\Orb.exe"="I:\Program Files\Winamp Remote\bin\Orb.exe:*:Disabled:Orb" "I:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="I:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Disabled:Orb Stream Client" "I:\Program Files\Winamp Remote\bin\OrbTray.exe"="I:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Disabled:OrbTray" "I:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe"="I:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Disabled:Shareaza" "I:\Program Files\SopCast\adv\SopAdver.exe"="I:\Program Files\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver" "I:\Program Files\SopCast\SopCast.exe"="I:\Program Files\SopCast\SopCast.exe:*:Disabled:SopCast Main Application" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "I:\Program Files\Windows Live\Messenger\wlcsdk.exe"="I:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a56f2b7c-55f9-11de-8c77-00138fd9fd77}] shell\AutoRun\command - J:\start.exe ======List of files/folders created in the last 1 months====== 2010-02-25 19:47:11 ----D---- I:\Program Files\trend micro 2010-02-25 19:47:07 ----D---- I:\rsit 2010-02-24 10:09:01 ----HDC---- I:\WINDOWS\$NtUninstallKB979306$ 2010-02-16 09:54:00 ----D---- I:\Documents and Settings\All Users\Application Data\NOS 2010-02-09 23:44:42 ----HDC---- I:\WINDOWS\$NtUninstallKB978262$ 2010-02-09 23:44:31 ----HDC---- I:\WINDOWS\$NtUninstallKB971468$ 2010-02-09 23:40:52 ----HDC---- I:\WINDOWS\$NtUninstallKB978037$ 2010-02-09 23:40:44 ----HDC---- I:\WINDOWS\$NtUninstallKB975713$ 2010-02-09 23:40:35 ----HDC---- I:\WINDOWS\$NtUninstallKB978251$ 2010-02-09 23:40:20 ----HDC---- I:\WINDOWS\$NtUninstallKB975560$ 2010-02-09 23:38:17 ----HDC---- I:\WINDOWS\$NtUninstallKB977914$ 2010-02-09 23:37:43 ----HDC---- I:\WINDOWS\$NtUninstallKB977165$ 2010-01-27 12:23:22 ----A---- I:\WINDOWS\system32\ptpusb.dll 2010-01-27 12:23:20 ----A---- I:\WINDOWS\system32\ptpusd.dll ======List of files/folders modified in the last 1 months====== 2010-02-25 19:47:11 ----RD---- I:\Program Files 2010-02-25 19:47:07 ----D---- I:\WINDOWS\Temp 2010-02-25 19:04:36 ----D---- I:\WINDOWS\system32\CatRoot2 2010-02-25 19:04:31 ----SD---- I:\WINDOWS\Tasks 2010-02-25 19:02:38 ----D---- I:\WINDOWS 2010-02-25 08:59:27 ----A---- I:\WINDOWS\SchedLgU.Txt 2010-02-25 07:56:58 ----D---- I:\WINDOWS\Prefetch 2010-02-25 00:57:48 ----SHD---- I:\WINDOWS\Installer 2010-02-24 10:10:16 ----HD---- I:\WINDOWS\inf 2010-02-24 10:10:15 ----RSHDC---- I:\WINDOWS\system32\dllcache 2010-02-24 10:10:15 ----D---- I:\WINDOWS\system32 2010-02-24 10:10:13 ----D---- I:\WINDOWS\ie8updates 2010-02-24 10:09:23 ----HD---- I:\WINDOWS\$hf_mig$ 2010-02-24 10:09:15 ----A---- I:\WINDOWS\imsins.BAK 2010-02-24 09:16:06 ----N---- I:\WINDOWS\system32\MpSigStub.exe 2010-02-22 08:01:45 ----D---- I:\Config.Msi 2010-02-16 20:27:40 ----SD---- I:\WINDOWS\Downloaded Program Files 2010-02-09 23:44:33 ----D---- I:\WINDOWS\system32\drivers 2010-02-07 07:01:12 ----D---- I:\Program Files\Google 2010-02-05 20:22:24 ----D---- I:\Program Files\lotus 2010-02-01 20:26:20 ----A---- I:\WINDOWS\system32\MRT.exe 2010-01-28 22:34:36 ----SD---- I:\Documents and Settings\Propriétaire\Application Data\Microsoft 2010-01-27 12:08:43 ----D---- I:\Program Files\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; I:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 aswSP;avast! Self Protection; I:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; I:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 intelppm;Pilote de processeur Intel; I:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; I:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 Tcpip6;Pilote du protocole IPv6 Microsoft; I:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856] R2 aswFsBlk;aswFsBlk; I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; I:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 npf;NetGroup Packet Filter Driver; I:\WINDOWS\system32\drivers\npf.sys [2009-07-06 34064] R2 tmcomm;tmcomm; \??\I:\WINDOWS\system32\drivers\tmcomm.sys [] R3 aswRdr;aswRdr; I:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 ati2mtag;ati2mtag; I:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 Camdrv30;Philips ToUcam XS; I:\WINDOWS\System32\Drivers\camdrv30.sys [2001-08-17 171264] R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; I:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; I:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Pilote de classe HID Microsoft; I:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); I:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 mouhid;Pilote HID de souris; I:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-28 12288] R3 tunmp;Pilote de carte miniport Tun Microsoft; I:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288] R3 usbccgp;Pilote parent générique USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbstor;Pilote de stockage de masse USB; I:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; I:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] S1 incdrm;InCD EasyWrite Reader; I:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520] S3 CCDECODE;Décodeur sous-titre fermé; I:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\I:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 GEARAspiWDM;GEAR ASPI Filter Driver; I:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [] S3 motccgp;Motorola USB Composite Device Driver; I:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-11-02 18176] S3 motccgpfl;MotCcgpFlService; I:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-23 7680] S3 MotDev;Motorola Inc. USB Device; I:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 42112] S3 motmodem;Motorola USB CDC ACM Driver; I:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-20 23680] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; I:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; I:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Pilote du Moniteur réseau; I:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 QV2KUX;Appareil photo numérique Casio; I:\WINDOWS\System32\DRIVERS\qv2kux.sys [2001-08-17 3328] S3 SLIP;Détrameur décalage BDA; I:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; I:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 USBAAPL;Apple Mobile USB Driver; I:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbscan;Pilote de scanneur USB; I:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 Wdf01000;Wdf01000; I:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; I:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;Codec Teletext standard; I:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 XUIF;X10 USB Wireless Transceiver; I:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 6to4;Service d'application d'assistance IPv6; I:\WINDOWS\system32\svchost.exe [2008-04-13 14336] R2 aswUpdSv;avast! iAVS4 Control Service; I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 Ati HotKey Poller;Ati HotKey Poller; I:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; I:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 MDM;Machine Debug Manager; I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 Multi-user Cleanup Service;Multi-user Cleanup Service; I:\Program Files\lotus\notes\ntmulti.exe [2005-08-15 53248] R2 WinDefend;Windows Defender; I:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WSearch;Recherche Windows; I:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032] R2 YahooAUService;Yahoo! Updater; I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] R3 avast! Mail Scanner;avast! Mail Scanner; I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 idsvc;Windows CardSpace; i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S2 ATI Smart;ATI Smart; I:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096] S2 gupdate;Service Google Update (gupdate); I:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-27 133104] S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 avast! Web Scanner;avast! Web Scanner; I:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-06 654848] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; i:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); I:\Program Files\WinPcap\rpcapd.exe [2009-07-06 92792] S3 WLSetupSvc;Windows Live Setup Service; I:\Program Files\Windows Live\installer\WLSetupSvc.exe [] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; I:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

Bonjour mon PC est toujours extrement lent au démarrage ( 20 minutes à attendre au moins sans rien toucher ... et parfois il faut même le relancer et attendre autant. Quand je ne l'utlise pas pendant un week end , c est pire encore , avec WXindows defender ou je ne sais quoi qui fait des contrôles ). J'utilise Avast et Windows Defender J'ai lancé Hijackthis Voici le Blog Notes, mais c'est du chinois pour moi. Avant de supprimer quoi que soit , qui pourrait m'aider? que faut il faire? en mode sans échec? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:56:47, on 25/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\Ati2evxx.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Windows Defender\MsMpEng.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe I:\Program Files\Alwil Software\Avast4\ashServ.exe I:\WINDOWS\Explorer.EXE I:\Program Files\Windows Defender\MSASCui.exe I:\WINDOWS\RTHDCPL.EXE I:\Program Files\ATI Technologies\ATI.ACE\cli.exe I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe I:\Program Files\Java\jre6\bin\jusched.exe I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe I:\Program Files\Messenger\msmsgs.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\Program Files\Windows Desktop Search\WindowsSearch.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\Java\jre6\bin\jqs.exe I:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe I:\Program Files\lotus\notes\ntmulti.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\SearchIndexer.exe I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe I:\Program Files\Alwil Software\Avast4\ashWebSv.exe I:\WINDOWS\system32\taskmgr.exe I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe I:\Program Files\Windows Live\Contacts\wlcomm.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Internet Explorer\iexplore.exe I:\Program Files\Internet Explorer\iexplore.exe i:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe I:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\KHG1H0VN\HiJackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com/?fr=fp-yie8 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [Windows Defender] "I:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATICCC] "I:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "I:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [YSearchProtection] "I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKCU\..\Run: [MSMSGS] "I:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [search Protection] I:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] I:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe (User 'Default user') O4 - Startup: Internet Explorer.lnk = I:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = I:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Windows Desktop Search.lnk = I:\Program Files\Windows Desktop Search\WindowsSearch.exe O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - I:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633 O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/contr...vex/TmHcmsX.CAB O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europe.com/...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://mail.airfrance.fr/s35/iNotes6W.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1207004692906 O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1186123516187 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichier...ion_2_0_4_9.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Multi-user Cleanup Service - IBM Corp - I:\Program Files\lotus\notes\ntmulti.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - I:\Program Files\WinPcap\rpcapd.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - I:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe Merci pour votre aide