ringosuperstar

Salut Thanos, Gros merci à toi pour ton aide! bonne continuation, Ringo

Salut, Alors voila le rapport généré: Logfile of random's system information tool 1.07 (written by random/random) Run by Sylvain at 2010-05-16 12:17:16 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 7 GB (7%) free of 108 GB Total RAM: 2046 MB (68% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:17:24, on 16/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Tall Emu\Online Armor\OAcat.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Creative\Mixer\CTSVolFE.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Dell Support\DSAgnt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\3M\PSNLite\PsnLite.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Sylvain\Bureau\RSIT.exe C:\Program Files\trend micro\Sylvain.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/nwshp?hl=fr&tab=wn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvaintahiti.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170750919182 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/upl...ileUploader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\OAcat.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Tall Emu\Online Armor\oasrv.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe -- End of file - 13378 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\User_Feed_Synchronization-{F40906B2-F0F4-44CB-997A-1356D745A1F5}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-20 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-04-03 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-10-11 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-11 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-20 2436160] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] "SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2006-03-25 282624] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947] "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-05-01 667718] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-05-01 602182] "CTSVolFE.exe"=C:\Program Files\Creative\Mixer\CTSVolFE.exe [2005-02-23 57344] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-06 127035] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-07-27 81920] "PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2006-08-22 184320] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-03-03 257088] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] "@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2010-04-20 6678008] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DellSupport"=C:\Program Files\Dell Support\DSAgnt.exe [2006-08-28 395776] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-30 68856] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-05-23 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-16 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2010-04-20 925688] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-05-16 12:13:43 ----D---- C:\rsit 2010-05-14 19:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-05-14 19:22:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-05-14 16:13:54 ----D---- C:\Documents and Settings\All Users\Application Data\OnlineArmor 2010-05-14 16:13:53 ----D---- C:\Documents and Settings\Sylvain\Application Data\OnlineArmor 2010-05-14 16:13:30 ----D---- C:\Program Files\Tall Emu 2010-05-14 14:13:35 ----RASHD---- C:\autorun.inf 2010-05-14 03:21:23 ----D---- C:\WINDOWS\system32\NtmsData 2010-05-14 03:17:26 ----SHD---- C:\RECYCLER 2010-05-14 03:16:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-05-14 02:44:40 ----D---- C:\WINDOWS\temp 2010-05-14 01:01:20 ----A---- C:\Boot.bak 2010-05-14 01:01:12 ----RASHD---- C:\cmdcons 2010-05-14 00:54:44 ----D---- C:\WINDOWS\ERDNT 2010-05-14 00:24:34 ----D---- C:\Program Files\trend micro 2010-05-13 22:48:40 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-13 22:47:10 ----D---- C:\WINDOWS\SoftwareDistribution 2010-05-13 21:03:00 ----A---- C:\WINDOWS\UPGRADE.TXT 2010-05-13 21:02:08 ----A---- C:\WINDOWS\imsins.BAK 2010-05-12 16:28:04 ----D---- C:\Documents and Settings\Sylvain\Application Data\Uniblue 2010-05-12 02:02:50 ----A---- C:\WINDOWS\ntbtlog.txt 2010-05-11 09:34:52 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\java.exe 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-04-30 19:05:38 ----D---- C:\Program Files\ESET 2010-04-21 09:47:47 ----D---- C:\Documents and Settings\Sylvain\Application Data\Avira 2010-04-21 09:45:34 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-04-21 09:19:09 ----D---- C:\Documents and Settings\Sylvain\Application Data\Malwarebytes 2010-04-21 09:18:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-21 09:18:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-04-19 17:40:06 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2010-04-19 16:33:38 ----A---- C:\WINDOWS\system32\Log_20100419_163338_3354.txt 2010-04-19 16:33:37 ----A---- C:\WINDOWS\system32\Log_20100419_163337_3264.txt 2010-04-19 16:33:35 ----A---- C:\WINDOWS\system32\Log_20100419_163335_2010.txt 2010-04-19 16:33:34 ----A---- C:\WINDOWS\system32\Log_20100419_163334_2AE0.txt 2010-04-19 16:33:32 ----A---- C:\WINDOWS\system32\Log_20100419_163332_24C0.txt 2010-04-19 16:33:30 ----A---- C:\WINDOWS\system32\Log_20100419_163330_2498.txt 2010-04-19 16:33:28 ----A---- C:\WINDOWS\system32\Log_20100419_163328_2C20.txt 2010-04-19 16:33:26 ----A---- C:\WINDOWS\system32\Log_20100419_163326_28BC.txt 2010-04-19 16:33:24 ----A---- C:\WINDOWS\system32\Log_20100419_163324_26E8.txt 2010-04-19 16:33:23 ----A---- C:\WINDOWS\system32\Log_20100419_163323_2A98.txt 2010-04-19 16:33:21 ----A---- C:\WINDOWS\system32\Log_20100419_163321_2A80.txt 2010-04-19 16:33:15 ----A---- C:\WINDOWS\system32\Log_20100419_163315_2DA8.txt 2010-04-19 16:27:32 ----D---- C:\Program Files\PixiePack Codec Pack 2010-04-19 16:23:27 ----D---- C:\Program Files\RapidSolution 2010-04-19 16:23:27 ----D---- C:\Documents and Settings\All Users\Application Data\RapidSolution 2010-04-19 15:30:14 ----D---- C:\Documents and Settings\Sylvain\Application Data\Python-Eggs 2010-04-19 15:21:20 ----A---- C:\WINDOWS\system32\moovida.exe 2010-04-19 14:21:17 ----D---- C:\Documents and Settings\Sylvain\Application Data\FreeCDRipper 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\WMAFile.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\TABCTFR.DLL 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\inetfr.DLL 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudPlayer.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudioVisu.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudioRecord.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudioInfos.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudFile.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudDisplay.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudDesign.dll 2010-04-19 14:20:25 ----D---- C:\Program Files\Free Audio Pack 2010-04-19 14:20:25 ----D---- C:\Documents and Settings\Sylvain\Application Data\FreeAudioPack 2010-04-19 14:20:25 ----A---- C:\WINDOWS\system32\lame_enc.dll 2010-04-19 14:20:25 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL 2010-04-18 18:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-04-18 18:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-04-18 18:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-04-18 18:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-04-18 18:44:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-04-18 18:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ ======List of files/folders modified in the last 1 months====== 2010-05-16 12:15:08 ----D---- C:\WINDOWS\Prefetch 2010-05-16 12:08:19 ----D---- C:\WINDOWS 2010-05-16 12:07:58 ----D---- C:\MDT 2010-05-16 12:07:17 ----D---- C:\WINDOWS\Registration 2010-05-16 12:07:08 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt 2010-05-15 16:48:04 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-15 16:16:22 ----RD---- C:\Program Files 2010-05-15 16:16:22 ----D---- C:\Program Files\Windows NT 2010-05-15 13:28:33 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-05-15 01:28:54 ----SHD---- C:\System Volume Information 2010-05-15 01:28:54 ----D---- C:\WINDOWS\system32\Restore 2010-05-14 23:19:07 ----D---- C:\WINDOWS\system32 2010-05-14 19:23:05 ----HD---- C:\WINDOWS\inf 2010-05-14 19:22:59 ----D---- C:\WINDOWS\system32\dllcache 2010-05-14 19:22:58 ----D---- C:\WINDOWS\system32\drivers 2010-05-14 19:22:53 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-14 19:20:57 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-14 17:54:54 ----D---- C:\WINDOWS\Provisioning 2010-05-14 16:35:51 ----D---- C:\WINDOWS\Internet Logs 2010-05-14 16:15:23 ----D---- C:\Program Files\a-squared Free 2010-05-14 16:11:21 ----D---- C:\Documents and Settings\Sylvain\Application Data\Spybot - Search & Destroy 2010-05-14 16:11:21 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-14 03:16:52 ----D---- C:\WINDOWS\Debug 2010-05-14 03:16:43 ----SHD---- C:\WINDOWS\Installer 2010-05-14 03:16:22 ----D---- C:\Program Files\Outlook Express 2010-05-14 02:47:17 ----A---- C:\WINDOWS\system.ini 2010-05-14 02:42:40 ----D---- C:\WINDOWS\AppPatch 2010-05-14 02:42:32 ----D---- C:\Program Files\Fichiers communs 2010-05-14 02:40:07 ----D---- C:\WINDOWS\ehome 2010-05-14 01:29:33 ----SD---- C:\WINDOWS\Tasks 2010-05-14 01:20:27 ----D---- C:\Program Files\Windows Media Player 2010-05-14 01:20:26 ----D---- C:\Program Files\iTunes 2010-05-14 01:20:24 ----D---- C:\Program Files\Dell Support 2010-05-14 01:18:35 ----D---- C:\WINDOWS\system32\config 2010-05-14 01:17:04 ----D---- C:\Program Files\Internet Explorer 2010-05-14 01:01:21 ----RASH---- C:\boot.ini 2010-05-13 23:04:20 ----RSD---- C:\WINDOWS\Fonts 2010-05-13 22:51:47 ----RD---- C:\WINDOWS\Web 2010-05-11 09:34:51 ----D---- C:\Program Files\Fichiers communs\Java 2010-05-11 09:32:40 ----D---- C:\Program Files\Java 2010-05-02 23:07:41 ----SHD---- C:\WINDOWS\CSC 2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe 2010-04-25 12:07:46 ----D---- C:\WINDOWS\WinSxS 2010-04-21 14:11:46 ----D---- C:\Program Files\Avira 2010-04-21 12:23:48 ----D---- C:\WINDOWS\network diagnostic 2010-04-21 10:09:14 ----D---- C:\WINDOWS\repair 2010-04-21 09:31:16 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$ 2010-04-20 00:13:40 ----A---- C:\WINDOWS\wininit.ini 2010-04-19 16:22:45 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-04-19 15:29:42 ----SD---- C:\Documents and Settings\Sylvain\Application Data\Microsoft 2010-04-18 18:44:01 ----D---- C:\WINDOWS\ie8updates ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys [] R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys [] R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys [] R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-22 21275] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480] R2 hnmwrlspkt;HomeNet Manager Wireless Protocol; C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys [2006-01-13 13696] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059] R2 Packet;Auto Internet Protocol; C:\WINDOWS\system32\DRIVERS\packet.sys [2006-01-13 13312] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-05-01 13568] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603] R2 wsppkt;Wireless Security Protocol; C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys [2006-01-13 13568] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-23 1578496] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-08-25 44544] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys [] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-20 15664] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-22 201600] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-10-14 28544] R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-10-14 51328] R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-10-14 307968] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-25 1156648] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-27 1429632] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20080421.001\symidsco.sys [] S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2009-01-23 37664] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944] S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368] S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2010-04-20 1872320] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432] R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-23 409600] R2 Creative Labs Licensing Service;Creative Labs Licensing Service; C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe [2007-02-10 69632] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-05-01 114753] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-11 153376] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\OAcat.exe [2010-04-20 1284600] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-05-01 217164] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-05-01 540745] R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2006-05-01 262217] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-03-03 500800] R3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-11-03 918016] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 nscpjapu;Synaptics TouchPad Support; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2010-04-20 3364856] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-06 138168] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- Merci à toi, Ringo

voila le rapport d'ESET: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=9d2efb7476a0ab4f928ba418420501e4 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-05-15 02:00:21 # local_time=2010-05-15 04:00:21 (+0100, Europe de l'Ouest (heure d'été)) # country="France" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 133857 133857 0 0 # compatibility_mode=1797 16775141 100 93 0 33016429 116084 0 # compatibility_mode=6401 16777214 66 100 75009 2191978 0 0 # compatibility_mode=8192 67108863 100 0 1276198 1276198 0 0 # compatibility_mode=9217 16777214 0 4 75585 75585 0 0 # scanned=100587 # found=0 # cleaned=0 # scan_time=8700 Ca à l'air bon, je peux accéder à windows update, pc plus rapide, et avira ne voit plus le trojan Hijacker!!

Salut Thanos, j'ai un pb avec Kaspersky online. Il fait la mise à jour du programme, puis la mise à jour de la base de donnée et après il affiche "error: la licence est périmée". En bas à gauche de l'écran c'est écrit "impossible de vérifier la licence". Je ne peux pas lancer l'analyse. J'ai réessayé plusieurs fois masi le pb est identique. Aurais tu une idée? Merci, ringo

Salut Thanos, Alors CF s'est bien exécuté mais à la fin il n'a pas affiché la boite de message et n'a pas essayé l'envoie du fichier archivé. Aussi le fichier CF-submit.htm n'a pas été créé. Par contre j'ai bien un nouveau rapport CF: ComboFix 10-05-13.03 - Sylvain 14/05/2010 2:40.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1379 [GMT 2:00] Lancé depuis: c:\documents and settings\Sylvain\Bureau\ringosuperstar.exe Commutateurs utilisés :: c:\documents and settings\Sylvain\Bureau\CFScript.txt AV: *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} FILE :: "c:\documents and settings\All Users\Application Data\F05wYg.dat" "c:\windows\Internet Logs\xDB1.tmp" "c:\windows\Internet Logs\xDB2.tmp" "c:\windows\system32\drivers\TDSSKiller.exe" "c:\windows\system32\TDSSKiller.exe" "c:\windows\TDSSKiller.exe" file zipped: c:\windows\system32\opaqcx.dll . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\F05wYg.dat c:\documents and settings\Sylvain\Application Data\BILEVSE c:\documents and settings\Sylvain\Application Data\BILEVSE\RegistryConvoy2009\Backup\Registry\20100513194832.reg c:\windows\Internet Logs\xDB1.tmp c:\windows\Internet Logs\xDB2.tmp c:\windows\system32\drivers\TDSSKiller.exe c:\windows\system32\opaqcx.dll c:\windows\system32\TDSSKiller.exe c:\windows\TDSSKiller.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-14 au 2010-05-14 )))))))))))))))))))))))))))))))))))) . 2010-05-13 22:24 . 2010-05-13 22:24 -------- d-----w- C:\rsit 2010-05-13 22:24 . 2010-05-13 22:24 -------- d-----w- c:\program files\trend micro 2010-05-13 21:04 . 2010-05-13 21:04 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-05-13 21:04 . 2010-05-13 21:04 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2010-05-13 20:48 . 2010-05-14 00:47 -------- d-----w- c:\windows\system32\CatRoot2 2010-05-12 15:15 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-05-12 15:14 . 2010-05-12 15:14 -------- d-----w- c:\program files\Panda Security 2010-05-12 14:28 . 2010-05-12 14:28 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Uniblue 2010-05-12 14:27 . 2010-05-12 14:27 -------- d-----w- c:\program files\Uniblue 2010-05-11 23:23 . 2010-05-12 14:35 -------- d-----w- c:\program files\CCleaner 2010-05-11 07:33 . 2010-05-11 07:32 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-30 17:05 . 2010-04-30 17:05 -------- d-----w- c:\program files\ESET 2010-04-22 21:36 . 2010-04-22 21:36 -------- d-sh--w- c:\documents and settings\Administrateur\PrivacIE 2010-04-22 21:34 . 2010-04-22 21:34 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2010-04-22 17:38 . 2010-04-22 17:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Avira 2010-04-22 17:37 . 2010-04-22 17:37 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache 2010-04-21 07:47 . 2010-04-21 07:47 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Avira 2010-04-21 07:45 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-04-21 07:45 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-04-21 07:45 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-04-21 07:45 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-04-21 07:45 . 2010-04-21 07:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-04-21 07:19 . 2010-04-21 07:19 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Malwarebytes 2010-04-21 07:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-21 07:18 . 2010-05-03 12:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-21 07:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-21 07:18 . 2010-04-21 07:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-04-19 22:00 . 2010-04-19 22:00 -------- d-----r- c:\documents and settings\LocalService\Favoris 2010-04-19 22:00 . 2010-04-19 22:00 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-04-19 16:05 . 2010-05-14 00:46 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2010-04-19 14:29 . 2010-04-19 14:29 -------- d-----w- c:\documents and settings\Sylvain\Local Settings\Application Data\RapidSolution 2010-04-19 14:27 . 2010-04-19 14:27 -------- d-----w- c:\program files\PixiePack Codec Pack 2010-04-19 14:23 . 2010-04-19 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution 2010-04-19 14:23 . 2010-04-19 14:23 -------- d-----w- c:\program files\RapidSolution 2010-04-19 13:30 . 2010-04-19 14:02 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Python-Eggs 2010-04-19 13:30 . 2010-04-19 14:03 -------- d-----w- c:\documents and settings\Sylvain\.moovida 2010-04-19 13:21 . 2010-04-19 13:28 32193656 ----a-w- c:\windows\system32\moovida.exe 2010-04-19 12:21 . 2010-04-19 12:24 -------- d-----w- c:\documents and settings\Sylvain\Application Data\FreeCDRipper . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-14 00:48 . 2008-04-22 16:39 29665312 ----a-w- c:\windows\system32\drivers\fidbox.dat 2010-05-14 00:45 . 2008-04-22 16:39 351752 ----a-w- c:\windows\system32\drivers\fidbox.idx 2010-05-13 23:20 . 2007-05-06 06:18 -------- d-----w- c:\program files\iTunes 2010-05-13 23:20 . 2006-11-21 23:32 -------- d-----w- c:\program files\Dell Support 2010-05-12 15:04 . 2007-05-18 10:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-12 00:00 . 2007-05-28 22:21 -------- d-----w- c:\program files\a-squared Free 2010-05-11 08:22 . 2004-08-03 22:59 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2010-05-11 07:34 . 2006-11-21 23:15 -------- d-----w- c:\program files\Fichiers communs\Java 2010-05-11 07:34 . 2010-05-11 07:34 503808 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4f51ce75-n\msvcp71.dll 2010-05-11 07:34 . 2010-05-11 07:34 499712 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4f51ce75-n\jmc.dll 2010-05-11 07:34 . 2010-05-11 07:34 348160 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4f51ce75-n\msvcr71.dll 2010-05-11 07:34 . 2010-05-11 07:34 61440 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e124629-n\decora-sse.dll 2010-05-11 07:34 . 2010-05-11 07:34 12800 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e124629-n\decora-d3d.dll 2010-05-11 07:32 . 2006-11-21 23:15 -------- d-----w- c:\program files\Java 2010-04-21 15:51 . 2004-08-04 00:37 23680 ----a-w- c:\windows\system32\drivers\mouclass.sys 2010-04-21 12:11 . 2008-04-22 17:01 -------- d-----w- c:\program files\Avira 2010-04-19 15:38 . 2006-11-21 23:36 44960 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-19 14:27 . 2010-04-19 14:27 566552 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MusicLoad.dll 2010-04-19 14:27 . 2010-04-19 14:27 242968 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgSoundclick.dll 2010-04-19 14:27 . 2010-04-19 14:27 156952 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgIJigg.dll 2010-04-19 14:27 . 2010-04-19 14:27 156952 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgPandora.dll 2010-04-19 14:27 . 2010-04-19 14:27 136472 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgLastfm.dll 2010-04-19 14:27 . 2010-04-19 14:27 177432 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgImeem.dll 2010-04-19 14:27 . 2010-04-19 14:26 1537304 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\RadioRip.dll 2010-04-19 14:26 . 2010-04-19 14:26 386328 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\WebRip.dll 2010-04-19 14:26 . 2010-04-19 14:26 505112 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\TimTube.dll 2010-04-19 14:26 . 2010-04-19 14:26 492824 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PornoTube.dll 2010-04-19 14:26 . 2010-04-19 14:26 505112 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\BadJojo.dll 2010-04-19 14:26 . 2010-04-19 14:26 496920 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\YouPorn.dll 2010-04-19 14:26 . 2010-04-19 14:25 496920 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\RedTube.dll 2010-04-19 14:25 . 2010-04-19 14:25 488728 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\ROFL.dll 2010-04-19 14:25 . 2010-04-19 14:25 509208 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\Tangle.dll 2010-04-19 14:25 . 2010-04-19 14:25 501016 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\SevenLoad.dll 2010-04-19 14:25 . 2010-04-19 14:25 521496 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MyVideo.dll 2010-04-19 14:25 . 2010-04-19 14:25 505112 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MetaCafe.dll 2010-04-19 14:25 . 2010-04-19 14:25 496920 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\BlipTV.dll 2010-04-19 14:25 . 2010-04-19 14:24 509208 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MySpace.dll 2010-04-19 14:24 . 2010-04-19 14:24 501016 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\DailyMotion.dll 2010-04-19 14:24 . 2010-04-19 14:24 292120 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\YouTube.dll 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_C66F542C09384197820139E669715728.exe 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_E131CE49F0AB4AFFBD46E947D2A7E8D6.exe 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_250B5DD793584E62966B2CA55CD7FE31.exe 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut2_60A3CA2E97AB4EAE82E5A8B6FE50C873.exe 2010-04-19 12:28 . 2010-04-19 12:20 -------- d-----w- c:\program files\Free Audio Pack 2010-04-19 12:20 . 2010-04-19 12:20 -------- d-----w- c:\documents and settings\Sylvain\Application Data\FreeAudioPack 2010-04-14 22:17 . 2007-05-23 07:08 -------- d-----w- c:\program files\Warcraft III 2010-04-13 18:21 . 2010-04-13 18:21 -------- d-----w- c:\program files\Samsung 2010-04-12 23:55 . 2010-04-12 20:49 -------- d-----w- c:\documents and settings\Sylvain\Application Data\DataCast 2010-04-12 20:49 . 2010-04-12 20:49 -------- d-----w- c:\program files\MarkAny 2010-04-12 20:49 . 2006-11-21 23:22 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-04-09 07:53 . 2005-09-01 05:53 64922 ----a-w- c:\windows\system32\perfc00C.dat 2010-04-09 07:53 . 2005-09-01 05:53 447222 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-05 22:06 . 2010-04-05 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-04-05 22:02 . 2010-04-05 22:02 -------- d-----w- c:\program files\NOS 2010-03-11 12:34 . 2010-03-11 12:34 78336 ------w- c:\windows\system32\ieencode.dll 2010-03-10 06:16 . 2005-09-01 05:53 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:17 . 2005-09-01 05:53 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2006-11-21 22:55 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 19:06 . 2005-09-01 05:53 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 19:06 . 2004-08-04 00:48 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2006-12-28 02:28 . 2006-12-28 02:28 251 ----a-w- c:\program files\wt3d.ini 2007-05-25 09:01 . 2006-12-24 16:18 168 --sh--r- c:\windows\system32\5DC4CA307B.sys 2007-05-25 09:01 . 2007-03-20 17:16 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-28 395776] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 68856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 667718] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 602182] "CTSVolFE.exe"="c:\program files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 57344] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2006-08-22 184320] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-03-03 257088] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-11-22 24576] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Post-it© Software Notes Lite.lnk - c:\program files\3M\PSNLite\PsnLite.exe [2004-10-16 2080768] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [12/05/2010 17:15 28552] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [11/07/2007 09:24 1872320] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [21/04/2010 09:45 135336] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [08/01/2010 00:51 380928] R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [13/01/2006 00:27 13696] R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [13/01/2006 00:29 13568] S2 nscpjapu;Synaptics TouchPad Support;c:\windows\System32\svchost.exe -k netsvcs [01/09/2005 07:53 14336] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs nscpjapu [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}] 2008-06-18 13:04 8192 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Contenu du dossier 'Tâches planifiées' 2010-05-13 c:\windows\Tasks\User_Feed_Synchronization-{F40906B2-F0F4-44CB-997A-1356D745A1F5}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://news.google.fr/nwshp?hl=fr&tab=wn uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab FF - ProfilePath - c:\documents and settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\bob2xo3t.default\ FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.caramail.com|http://www.yahoo.fr|http://news.google.fr FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=ffds1&p= FF - plugin: c:\documents and settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\bob2xo3t.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-14 02:47 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(924) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3744) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\Intel\Wireless\Bin\WLKeeper.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe c:\windows\eHome\ehRecvr.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\stsystra.exe c:\windows\eHome\ehmsas.exe c:\program files\iPod\bin\iPodService.exe c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\progra~1\3M\PSNLite\PSNGive.exe . ************************************************************************** . Heure de fin: 2010-05-14 02:55:53 - La machine a redémarré ComboFix-quarantined-files.txt 2010-05-14 00:55 Avant-CF: 6 656 290 816 octets libres Après-CF: 6 522 085 376 octets libres - - End Of File - - 7079CE8A5BC9B0564D8F3082A6CC2947 et le rapport UsbFix: ############################## | UsbFix V6.113 | User : Sylvain (Administrateurs) # INSPIRON Update on 13/05/2010 by El Desaparecido , C_XX & Chimay8 Start at: 03:04:12 | 14/05/2010 Website : http://pagesperso-orange.fr/NosTools/index.html Contact : FindyKill.Contact@gmail.com Intel® Core2 CPU T7200 @ 2.00GHz Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 Internet Explorer 8.0.6001.18702 Windows Firewall Status : Enabled AV : AntiVir Desktop 10.0.1.44 [ Enabled | Updated ] AV : [ (!) Disabled | Updated ] FW : [ (!) Disabled ] FW : ZoneAlarm Firewall[ (!) Disabled ]7.0.473.000 C:\ -> Disque fixe local # 105,05 Go (6,11 Go free) # NTFS D:\ -> Disque CD-ROM E:\ -> Disque amovible # 491,73 Mo (120,57 Mo free) # FAT ################## | Elements infectieux | ################## | Registre | [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives" ################## | Mountpoints2 | ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné ! ################## | ! Fin du rapport # UsbFix V6.113 ! | Merci et à demain alors!

OK merci, sinon si ça peut te guider en faisant "ctrl alt suppr" , "processus" il y a 10 svchost actif...

Voila le rapport, pour info durant le scan, combofix a du redémarrer car il a un trouver un rootkit. ComboFix 10-05-13.02 - Sylvain 14/05/2010 1:08.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2046.1594 [GMT 2:00] Lancé depuis: c:\documents and settings\Sylvain\Bureau\ringosuperstar.exe AV: *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\1m2Inue5.exe c:\program files\ATI Technologies\ATI.ACE\cli.exe c:\program files\Creative\Mixer\CTSVolFE.exe c:\program files\Dell Support\DSAgnt.exe c:\program files\Dell\MediaDirect\PCMService.exe c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe c:\program files\Fichiers communs\Java\Java Update\jusched.exe c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe c:\program files\Intel\Wireless\Bin\ifrmewrk.exe c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe c:\program files\Internet Explorer\SET5F2.tmp c:\program files\Internet Explorer\SET5F3.tmp c:\program files\Internet Explorer\SET5F5.tmp c:\program files\Internet Explorer\SET659.tmp c:\program files\Internet Explorer\SET65A.tmp c:\program files\Internet Explorer\SET65B.tmp c:\program files\iTunes\iTunesHelper.exe c:\program files\K-Lite Codec Pack\QuickTime\qttask .exe c:\program files\K-Lite Codec Pack\QuickTime\qttask .exe c:\program files\K-Lite Codec Pack\QuickTime\qttask .exe c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe c:\program files\Synaptics\SynTP\SynTPEnh.exe c:\program files\Windows Media Player\WMPNSCFG.exe c:\windows\system32\_000002_.tmp.dll c:\windows\system32\_000006_.tmp.dll c:\windows\system32\_000007_.tmp.dll c:\windows\system32\_000008_.tmp.dll c:\windows\system32\_000011_.tmp.dll c:\windows\system32\_000012_.tmp.dll c:\windows\system32\muzapp.exe c:\windows\Tasks\At19.job <pre> c:\program files\ATI Technologies\ATI.ACE\cli .exe ---^> c:\program files\ATI Technologies\ATI.ACE\cli.exe c:\program files\Creative\Mixer\CTSVolFE .exe ---^> c:\program files\Creative\Mixer\CTSVolFE.exe c:\program files\Dell\MediaDirect\PCMService .exe ---^> c:\program files\Dell\MediaDirect\PCMService.exe c:\program files\Dell Support\DSAgnt .exe ---^> c:\program files\Dell Support\DSAgnt.exe c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM .exe ---^> c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe c:\program files\Fichiers communs\InstallShield\UpdateService\issch .exe ---^> c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe c:\program files\Fichiers communs\Java\Java Update\jusched .exe ---^> c:\program files\Fichiers communs\Java\Java Update\jusched.exe c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe ---^> c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe c:\program files\Intel\Wireless\Bin\ifrmewrk .exe ---^> c:\program files\Intel\Wireless\Bin\ifrmewrk.exe c:\program files\Intel\Wireless\Bin\ZCfgSvc .exe ---^> c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe c:\program files\iTunes\iTunesHelper .exe ---^> c:\program files\iTunes\iTunesHelper.exe c:\program files\K-Lite Codec Pack\QuickTime\qttask .exe ---^> c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe c:\program files\Synaptics\SynTP\SynTPEnh .exe ---^> c:\program files\Synaptics\SynTP\SynTPEnh.exe c:\program files\Windows Media Player\WMPNSCFG .exe ---^> c:\program files\Windows Media Player\WMPNSCFG.exe </pre> . Une copie infectée de c:\windows\system32\drivers\mouclass.sys a été trouvée et désinfectée Copie restaurée à partir de - Kitty had a snack . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-13 au 2010-05-13 )))))))))))))))))))))))))))))))))))) . 2010-05-13 22:24 . 2010-05-13 22:24 -------- d-----w- C:\rsit 2010-05-13 22:24 . 2010-05-13 22:24 -------- d-----w- c:\program files\trend micro 2010-05-13 21:04 . 2010-05-13 21:04 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE 2010-05-13 21:04 . 2010-05-13 21:04 -------- d-----r- c:\documents and settings\NetworkService\Favoris 2010-05-13 21:01 . 2010-05-13 21:01 22016 ----a-w- c:\windows\system32\opaqcx.dll 2010-05-13 20:48 . 2010-05-13 23:20 -------- d-----w- c:\windows\system32\CatRoot2 2010-05-13 17:48 . 2010-05-13 17:48 -------- d-----w- c:\documents and settings\Sylvain\Application Data\BILEVSE 2010-05-12 15:15 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2010-05-12 15:14 . 2010-05-12 15:14 -------- d-----w- c:\program files\Panda Security 2010-05-12 14:28 . 2010-05-12 14:28 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Uniblue 2010-05-12 14:27 . 2010-05-12 14:27 -------- d-----w- c:\program files\Uniblue 2010-05-11 23:23 . 2010-05-12 14:35 -------- d-----w- c:\program files\CCleaner 2010-05-11 07:33 . 2010-05-11 07:32 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-30 17:05 . 2010-04-30 17:05 -------- d-----w- c:\program files\ESET 2010-04-23 20:48 . 2010-03-22 08:43 178000 ----a-w- c:\windows\TDSSKiller.exe 2010-04-22 21:36 . 2010-04-22 21:36 -------- d-sh--w- c:\documents and settings\Administrateur\PrivacIE 2010-04-22 21:34 . 2010-04-22 21:34 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2010-04-22 17:38 . 2010-04-22 17:38 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Avira 2010-04-22 17:37 . 2010-04-22 17:37 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache 2010-04-21 07:47 . 2010-04-21 07:47 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Avira 2010-04-21 07:45 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-04-21 07:45 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-04-21 07:45 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-04-21 07:45 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-04-21 07:45 . 2010-04-21 07:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-04-21 07:19 . 2010-04-21 07:19 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Malwarebytes 2010-04-21 07:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-21 07:18 . 2010-05-03 12:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-04-21 07:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-21 07:18 . 2010-04-21 07:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-04-21 07:09 . 2010-03-22 08:43 178000 ----a-w- c:\windows\system32\TDSSKiller.exe 2010-04-21 07:00 . 2010-03-22 08:43 178000 ----a-w- c:\windows\system32\drivers\TDSSKiller.exe 2010-04-19 22:00 . 2010-04-19 22:00 -------- d-----r- c:\documents and settings\LocalService\Favoris 2010-04-19 22:00 . 2010-04-19 22:00 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-04-19 16:05 . 2010-05-13 22:47 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2010-04-19 15:40 . 2010-04-19 15:40 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2010-04-19 14:29 . 2010-04-19 14:29 -------- d-----w- c:\documents and settings\Sylvain\Local Settings\Application Data\RapidSolution 2010-04-19 14:27 . 2010-04-19 14:27 -------- d-----w- c:\program files\PixiePack Codec Pack 2010-04-19 14:23 . 2010-04-19 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidSolution 2010-04-19 14:23 . 2010-04-19 14:23 -------- d-----w- c:\program files\RapidSolution 2010-04-19 13:30 . 2010-04-19 14:02 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Python-Eggs 2010-04-19 13:30 . 2010-04-19 14:03 -------- d-----w- c:\documents and settings\Sylvain\.moovida 2010-04-19 13:21 . 2010-04-19 13:28 32193656 ----a-w- c:\windows\system32\moovida.exe 2010-04-19 12:21 . 2010-04-19 12:24 -------- d-----w- c:\documents and settings\Sylvain\Application Data\FreeCDRipper . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-13 23:21 . 2008-04-22 16:39 29556768 ----a-w- c:\windows\system32\drivers\fidbox.dat 2010-05-13 23:20 . 2007-05-06 06:18 -------- d-----w- c:\program files\iTunes 2010-05-13 23:20 . 2006-11-21 23:32 -------- d-----w- c:\program files\Dell Support 2010-05-13 23:18 . 2008-04-22 16:39 350504 ----a-w- c:\windows\system32\drivers\fidbox.idx 2010-05-13 21:13 . 2010-05-13 16:43 112 ----a-w- c:\documents and settings\All Users\Application Data\F05wYg.dat 2010-05-12 15:04 . 2007-05-18 10:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-12 00:00 . 2007-05-28 22:21 -------- d-----w- c:\program files\a-squared Free 2010-05-11 08:22 . 2004-08-03 22:59 96512 ----a-w- c:\windows\system32\drivers\atapi.sys 2010-05-11 07:34 . 2006-11-21 23:15 -------- d-----w- c:\program files\Fichiers communs\Java 2010-05-11 07:34 . 2010-05-11 07:34 503808 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4f51ce75-n\msvcp71.dll 2010-05-11 07:34 . 2010-05-11 07:34 499712 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4f51ce75-n\jmc.dll 2010-05-11 07:34 . 2010-05-11 07:34 348160 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4f51ce75-n\msvcr71.dll 2010-05-11 07:34 . 2010-05-11 07:34 61440 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e124629-n\decora-sse.dll 2010-05-11 07:34 . 2010-05-11 07:34 12800 ----a-w- c:\documents and settings\Sylvain\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-7e124629-n\decora-d3d.dll 2010-05-11 07:32 . 2006-11-21 23:15 -------- d-----w- c:\program files\Java 2010-04-21 15:51 . 2004-08-04 00:37 23680 ----a-w- c:\windows\system32\drivers\mouclass.sys 2010-04-21 12:11 . 2008-04-22 17:01 -------- d-----w- c:\program files\Avira 2010-04-19 15:38 . 2006-11-21 23:36 44960 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-19 14:27 . 2010-04-19 14:27 566552 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MusicLoad.dll 2010-04-19 14:27 . 2010-04-19 14:27 242968 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgSoundclick.dll 2010-04-19 14:27 . 2010-04-19 14:27 156952 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgIJigg.dll 2010-04-19 14:27 . 2010-04-19 14:27 156952 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgPandora.dll 2010-04-19 14:27 . 2010-04-19 14:27 136472 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgLastfm.dll 2010-04-19 14:27 . 2010-04-19 14:27 177432 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PlgImeem.dll 2010-04-19 14:27 . 2010-04-19 14:26 1537304 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\RadioRip.dll 2010-04-19 14:26 . 2010-04-19 14:26 386328 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\WebRip.dll 2010-04-19 14:26 . 2010-04-19 14:26 505112 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\TimTube.dll 2010-04-19 14:26 . 2010-04-19 14:26 492824 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\PornoTube.dll 2010-04-19 14:26 . 2010-04-19 14:26 505112 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\BadJojo.dll 2010-04-19 14:26 . 2010-04-19 14:26 496920 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\YouPorn.dll 2010-04-19 14:26 . 2010-04-19 14:25 496920 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\RedTube.dll 2010-04-19 14:25 . 2010-04-19 14:25 488728 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\ROFL.dll 2010-04-19 14:25 . 2010-04-19 14:25 509208 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\Tangle.dll 2010-04-19 14:25 . 2010-04-19 14:25 501016 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\SevenLoad.dll 2010-04-19 14:25 . 2010-04-19 14:25 521496 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MyVideo.dll 2010-04-19 14:25 . 2010-04-19 14:25 505112 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MetaCafe.dll 2010-04-19 14:25 . 2010-04-19 14:25 496920 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\BlipTV.dll 2010-04-19 14:25 . 2010-04-19 14:24 509208 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\MySpace.dll 2010-04-19 14:24 . 2010-04-19 14:24 501016 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\DailyMotion.dll 2010-04-19 14:24 . 2010-04-19 14:24 292120 ----a-w- c:\documents and settings\All Users\Application Data\RapidSolution\Tunebite\WebRipDLLs\YouTube.dll 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_C66F542C09384197820139E669715728.exe 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_E131CE49F0AB4AFFBD46E947D2A7E8D6.exe 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_250B5DD793584E62966B2CA55CD7FE31.exe 2010-04-19 13:29 . 2010-04-19 13:29 53248 ----a-r- c:\documents and settings\Sylvain\Application Data\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut2_60A3CA2E97AB4EAE82E5A8B6FE50C873.exe 2010-04-19 12:28 . 2010-04-19 12:20 -------- d-----w- c:\program files\Free Audio Pack 2010-04-19 12:20 . 2010-04-19 12:20 -------- d-----w- c:\documents and settings\Sylvain\Application Data\FreeAudioPack 2010-04-14 22:17 . 2007-05-23 07:08 -------- d-----w- c:\program files\Warcraft III 2010-04-13 18:21 . 2010-04-13 18:21 -------- d-----w- c:\program files\Samsung 2010-04-12 23:55 . 2010-04-12 20:49 -------- d-----w- c:\documents and settings\Sylvain\Application Data\DataCast 2010-04-12 20:49 . 2010-04-12 20:49 -------- d-----w- c:\program files\MarkAny 2010-04-12 20:49 . 2006-11-21 23:22 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-04-09 07:53 . 2005-09-01 05:53 64922 ----a-w- c:\windows\system32\perfc00C.dat 2010-04-09 07:53 . 2005-09-01 05:53 447222 ----a-w- c:\windows\system32\perfh00C.dat 2010-04-05 22:06 . 2010-04-05 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-04-05 22:02 . 2010-04-05 22:02 -------- d-----w- c:\program files\NOS 2010-04-05 22:02 . 2006-11-21 23:25 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-04-05 16:28 . 2010-04-05 16:28 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Search Settings 2010-04-05 16:27 . 2010-04-05 16:27 -------- d-----w- c:\documents and settings\Sylvain\Application Data\pdfforge 2010-04-05 16:02 . 2010-04-05 16:00 -------- d-----w- c:\program files\PDFCreator 2010-04-05 16:02 . 2010-04-05 16:02 -------- d-----w- c:\program files\Application Updater 2010-04-03 15:59 . 2007-02-16 07:51 -------- d-----w- c:\documents and settings\Sylvain\Application Data\Skype 2010-04-03 14:00 . 2010-04-03 13:00 -------- d-----w- c:\documents and settings\Sylvain\Application Data\skypePM 2010-04-03 13:00 . 2010-04-03 13:00 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-04-03 12:59 . 2007-02-16 07:51 -------- d-----r- c:\program files\Skype 2010-04-03 12:59 . 2010-04-03 12:59 -------- d-----w- c:\program files\Fichiers communs\Skype 2010-04-03 12:59 . 2007-02-16 07:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-03-24 14:34 . 2010-04-02 22:02 1551360 ----a-w- c:\windows\Internet Logs\xDB2.tmp 2010-03-24 14:34 . 2010-04-02 22:02 2304512 ----a-w- c:\windows\Internet Logs\xDB1.tmp 2010-03-22 13:53 . 2010-04-05 22:02 32576 ----a-w- c:\documents and settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\bob2xo3t.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll 2010-03-22 13:53 . 2010-04-05 22:02 29984 ----a-w- c:\documents and settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\bob2xo3t.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe 2010-03-11 12:34 . 2010-03-11 12:34 78336 ------w- c:\windows\system32\ieencode.dll 2010-03-10 06:16 . 2005-09-01 05:53 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:17 . 2005-09-01 05:53 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2006-11-21 22:55 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 19:06 . 2005-09-01 05:53 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 19:06 . 2004-08-04 00:48 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2006-12-28 02:28 . 2006-12-28 02:28 251 ----a-w- c:\program files\wt3d.ini 2007-05-25 09:01 . 2006-12-24 16:18 168 --sh--r- c:\windows\system32\5DC4CA307B.sys 2007-05-25 09:01 . 2007-03-20 17:16 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys . <pre> c:\program files\Adobe\Reader 9.0\Reader\Reader_sl .exe c:\program files\Spybot - Search & Destroy\TeaTimer .exe c:\windows\ehome\ehtray .exe </pre> ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-08-28 395776] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-30 68856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask .exe -atboottime" [X] "ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 667718] "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 602182] "CTSVolFE.exe"="c:\program files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 57344] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035] "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2006-08-22 184320] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-03-03 257088] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [N/A] "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-11-22 24576] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Post-it© Software Notes Lite.lnk - c:\program files\3M\PSNLite\PsnLite.exe [2004-10-16 2080768] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opaqcx] 2010-05-13 21:01 22016 ----a-w- c:\windows\system32\opaqcx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [12/05/2010 17:15 28552] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [11/07/2007 09:24 1872320] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [21/04/2010 09:45 135336] R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [08/01/2010 00:51 380928] R2 hnmwrlspkt;HomeNet Manager Wireless Protocol;c:\windows\system32\drivers\hnm_wrls_pkt.sys [13/01/2006 00:27 13696] R2 wsppkt;Wireless Security Protocol;c:\windows\system32\drivers\wsp_pkt.sys [13/01/2006 00:29 13568] S2 nscpjapu;Synaptics TouchPad Support;c:\windows\System32\svchost.exe -k netsvcs [01/09/2005 07:53 14336] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs nscpjapu [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}] 2008-06-18 13:04 8192 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Contenu du dossier 'Tâches planifiées' 2010-05-13 c:\windows\Tasks\User_Feed_Synchronization-{F40906B2-F0F4-44CB-997A-1356D745A1F5}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 02:31] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://news.google.fr/nwshp?hl=fr&tab=wn uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://fr.search.yahoo.com IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab FF - ProfilePath - c:\documents and settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\bob2xo3t.default\ FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.caramail.com|http://www.yahoo.fr|http://news.google.fr FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=ffds1&p= FF - plugin: c:\documents and settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\bob2xo3t.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . - - - - ORPHELINS SUPPRIMES - - - - BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) Toolbar-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{3FBE311A-23C7-4329-B052-D65CB4C82979} - (no file) SafeBoot-klmdb.sys ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-14 01:21 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(920) c:\windows\system32\Ati2evxx.dll c:\windows\system32\opaqcx.dll - - - - - - - > 'explorer.exe'(2764) c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\Intel\Wireless\Bin\WLKeeper.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe c:\windows\eHome\ehRecvr.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\stsystra.exe c:\windows\eHome\ehmsas.exe c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe c:\program files\iPod\bin\iPodService.exe c:\progra~1\3M\PSNLite\PSNGive.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Heure de fin: 2010-05-14 01:30:17 - La machine a redémarré ComboFix-quarantined-files.txt 2010-05-13 23:30 Avant-CF: 6 742 044 672 octets libres Après-CF: 6 669 713 408 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect - - End Of File - - 1EA2EA86F04603927E66C434FF09C8E9

Salut Thanos, tout d'abord merci de ton aide! Alors concernant antivir voila ce que j'ai: Virus or unwanted program 'TR/Hijacker.Gen [trojan]' detected in file 'C:\WINDOWS\Temp\cjqx.tmp\svchost.exe. Action performed: Deny access le contenu du log.txt: Logfile of random's system information tool 1.07 (written by random/random) Run by Sylvain at 2010-05-14 00:24:34 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 7 GB (6%) free of 108 GB Total RAM: 2046 MB (60% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:24:39, on 14/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\stsystra.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched .exe C:\Program Files\3M\PSNLite\PsnLite.exe C:\Program Files\Creative\Mixer\CTSVolFE .exe C:\Program Files\iTunes\iTunesHelper .exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc .exe C:\Program Files\Windows Media Player\WMPNSCFG .exe C:\Program Files\Synaptics\SynTP\SynTPEnh .exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe C:\Program Files\Dell\MediaDirect\PCMService .exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Program Files\Dell Support\DSAgnt .exe C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\All Users\Application Data\1m2Inue5.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Sylvain\Bureau\RSIT.exe C:\Program Files\trend micro\Sylvain.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/nwshp?hl=fr&tab=wn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvaintahiti.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170750919182 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/upl...ileUploader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: opaqcx - opaqcx.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe -- End of file - 14301 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\At1.job C:\WINDOWS\tasks\At10.job C:\WINDOWS\tasks\At11.job C:\WINDOWS\tasks\At12.job C:\WINDOWS\tasks\At13.job C:\WINDOWS\tasks\At14.job C:\WINDOWS\tasks\At15.job C:\WINDOWS\tasks\At16.job C:\WINDOWS\tasks\At17.job C:\WINDOWS\tasks\At18.job C:\WINDOWS\tasks\At19.job C:\WINDOWS\tasks\At2.job C:\WINDOWS\tasks\At20.job C:\WINDOWS\tasks\At21.job C:\WINDOWS\tasks\At22.job C:\WINDOWS\tasks\At23.job C:\WINDOWS\tasks\At24.job C:\WINDOWS\tasks\At25.job C:\WINDOWS\tasks\At26.job C:\WINDOWS\tasks\At27.job C:\WINDOWS\tasks\At28.job C:\WINDOWS\tasks\At29.job C:\WINDOWS\tasks\At3.job C:\WINDOWS\tasks\At30.job C:\WINDOWS\tasks\At31.job C:\WINDOWS\tasks\At32.job C:\WINDOWS\tasks\At33.job C:\WINDOWS\tasks\At34.job C:\WINDOWS\tasks\At35.job C:\WINDOWS\tasks\At36.job C:\WINDOWS\tasks\At37.job C:\WINDOWS\tasks\At38.job C:\WINDOWS\tasks\At39.job C:\WINDOWS\tasks\At4.job C:\WINDOWS\tasks\At40.job C:\WINDOWS\tasks\At41.job C:\WINDOWS\tasks\At42.job C:\WINDOWS\tasks\At43.job C:\WINDOWS\tasks\At44.job C:\WINDOWS\tasks\At45.job C:\WINDOWS\tasks\At46.job C:\WINDOWS\tasks\At47.job C:\WINDOWS\tasks\At48.job C:\WINDOWS\tasks\At49.job C:\WINDOWS\tasks\At5.job C:\WINDOWS\tasks\At50.job C:\WINDOWS\tasks\At51.job C:\WINDOWS\tasks\At52.job C:\WINDOWS\tasks\At53.job C:\WINDOWS\tasks\At54.job C:\WINDOWS\tasks\At55.job C:\WINDOWS\tasks\At56.job C:\WINDOWS\tasks\At57.job C:\WINDOWS\tasks\At58.job C:\WINDOWS\tasks\At59.job C:\WINDOWS\tasks\At6.job C:\WINDOWS\tasks\At60.job C:\WINDOWS\tasks\At61.job C:\WINDOWS\tasks\At62.job C:\WINDOWS\tasks\At63.job C:\WINDOWS\tasks\At64.job C:\WINDOWS\tasks\At65.job C:\WINDOWS\tasks\At66.job C:\WINDOWS\tasks\At67.job C:\WINDOWS\tasks\At68.job C:\WINDOWS\tasks\At69.job C:\WINDOWS\tasks\At7.job C:\WINDOWS\tasks\At70.job C:\WINDOWS\tasks\At71.job C:\WINDOWS\tasks\At72.job C:\WINDOWS\tasks\At73.job C:\WINDOWS\tasks\At74.job C:\WINDOWS\tasks\At75.job C:\WINDOWS\tasks\At76.job C:\WINDOWS\tasks\At77.job C:\WINDOWS\tasks\At78.job C:\WINDOWS\tasks\At79.job C:\WINDOWS\tasks\At8.job C:\WINDOWS\tasks\At80.job C:\WINDOWS\tasks\At81.job C:\WINDOWS\tasks\At82.job C:\WINDOWS\tasks\At83.job C:\WINDOWS\tasks\At84.job C:\WINDOWS\tasks\At85.job C:\WINDOWS\tasks\At86.job C:\WINDOWS\tasks\At87.job C:\WINDOWS\tasks\At88.job C:\WINDOWS\tasks\At89.job C:\WINDOWS\tasks\At9.job C:\WINDOWS\tasks\At90.job C:\WINDOWS\tasks\At91.job C:\WINDOWS\tasks\At92.job C:\WINDOWS\tasks\At93.job C:\WINDOWS\tasks\At94.job C:\WINDOWS\tasks\At95.job C:\WINDOWS\tasks\At96.job C:\WINDOWS\tasks\RegistryConvoy.job C:\WINDOWS\tasks\User_Feed_Synchronization-{F40906B2-F0F4-44CB-997A-1356D745A1F5}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-20 2436160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-04-03 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-10-11 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-11 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-20 2436160] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-08 203464] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384] {B922D405-6D13-4A2B-AE89-08A030DA4402} Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-05-13 36868] "SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2006-03-25 282624] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-13 36868] "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2010-05-13 36868] "IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2010-05-13 36868] "IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2010-05-13 36868] "CTSVolFE.exe"=C:\Program Files\Creative\Mixer\CTSVolFE.exe [2010-05-13 36868] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-06 127035] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2010-05-13 36868] "PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2010-05-13 36868] "QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask .exe [2007-02-16 282624] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-05-13 36868] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [] "Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-05-13 36868] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DellSupport"=C:\Program Files\Dell Support\DSAgnt.exe [2010-05-13 36872] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-05-13 36872] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2010-05-13 36872] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2010-05-13 36872] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Post-it® Software Notes Lite.lnk - C:\Program Files\3M\PSNLite\PsnLite.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-05-23 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opaqcx] C:\WINDOWS\system32\opaqcx.dll [2010-05-13 22016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-16 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"= scecli scecli [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klmdb.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\TEMP\jpyq.tmp\svchost.exe"="C:\WINDOWS\TEMP\jpyq.tmp\svchost.exe:*:Enabled:svchost" "\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{286327d6-4940-11dc-8eae-0015c5c23365}] shell\Auto\command - E:\infrom.exe shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{601d11dd-269f-11dd-b20f-0015c5c23365}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL protector.exe shell\infected\command - protector.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{635b4aa1-33ba-11dd-b234-0015c5c23365}] shell\Auto\command - wscript "Sex City.jpg.wsf" shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{635b4b79-33ba-11dd-b234-0015c5c23365}] shell\AutoRun\command - pagefiles.pif shell\explore\command - pagefiles.pif shell\open\command - pagefiles.pif [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{81238065-3ee2-11dd-b23e-0015c5c23365}] shell\AutoRun\command - E:\invwft2h.com shell\explore\command - E:\invwft2h.com shell\open\command - E:\invwft2h.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86dd1992-a2ab-11de-b8cc-0015c5c23365}] shell\AutoRun\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\Taquito.exe shell\open\command - RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\Taquito.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa8993f-361d-11dd-b238-0015c5c23365}] shell\Auto\command - wscript "Sex City.jpg.wsf" shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1f5d24e-ee0a-11dc-8f67-0015c5c23365}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1adeac1-19e0-11dd-b1fe-0015c5c23365}] shell\AutoRun\command - xn1i9x.com shell\explore\command - xn1i9x.com shell\open\command - xn1i9x.com ======List of files/folders created in the last 1 months====== 2010-05-14 00:24:34 ----D---- C:\rsit 2010-05-14 00:24:34 ----D---- C:\Program Files\trend micro 2010-05-13 23:01:25 ----A---- C:\WINDOWS\system32\opaqcx.dll 2010-05-13 22:48:40 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-13 22:47:10 ----D---- C:\WINDOWS\SoftwareDistribution 2010-05-13 21:03:00 ----A---- C:\WINDOWS\UPGRADE.TXT 2010-05-13 19:48:32 ----D---- C:\Documents and Settings\Sylvain\Application Data\BILEVSE 2010-05-13 18:43:03 ----A---- C:\Documents and Settings\All Users\Application Data\1m2Inue5.exe 2010-05-12 17:14:11 ----D---- C:\Program Files\Panda Security 2010-05-12 16:28:04 ----D---- C:\Documents and Settings\Sylvain\Application Data\Uniblue 2010-05-12 16:27:56 ----D---- C:\Program Files\Uniblue 2010-05-12 02:02:50 ----A---- C:\WINDOWS\ntbtlog.txt 2010-05-12 01:23:47 ----D---- C:\Program Files\CCleaner 2010-05-11 09:46:29 ----A---- C:\TDSSKiller.2.2.8.1_11.05.2010_09.46.29_log.txt 2010-05-11 09:34:52 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\java.exe 2010-05-11 09:33:17 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-04-30 19:05:38 ----D---- C:\Program Files\ESET 2010-04-23 22:49:00 ----A---- C:\TDSSKiller.2.2.8.1_23.04.2010_22.49.00_log.txt 2010-04-23 22:48:58 ----A---- C:\WINDOWS\TDSSKiller.exe 2010-04-21 13:53:33 ----A---- C:\TDSSKiller.2.2.8.1_21.04.2010_13.53.33_log.txt 2010-04-21 09:47:47 ----D---- C:\Documents and Settings\Sylvain\Application Data\Avira 2010-04-21 09:45:34 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-04-21 09:19:09 ----D---- C:\Documents and Settings\Sylvain\Application Data\Malwarebytes 2010-04-21 09:18:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-04-21 09:18:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-04-21 09:09:53 ----A---- C:\TDSSKiller.2.2.8.1_21.04.2010_09.09.53_log.txt 2010-04-21 09:09:49 ----A---- C:\WINDOWS\system32\TDSSKiller.exe 2010-04-21 09:01:06 ----A---- C:\TDSSKiller.2.2.8.1_21.04.2010_09.01.06_log.txt 2010-04-19 18:05:15 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-04-19 17:40:07 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy) 2010-04-19 17:40:07 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) 2010-04-19 17:40:06 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy) 2010-04-19 17:40:06 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2010-04-19 16:33:38 ----A---- C:\WINDOWS\system32\Log_20100419_163338_3354.txt 2010-04-19 16:33:37 ----A---- C:\WINDOWS\system32\Log_20100419_163337_3264.txt 2010-04-19 16:33:35 ----A---- C:\WINDOWS\system32\Log_20100419_163335_2010.txt 2010-04-19 16:33:34 ----A---- C:\WINDOWS\system32\Log_20100419_163334_2AE0.txt 2010-04-19 16:33:32 ----A---- C:\WINDOWS\system32\Log_20100419_163332_24C0.txt 2010-04-19 16:33:30 ----A---- C:\WINDOWS\system32\Log_20100419_163330_2498.txt 2010-04-19 16:33:28 ----A---- C:\WINDOWS\system32\Log_20100419_163328_2C20.txt 2010-04-19 16:33:26 ----A---- C:\WINDOWS\system32\Log_20100419_163326_28BC.txt 2010-04-19 16:33:24 ----A---- C:\WINDOWS\system32\Log_20100419_163324_26E8.txt 2010-04-19 16:33:23 ----A---- C:\WINDOWS\system32\Log_20100419_163323_2A98.txt 2010-04-19 16:33:21 ----A---- C:\WINDOWS\system32\Log_20100419_163321_2A80.txt 2010-04-19 16:33:15 ----A---- C:\WINDOWS\system32\Log_20100419_163315_2DA8.txt 2010-04-19 16:27:32 ----D---- C:\Program Files\PixiePack Codec Pack 2010-04-19 16:23:27 ----D---- C:\Program Files\RapidSolution 2010-04-19 16:23:27 ----D---- C:\Documents and Settings\All Users\Application Data\RapidSolution 2010-04-19 15:30:14 ----D---- C:\Documents and Settings\Sylvain\Application Data\Python-Eggs 2010-04-19 15:21:20 ----A---- C:\WINDOWS\system32\moovida.exe 2010-04-19 14:21:17 ----D---- C:\Documents and Settings\Sylvain\Application Data\FreeCDRipper 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\WMAFile.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\TABCTFR.DLL 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\inetfr.DLL 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudPlayer.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudioVisu.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudioRecord.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudioInfos.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudFile.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudDisplay.dll 2010-04-19 14:20:26 ----A---- C:\WINDOWS\system32\AudDesign.dll 2010-04-19 14:20:25 ----D---- C:\Program Files\Free Audio Pack 2010-04-19 14:20:25 ----D---- C:\Documents and Settings\Sylvain\Application Data\FreeAudioPack 2010-04-19 14:20:25 ----A---- C:\WINDOWS\system32\lame_enc.dll 2010-04-19 14:20:25 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL 2010-04-18 18:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-04-18 18:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-04-18 18:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-04-18 18:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-04-18 18:44:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-04-18 18:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ ======List of files/folders modified in the last 1 months====== 2010-05-14 00:24:39 ----D---- C:\WINDOWS\Prefetch 2010-05-14 00:24:34 ----RD---- C:\Program Files 2010-05-14 00:21:30 ----D---- C:\WINDOWS\Temp 2010-05-14 00:13:20 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt 2010-05-14 00:06:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-13 23:13:43 ----SD---- C:\WINDOWS\Tasks 2010-05-13 23:08:38 ----D---- C:\MDT 2010-05-13 23:07:55 ----D---- C:\WINDOWS 2010-05-13 23:07:30 ----D---- C:\WINDOWS\Registration 2010-05-13 23:04:20 ----RSD---- C:\WINDOWS\Fonts 2010-05-13 23:04:12 ----SHD---- C:\WINDOWS\Installer 2010-05-13 23:03:56 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-13 23:01:25 ----D---- C:\WINDOWS\system32 2010-05-13 22:51:47 ----RD---- C:\WINDOWS\Web 2010-05-13 20:42:29 ----D---- C:\Program Files\Windows Media Player 2010-05-13 20:42:25 ----D---- C:\Program Files\Dell Support 2010-05-13 19:34:14 ----D---- C:\WINDOWS\ehome 2010-05-13 19:22:37 ----D---- C:\WINDOWS\system32\dllcache 2010-05-13 18:38:50 ----D---- C:\Program Files\iTunes 2010-05-12 17:35:10 ----D---- C:\WINDOWS\Internet Logs 2010-05-12 17:20:53 ----D---- C:\WINDOWS\system32\drivers 2010-05-12 17:15:26 ----HD---- C:\WINDOWS\inf 2010-05-12 17:04:28 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-12 02:00:30 ----D---- C:\Program Files\a-squared Free 2010-05-12 01:28:18 ----D---- C:\WINDOWS\Debug 2010-05-12 00:56:47 ----D---- C:\Program Files\Fichiers communs 2010-05-12 00:36:31 ----SHD---- C:\System Volume Information 2010-05-11 09:34:51 ----D---- C:\Program Files\Fichiers communs\Java 2010-05-11 09:32:40 ----D---- C:\Program Files\Java 2010-05-02 23:07:41 ----SHD---- C:\WINDOWS\CSC 2010-04-30 19:05:40 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-04-25 12:07:46 ----D---- C:\WINDOWS\WinSxS 2010-04-21 14:11:46 ----D---- C:\Program Files\Avira 2010-04-21 12:23:48 ----D---- C:\WINDOWS\network diagnostic 2010-04-21 10:09:14 ----D---- C:\WINDOWS\repair 2010-04-21 09:31:16 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$ 2010-04-20 00:13:40 ----A---- C:\WINDOWS\wininit.ini 2010-04-19 16:22:45 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-04-19 15:29:42 ----SD---- C:\Documents and Settings\Sylvain\Application Data\Microsoft 2010-04-18 18:48:24 ----HD---- C:\WINDOWS\$hf_mig$ 2010-04-18 18:44:01 ----D---- C:\WINDOWS\ie8updates 2010-04-15 00:17:50 ----D---- C:\Program Files\Warcraft III ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-04-02 394952] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-22 21275] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480] R2 hnmwrlspkt;HomeNet Manager Wireless Protocol; C:\WINDOWS\system32\DRIVERS\hnm_wrls_pkt.sys [2006-01-13 13696] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059] R2 Packet;Auto Internet Protocol; C:\WINDOWS\system32\DRIVERS\packet.sys [2006-01-13 13312] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-05-01 13568] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-06 25883] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-06 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-06 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-06 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-06 86586] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-06 15227] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-06 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-06 98714] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-06 100603] R2 wsppkt;Wireless Security Protocol; C:\WINDOWS\system32\DRIVERS\wsp_pkt.sys [2006-01-13 13568] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-23 1578496] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-08-25 44544] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-20 15664] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-22 201600] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-10-14 28544] R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-10-14 51328] R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-10-14 307968] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-25 1156648] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-27 1429632] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys [] S3 E100B;Pilote de carte Intel ® PRO; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-23 117760] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20080421.001\symidsco.sys [] S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2009-01-23 37664] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944] S4 agp440;Filtre de bus AGP Intel; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368] S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73600] S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2010-04-20 1872320] R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432] R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-23 409600] R2 Creative Labs Licensing Service;Creative Labs Licensing Service; C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe [2007-02-10 69632] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-05-01 114753] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-11 153376] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-05-01 217164] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-05-01 540745] R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2006-05-01 262217] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-03-03 500800] R3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-11-03 918016] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 nscpjapu;Synaptics TouchPad Support; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-06 138168] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-04-02 75304] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- contenu du info.txt: info.txt logfile of random's system information tool 1.06 2010-05-14 00:24:43 ======Uninstall list====== -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E9BE6D1-680B-49B2-A2B0-CBC32D20DF04}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x40c -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA2CA846-C6DB-4468-B291-18D4BA359656}\setup.exe" -l0x40c -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Adobe SVG Viewer 3.0-->C:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Fichiers communs\Adobe\SVG Viewer 3.0\Uninstall\Install.log Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe a-squared Free 2.1-->"C:\Program Files\a-squared Free\unins000.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} ATI Catalyst Control Center-->MsiExec.exe /I{A02ED372-22FA-448B-AB6A-1B0FC23B7D08} ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c Broadcom Management Programs-->MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5} Brother HL-2070N-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3F15B18-B10E-46A0-8CA9-679F7679F182}\SETUP.exe" -l0x40c -removeonly /uninst CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028k.inf Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Dell Support 3.2.1-->MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413} Digital Line Detect-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel DivX Audio Compressor 4.02-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_DivX 132 C:\WINDOWS\INF\DivXAudioCompressor4.02.inf DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC EmoDio-->"C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\setup.exe" -runfromtemp -l0x040c -removeonly EmoDio-->MsiExec.exe /X{C20CE592-B0F8-4D20-BF31-0151CA6331A6} eMule-->"C:\Program Files\eMule\Uninstall.exe" Free Mp3 Wma Converter V 1.9-->"C:\Program Files\Free Audio Pack\unins000.exe" GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe" Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll" High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" ImageJ 1.38x-->"C:\Program Files\ImageJ\unins000.exe" iTunes-->MsiExec.exe /I{01B51908-02EF-453B-87A9-815182E8C2F2} J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} K-Lite Mega Codec Pack 1.64-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" LaserJet 1020 series-->C:\Program Files\Zenographics\{29EF1301-98A8-4BA3-B814-5FAE8394A592}\setup.exe -u "HPLJInstaller.dll=Hplj1020.inf" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Logiciel Intel® PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779} MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120} mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49} MediaDirect-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x40c -cluninstall mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B} Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB980302)-->"C:\WINDOWS\ie8updates\KB980302-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F} Mixeur-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7E9BE6D1-680B-49B2-A2B0-CBC32D20DF04}\setup.exe" -l0x40c /remove mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Modem Helper-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9} mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83} mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4} mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA} mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401} mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023} NetWaiting-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x40c ControlPanel Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe" OutlookAddinSetup-->MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56} Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe PDFCreator-->C:\Program Files\PDFCreator\unins000.exe pdfforge Toolbar v1.1.2-->MsiExec.exe /X{5791B7D3-8B34-4218-9750-6A8E45D0AD32} PixiePack Codec Pack-->MsiExec.exe /I{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} Post-it® Software Notes Lite-->"C:\Program Files\3M\PSNLite\Uninstall.exe" -Prog"C:\Program Files\3M\PSNLite\PsnLite.exe" -INI"C:\Program Files\3M\PSNLite\uninst.ini" QuickSet-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x40c APPDRVNT4 QuickTime-->MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F} SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011} Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Sound Blaster Audigy ADVANCED MB Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA2CA846-C6DB-4468-B291-18D4BA359656}\setup.exe" -l0x40c /remove Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WJChess2D-->C:\PROGRA~1\JeffProd\WJCHES~1\UNWISE.EXE C:\PROGRA~1\JeffProd\WJCHES~1\INSTALL.LOG WMPTagSupportExtender-->MsiExec.exe /I{66B53F56-AD2D-4463-9816-BBC9E2BD13D1} Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: AntiVir Desktop AV: (disabled) FW: (disabled) FW: ZoneAlarm Firewall (disabled) ======System event log====== Computer Name: INSPIRON Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : arrêté. Record Number: 43066 Source Name: Service Control Manager Time Written: 20100419163735.000000+120 Event Type: Informations User: Computer Name: INSPIRON Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : en cours d'exécution. Record Number: 43065 Source Name: Service Control Manager Time Written: 20100419162238.000000+120 Event Type: Informations User: Computer Name: INSPIRON Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Windows Installer. Record Number: 43064 Source Name: Service Control Manager Time Written: 20100419162238.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: INSPIRON Event Code: 7036 Message: Le service Windows Installer est entré dans l'état : arrêté. Record Number: 43063 Source Name: Service Control Manager Time Written: 20100419161459.000000+120 Event Type: Informations User: Computer Name: INSPIRON Event Code: 7036 Message: Le service Gestion d'applications est entré dans l'état : en cours d'exécution. Record Number: 43062 Source Name: Service Control Manager Time Written: 20100419160459.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: INSPIRON Event Code: 11728 Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement. Record Number: 21734 Source Name: MsiInstaller Time Written: 20081120190408.000000+060 Event Type: Informations User: INSPIRON\Sylvain Computer Name: INSPIRON Event Code: 1022 Message: Produit : Microsoft Office XP Professional avec FrontPage - La mise à jour 'Security Update for Excel 2002 (KB955464): EXCEL' a été installée. Record Number: 21733 Source Name: MsiInstaller Time Written: 20081120190408.000000+060 Event Type: Informations User: INSPIRON\Sylvain Computer Name: INSPIRON Event Code: 11728 Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement. Record Number: 21732 Source Name: MsiInstaller Time Written: 20081120190135.000000+060 Event Type: Informations User: INSPIRON\Sylvain Computer Name: INSPIRON Event Code: 1022 Message: Produit : Microsoft Office XP Professional avec FrontPage - La mise à jour 'Security Update for Office XP (KB956464): CDO10' a été installée. Record Number: 21731 Source Name: MsiInstaller Time Written: 20081120190135.000000+060 Event Type: Informations User: INSPIRON\Sylvain Computer Name: INSPIRON Event Code: 11728 Message: Produit : Microsoft Office XP Professional avec FrontPage -- La configuration s'est terminée correctement. Record Number: 21730 Source Name: MsiInstaller Time Written: 20081120190055.000000+060 Event Type: Informations User: INSPIRON\Sylvain ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem\;C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322 "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\ "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip "tvdumpflags"=8 -----------------EOF----------------- Merci a toi, Ringo

Bonjour, j'ai le virus "tr/hijacker.gen" sur mon pc. j'utilise l'antivirus antivir avira. J'ai déjà effectué plusieurs scan avec entre autre Malwarebytes mais il ne le trouve pas. Antivir le détecte en guard, mais n'arrive visiblement pas à le supprimer. Je ne peux pas faire d'update windows (code erreur 0x80072EFF), pc plus lent, et des fichiers temporaires sont créer tous les 5 minutes dans c:\windows\temp, comme dfgh.tmp. Je crois que le virus atteint mon fichier svchost.exe ci dessous mon rapport: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:37:40, on 13/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\stsystra.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched .exe C:\Program Files\3M\PSNLite\PsnLite.exe C:\Program Files\Creative\Mixer\CTSVolFE .exe C:\Program Files\iTunes\iTunesHelper .exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc .exe C:\Program Files\Windows Media Player\WMPNSCFG .exe C:\Program Files\Synaptics\SynTP\SynTPEnh .exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe C:\Program Files\Dell\MediaDirect\PCMService .exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\3M\PSNLite\PSNGive.exe C:\Program Files\Dell Support\DSAgnt .exe C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\All Users\Application Data\1m2Inue5.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Sylvain\Mes documents\Téléchargements\HiJackThis.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.fr/nwshp?hl=fr&tab=wn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=4061121 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://sylvaintahiti.spaces.live.com//Phot...ad/MsnPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1170750919182 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/upl...ileUploader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: opaqcx - opaqcx.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Fichiers communs\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe -- End of file - 14183 bytes Merci de votre aide, Ringo