Aller au contenu

ericd

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    206

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par ericd

  1. ericd
    salut, je viens d installer les derniers pilotes nvidia ,186.18 whql,et je n ai plus acces a la resolution 1440×900,qui etait celle par defaut sur mon bureau et dans mes jeux,quelqu-un aurait il une idée? svp? merci beaucoup de votre aide… ericd ps;j ai creé une resolution 1440x900 avec le nvidia panel mais il ne sauvegardes pas ,des que je reboot,je me retrouve avec une reso de 1368x768 ..et de toutes facons je ne retrouves pas la reso 1440x900 dans les jeux meme en la creant....
  2. ericd
    merci c etait bien la solution et pourtant j ai regarde dans msconfig et je n avais pas vu l explorateur lol merci Notpa01 zebulon les meilleurs!!
  3. ericd
    salut zebulon !! et bonne annee 2009 !! voila depuis quelque temps maintenant environ 1 semaine ,quand j allume le pc ,j ai mon dossier documents qui s ouvre tout seul au boot de vista,j ai beau chercher impossible de trouver si quelqu un a une idee je serais preneur ,merci beaucoup de votre aide ..bon c est sur c est pas grave mais enervant... ericd
  4. ericd
    Un GRAND MERCI A THANOS et encore desole pour le double post .........
  5. ericd
    ok je vais tout faire bien proprement ,et je tiens a m excuser sur le fait que j ai posté le meme post sur malekal.com ,je pensais ue malekal et zebulon travallait main dans la main ,j ai eu une reflexion d angelique sur le post ,donc je tenais a m excuser si j ai offensé qui que ce soit ce n etait absolument pas mon intention,Thanos je te mets le lien du post de malekal.com . http://forum.malekal.com/viewtopic.php?f=3...=113261#p113261
  6. ericd
    ouf j ai eu peur !! merci j attends tes conseils avec impatience ,sinon je vois qu il est 00h01 ,tu travailles tard ! encore merci de ta patience sinon pour le fix.reg tu ne m as pas repondu? ericd
  7. ericd
    bon sur le c: il me dit element introuvable mais j ai ouvert le dossier et voila ce qu il y avait dedans "lpt3.This folder was created by Flash_Disinfector" je n arrive pas a le supprimer il est vrai aussi que j ai utilise flash disinfector (j ai du faire une boulette!!) c est exactement pareil sur tous mes disques durs et je n arrives pas a supprimer le dossier autorun.inf je parles bien d un dossier jaune transparent et pas d un fichier....y a t il un moyen de les supprimer? ps; a quoi sers le fix.reg stp ?? ericd
  8. ericd
    bonjour thanos voila l examen complet avec mbam,1h46 c est long !! je te joins un rsit aussi par la meme occasion,encore merci pour ta gentillesse ,toujours aussi pro chez zebulon ,je dirais meme "chez zebulon on vous prend pas pour des cons.." lol Malwarebytes' Anti-Malware 1.29 Version de la base de données: 1282 Windows 6.0.6001 Service Pack 1 18/10/2008 09:33:12 mbam-log-2008-10-18 (09-33-12).txt Type de recherche: Examen complet (C:\|D:\|I:\|L:\|) Eléments examinés: 307785 Temps écoulé: 1 hour(s), 46 minute(s), 18 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) le log de rist Logfile of random's system information tool 1.04 (written by random/random) Run by eric at 2008-10-18 09:38:40 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 162 GB (50%) free of 323 GB Total RAM: 2047 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:38:41, on 18/10/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\System32\CTHELPER.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Bill2's Process Manager\ProcessManager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\eric\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\eric.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clubic.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O13 - Gopher Prefix: O15 - Trusted Zone: *.canal-plus.com (HKLM) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 6269 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUser.job C:\Windows\tasks\User_Feed_Synchronization-{59E6857A-6663-4694-89FE-57ADF0790E76}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] C:\Program Files\PicLensIE\PicLens.dll [2008-08-19 3493888] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] "CTHelper"=C:\Windows\system32\CTHELPER.EXE [2007-09-20 19456] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-15 13576736] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-15 92704] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-16 398992] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "Google Update"=C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 133104] "ProcessManager"=C:\Program Files\Bill2's Process Manager\ProcessManager.exe [2008-08-04 1265664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath] C:\Windows\VM_STI.exe Philips SPC 200NC PC Camera [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget] C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-06-03 12] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-03-14 54832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TrayMin200.exe.lnk] C:\PROGRA~1\Philips\SPC200~1\TRAYMI~1.EXE [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=FFFFFFFF "NoDriveTypeAutoRun"=36 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0411cf98-caa1-11dc-87d4-806e6f6e6963}] shell\AutoRun\command - E:\LGInstaller.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{933aef35-d17e-11dc-b4f9-001e8c60e738}] shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecbc11cd-9b9a-11dd-8856-001e8c60e738}] shell\Auto\command - AdobeR.exe e shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e ======List of files/folders created in the last 1 months====== 2008-10-17 19:25:35 ----RASHD---- C:\autorun.inf 2008-10-16 22:36:12 ----D---- C:\Program Files\Secunia 2008-10-16 21:27:08 ----D---- C:\Users\eric\AppData\Roaming\Malwarebytes 2008-10-16 21:27:06 ----D---- C:\ProgramData\Malwarebytes 2008-10-16 21:27:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-10-16 17:59:32 ----D---- C:\rsit 2008-10-15 22:54:26 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-15 22:54:26 ----D---- C:\Program Files\iTunes 2008-10-15 22:54:26 ----D---- C:\Program Files\iPod 2008-10-14 19:43:20 ----D---- C:\Users\eric\AppData\Roaming\vlc 2008-10-12 21:18:04 ----D---- C:\Program Files\CANALSAT avec Zattoo 2008-10-12 20:11:13 ----D---- C:\Program Files\Canal 2008-10-11 17:23:44 ----D---- C:\Users\eric\AppData\Roaming\Publish Providers 2008-10-11 17:23:36 ----D---- C:\Users\eric\AppData\Roaming\Sony 2008-10-11 17:20:22 ----D---- C:\Program Files\Sony Setup 2008-10-08 21:08:44 ----A---- C:\Windows\EAGRAPH.INI 2008-10-07 09:18:41 ----D---- C:\divx 2008-10-07 09:17:21 ----D---- C:\Users\eric\AppData\Roaming\DivX 2008-10-07 09:14:11 ----D---- C:\Program Files\DivX 2008-10-05 10:10:23 ----D---- C:\Users\eric\AppData\Roaming\LG Electronics 2008-10-05 10:08:56 ----D---- C:\lgupload 2008-10-05 10:03:16 ----D---- C:\Program Files\LG Electronics 2008-10-05 10:01:28 ----D---- C:\Users\eric\AppData\Roaming\InstallShield 2008-10-04 14:42:54 ----D---- C:\Program Files\Electronic Arts 2008-10-04 14:42:52 ----D---- C:\ProgramData\Electronic Arts 2008-10-03 22:25:59 ----D---- C:\Program Files\LG PC Suite 2 2008-10-03 21:55:15 ----D---- C:\LGMobileUpgrade 2008-10-03 21:47:52 ----A---- C:\Windows\system32\lgAxconfig.ini 2008-10-03 21:47:52 ----A---- C:\Windows\system32\CommonDL.dll 2008-10-03 21:47:42 ----D---- C:\ProgramData\LGMOBILEAX 2008-10-03 08:09:31 ----D---- C:\Program Files\Bill2's Process Manager 2008-10-02 10:00:11 ----A---- C:\Windows\system32\zlib.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\Zipit.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\Zipdll.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\unzdll.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\PicFormat32.dll 2008-10-01 08:28:48 ----D---- C:\Users\eric\AppData\Roaming\Leadertech 2008-09-27 18:31:31 ----D---- C:\Program Files\tsMuxeR_1.8.8b 2008-09-27 10:31:39 ----D---- C:\Program Files\Microsoft Office 2008-09-27 10:31:14 ----RHD---- C:\MSOCache 2008-09-25 18:48:26 ----A---- C:\Windows\system32\XAudio2_1.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\xactengine3_1.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2008-09-25 18:48:25 ----A---- C:\Windows\system32\D3DX9_38.dll 2008-09-25 18:48:25 ----A---- C:\Windows\system32\d3dx10_38.dll 2008-09-22 08:22:44 ----D---- C:\Program Files\EA Sports 2008-09-21 16:39:10 ----D---- C:\Program Files\MSECache 2008-09-20 07:20:24 ----D---- C:\Program Files\Microsoft ======List of files/folders modified in the last 1 months====== 2008-10-18 09:38:26 ----D---- C:\Windows\Temp 2008-10-18 09:33:53 ----D---- C:\Program Files\Mozilla Firefox 2008-10-18 07:34:20 ----D---- C:\Windows\system32\drivers 2008-10-17 19:11:05 ----D---- C:\Windows 2008-10-17 07:51:31 ----A---- C:\Windows\NeroDigital.ini 2008-10-16 22:36:12 ----RD---- C:\Program Files 2008-10-16 21:34:56 ----D---- C:\Windows\System32 2008-10-16 21:29:26 ----D---- C:\Windows\inf 2008-10-16 21:29:26 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-10-16 21:27:06 ----HD---- C:\ProgramData 2008-10-16 20:36:00 ----SHD---- C:\System Volume Information 2008-10-15 23:36:39 ----D---- C:\Program Files\The KMPlayer FR 2008-10-15 22:54:50 ----SHD---- C:\Windows\Installer 2008-10-15 22:53:34 ----D---- C:\Windows\system32\catroot 2008-10-14 20:21:53 ----D---- C:\Windows\system32\catroot2 2008-10-12 10:44:28 ----D---- C:\Users\eric\AppData\Roaming\foobar2000 2008-10-11 15:31:35 ----D---- C:\Users\eric\AppData\Roaming\Vso 2008-10-05 10:03:16 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-04 16:37:42 ----D---- C:\Users\eric\AppData\Roaming\DeskSoft 2008-10-04 16:37:42 ----D---- C:\Program Files\EarthView 2008-10-04 09:59:25 ----D---- C:\Users\eric\AppData\Roaming\dvdcss 2008-10-01 08:20:07 ----RSD---- C:\Windows\assembly 2008-09-29 07:39:04 ----D---- C:\Windows\Tasks 2008-09-28 12:29:45 ----D---- C:\ProgramData\Team MediaPortal 2008-09-28 11:47:54 ----D---- C:\Program Files\Team MediaPortal 2008-09-27 10:32:32 ----SD---- C:\Users\eric\AppData\Roaming\Microsoft 2008-09-27 10:31:40 ----D---- C:\Program Files\Common Files\microsoft shared 2008-09-25 18:47:22 ----D---- C:\Windows\Logs 2008-09-25 17:44:02 ----D---- C:\ProgramData\Media Center Programs 2008-09-21 16:39:30 ----SD---- C:\ProgramData\Microsoft 2008-09-20 07:20:30 ----D---- C:\Windows\winsxs 2008-09-20 07:17:50 ----D---- C:\Program Files\La Fibre 2008-09-20 07:14:57 ----D---- C:\Program Files\Google 2008-09-20 07:14:55 ----D---- C:\Program Files\Common Files\PX Storage Engine ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-07-18 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 41456] R2 acedrv09;acedrv09; \??\C:\Windows\system32\drivers\acedrv09.sys [2007-06-18 373568] R2 acehlp09;acehlp09; \??\C:\Windows\system32\drivers\acehlp09.sys [2007-05-30 201696] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-09-25 279712] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-09-25 25888] R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-05-11 39264] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-06-04 52032] R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-09-21 170520] R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-09-21 521496] R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-09-21 1323544] R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-09-21 72728] R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-09-21 14360] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-09-21 157208] R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-09-21 92696] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2007-09-21 1163800] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-15 7314848] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-09-21 126488] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-02-22 47360] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-09-18 98816] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 ax05l5e4;ax05l5e4; C:\Windows\system32\drivers\ax05l5e4.sys [] S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-09-21 98328] S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-09-21 511000] S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-09-21 551960] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-09-21 346856] S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-09-21 174104] S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-09-21 286232] S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-09-21 134680] S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-09-21 329240] S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-09-21 100888] S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-09-21 566296] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2008-06-16 7808] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-05 36864] S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 ZSMC0305;A4 TECH PC Camera V; C:\Windows\System32\Drivers\usbVM305.sys [2006-05-08 391688] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-17 230944] R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-15 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-04-12 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-04-12 107832] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-04-13 654848] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-07-28 87288] S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-07-14 355584] S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF-----------------
  9. ericd
    effectivement hier soir j ai mis une usb vers 19h00 pour mettre un divx a un pote mais il est parti avec d ailleurs c etait sa clef donc je ne l ai pas desole estce grave docteur pour mon pc ?? ceci dit je vais prevenir mon pote ...merci
  10. ericd
    Encore merci pour ta patience et ta gentillesse ...ericd Logfile of random's system information tool 1.04 (written by random/random) Run by eric at 2008-10-17 07:37:09 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 163 GB (50%) free of 323 GB Total RAM: 2047 MB (57% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:37:10, on 17/10/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\System32\CTHELPER.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Bill2's Process Manager\ProcessManager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\eric\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\eric.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clubic.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O13 - Gopher Prefix: O15 - Trusted Zone: *.canal-plus.com (HKLM) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 6098 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUser.job C:\Windows\tasks\User_Feed_Synchronization-{59E6857A-6663-4694-89FE-57ADF0790E76}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] C:\Program Files\PicLensIE\PicLens.dll [2008-08-19 3493888] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] "CTHelper"=C:\Windows\system32\CTHELPER.EXE [2007-09-20 19456] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-15 13576736] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-15 92704] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "Google Update"=C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 133104] "ProcessManager"=C:\Program Files\Bill2's Process Manager\ProcessManager.exe [2008-08-04 1265664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath] C:\Windows\VM_STI.exe Philips SPC 200NC PC Camera [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget] C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-06-03 12] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-03-14 54832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TrayMin200.exe.lnk] C:\PROGRA~1\Philips\SPC200~1\TRAYMI~1.EXE [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0411cf98-caa1-11dc-87d4-806e6f6e6963}] shell\AutoRun\command - E:\LGInstaller.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{933aef35-d17e-11dc-b4f9-001e8c60e738}] shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecbc11cd-9b9a-11dd-8856-001e8c60e738}] shell\Auto\command - AdobeR.exe e shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e ======List of files/folders created in the last 1 months====== 2008-10-16 22:36:12 ----D---- C:\Program Files\Secunia 2008-10-16 21:27:08 ----D---- C:\Users\eric\AppData\Roaming\Malwarebytes 2008-10-16 21:27:06 ----D---- C:\ProgramData\Malwarebytes 2008-10-16 21:27:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-10-16 17:59:32 ----D---- C:\rsit 2008-10-15 22:54:26 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-15 22:54:26 ----D---- C:\Program Files\iTunes 2008-10-15 22:54:26 ----D---- C:\Program Files\iPod 2008-10-14 19:43:20 ----D---- C:\Users\eric\AppData\Roaming\vlc 2008-10-12 21:18:04 ----D---- C:\Program Files\CANALSAT avec Zattoo 2008-10-12 20:11:13 ----D---- C:\Program Files\Canal 2008-10-11 17:23:44 ----D---- C:\Users\eric\AppData\Roaming\Publish Providers 2008-10-11 17:23:36 ----D---- C:\Users\eric\AppData\Roaming\Sony 2008-10-11 17:20:22 ----D---- C:\Program Files\Sony Setup 2008-10-08 21:08:44 ----A---- C:\Windows\EAGRAPH.INI 2008-10-07 09:18:41 ----D---- C:\divx 2008-10-07 09:17:21 ----D---- C:\Users\eric\AppData\Roaming\DivX 2008-10-07 09:14:11 ----D---- C:\Program Files\DivX 2008-10-05 10:10:23 ----D---- C:\Users\eric\AppData\Roaming\LG Electronics 2008-10-05 10:08:56 ----D---- C:\lgupload 2008-10-05 10:03:16 ----D---- C:\Program Files\LG Electronics 2008-10-05 10:01:28 ----D---- C:\Users\eric\AppData\Roaming\InstallShield 2008-10-04 14:42:54 ----D---- C:\Program Files\Electronic Arts 2008-10-04 14:42:52 ----D---- C:\ProgramData\Electronic Arts 2008-10-03 22:25:59 ----D---- C:\Program Files\LG PC Suite 2 2008-10-03 21:55:15 ----D---- C:\LGMobileUpgrade 2008-10-03 21:47:52 ----A---- C:\Windows\system32\lgAxconfig.ini 2008-10-03 21:47:52 ----A---- C:\Windows\system32\CommonDL.dll 2008-10-03 21:47:42 ----D---- C:\ProgramData\LGMOBILEAX 2008-10-03 08:09:31 ----D---- C:\Program Files\Bill2's Process Manager 2008-10-02 10:00:11 ----A---- C:\Windows\system32\zlib.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\Zipit.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\Zipdll.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\unzdll.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\PicFormat32.dll 2008-10-01 08:28:48 ----D---- C:\Users\eric\AppData\Roaming\Leadertech 2008-09-27 18:31:31 ----D---- C:\Program Files\tsMuxeR_1.8.8b 2008-09-27 10:31:39 ----D---- C:\Program Files\Microsoft Office 2008-09-27 10:31:14 ----RHD---- C:\MSOCache 2008-09-25 18:48:26 ----A---- C:\Windows\system32\XAudio2_1.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\xactengine3_1.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2008-09-25 18:48:25 ----A---- C:\Windows\system32\D3DX9_38.dll 2008-09-25 18:48:25 ----A---- C:\Windows\system32\d3dx10_38.dll 2008-09-22 08:22:44 ----D---- C:\Program Files\EA Sports 2008-09-21 16:39:10 ----D---- C:\Program Files\MSECache 2008-09-20 07:20:24 ----D---- C:\Program Files\Microsoft 2008-09-18 09:36:46 ----D---- C:\Program Files\THQ ======List of files/folders modified in the last 1 months====== 2008-10-17 07:36:45 ----D---- C:\Windows\Temp 2008-10-17 07:33:52 ----D---- C:\Program Files\Mozilla Firefox 2008-10-16 22:51:47 ----D---- C:\Windows 2008-10-16 22:36:13 ----D---- C:\Windows\system32\drivers 2008-10-16 22:36:12 ----RD---- C:\Program Files 2008-10-16 21:34:56 ----D---- C:\Windows\System32 2008-10-16 21:29:26 ----D---- C:\Windows\inf 2008-10-16 21:29:26 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-10-16 21:27:06 ----HD---- C:\ProgramData 2008-10-16 20:36:00 ----SHD---- C:\System Volume Information 2008-10-16 19:01:11 ----A---- C:\Windows\NeroDigital.ini 2008-10-15 23:36:39 ----D---- C:\Program Files\The KMPlayer FR 2008-10-15 22:54:50 ----SHD---- C:\Windows\Installer 2008-10-15 22:53:34 ----D---- C:\Windows\system32\catroot 2008-10-14 20:21:53 ----D---- C:\Windows\system32\catroot2 2008-10-12 10:44:28 ----D---- C:\Users\eric\AppData\Roaming\foobar2000 2008-10-11 15:31:35 ----D---- C:\Users\eric\AppData\Roaming\Vso 2008-10-05 10:03:16 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-04 16:37:42 ----D---- C:\Users\eric\AppData\Roaming\DeskSoft 2008-10-04 16:37:42 ----D---- C:\Program Files\EarthView 2008-10-04 09:59:25 ----D---- C:\Users\eric\AppData\Roaming\dvdcss 2008-10-01 08:20:07 ----RSD---- C:\Windows\assembly 2008-09-29 07:39:04 ----D---- C:\Windows\Tasks 2008-09-28 12:29:45 ----D---- C:\ProgramData\Team MediaPortal 2008-09-28 11:47:54 ----D---- C:\Program Files\Team MediaPortal 2008-09-27 10:32:32 ----SD---- C:\Users\eric\AppData\Roaming\Microsoft 2008-09-27 10:31:40 ----D---- C:\Program Files\Common Files\microsoft shared 2008-09-25 18:47:22 ----D---- C:\Windows\Logs 2008-09-25 17:44:02 ----D---- C:\ProgramData\Media Center Programs 2008-09-21 16:39:30 ----SD---- C:\ProgramData\Microsoft 2008-09-20 07:20:30 ----D---- C:\Windows\winsxs 2008-09-20 07:17:50 ----D---- C:\Program Files\La Fibre 2008-09-20 07:14:57 ----D---- C:\Program Files\Google 2008-09-20 07:14:55 ----D---- C:\Program Files\Common Files\PX Storage Engine ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-07-18 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 41456] R2 acedrv09;acedrv09; \??\C:\Windows\system32\drivers\acedrv09.sys [2007-06-18 373568] R2 acehlp09;acehlp09; \??\C:\Windows\system32\drivers\acehlp09.sys [2007-05-30 201696] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-09-25 279712] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-09-25 25888] R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-05-11 39264] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-06-04 52032] R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-09-21 170520] R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-09-21 521496] R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-09-21 1323544] R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-09-21 72728] R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-09-21 14360] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-09-21 157208] R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-09-21 92696] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2007-09-21 1163800] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-15 7314848] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-09-21 126488] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-02-22 47360] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-09-18 98816] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 avptpiou;avptpiou; C:\Windows\system32\drivers\avptpiou.sys [] S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-09-21 98328] S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-09-21 511000] S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-09-21 551960] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-09-21 346856] S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-09-21 174104] S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-09-21 286232] S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-09-21 134680] S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-09-21 329240] S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-09-21 100888] S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-09-21 566296] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2008-06-16 7808] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-05 36864] S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 ZSMC0305;A4 TECH PC Camera V; C:\Windows\System32\Drivers\usbVM305.sys [2006-05-08 391688] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-17 230944] R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-15 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-04-12 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-04-12 107832] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-04-13 654848] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-07-28 87288] S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-07-14 355584] S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF-----------------
  11. ericd
    voila le resultat merci j espere que c est bon ca a l air ? non? Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1276 Windows 6.0.6001 Service Pack 1 16/10/2008 21:34:56 mbam-log-2008-10-16 (21-34-56).txt Type de recherche: Examen rapide Eléments examinés: 41271 Temps écoulé: 2 minute(s), 11 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Windows\System32\Updater.exe (Trojan.Agent) -> Quarantined and deleted successfully.
  12. ericd
    MAJ j ai reussi avec ramdom system PAR CONTRE JE N AI PAS DE FICHIER INFO.TXT Logfile of random's system information tool 1.04 (written by random/random) Run by eric at 2008-10-16 18:08:29 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 162 GB (50%) free of 323 GB Total RAM: 2047 MB (60% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:08:30, on 16/10/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\System32\CTHELPER.EXE C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Bill2's Process Manager\ProcessManager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\eric\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\eric.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.clubic.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Canal Widget] "C:\Program Files\Canal\Canal Widget\Launcher.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ProcessManager] C:\Program Files\Bill2's Process Manager\ProcessManager.exe -minimized O4 - HKCU\..\Run: [Windows Update] "C:\Windows\System32\Updater.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll O13 - Gopher Prefix: O15 - Trusted Zone: *.canal-plus.com (HKLM) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 6543 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUser.job C:\Windows\tasks\User_Feed_Synchronization-{59E6857A-6663-4694-89FE-57ADF0790E76}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}] C:\Program Files\PicLensIE\PicLens.dll [2008-08-19 3493888] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] "CTHelper"=C:\Windows\system32\CTHELPER.EXE [2007-09-20 19456] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-15 13576736] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-15 92704] "QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2008-09-06 413696] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936] "Canal Widget"=C:\Program Files\Canal\Canal Widget\Launcher.exe [2008-06-03 103992] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "Google Update"=C:\Users\eric\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-03 133104] "ProcessManager"=C:\Program Files\Bill2's Process Manager\ProcessManager.exe [2008-08-04 1265664] "Windows Update"=C:\Windows\System32\Updater.exe [2008-10-10 167936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath] C:\Windows\VM_STI.exe Philips SPC 200NC PC Camera [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget] C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-06-03 12] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-03-14 54832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TrayMin200.exe.lnk] C:\PROGRA~1\Philips\SPC200~1\TRAYMI~1.EXE [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0411cf98-caa1-11dc-87d4-806e6f6e6963}] shell\AutoRun\command - E:\LGInstaller.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{933aef35-d17e-11dc-b4f9-001e8c60e738}] shell\AutoRun\command - G:\LaunchU3.exe -a ======List of files/folders created in the last 1 months====== 2008-10-16 17:59:32 ----D---- C:\rsit 2008-10-15 22:54:26 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-15 22:54:26 ----D---- C:\Program Files\iTunes 2008-10-15 22:54:26 ----D---- C:\Program Files\iPod 2008-10-14 19:43:20 ----D---- C:\Users\eric\AppData\Roaming\vlc 2008-10-12 21:18:04 ----D---- C:\Program Files\CANALSAT avec Zattoo 2008-10-12 20:11:13 ----D---- C:\Program Files\Canal 2008-10-11 17:23:44 ----D---- C:\Users\eric\AppData\Roaming\Publish Providers 2008-10-11 17:23:36 ----D---- C:\Users\eric\AppData\Roaming\Sony 2008-10-11 17:20:22 ----D---- C:\Program Files\Sony Setup 2008-10-10 13:34:18 ----A---- C:\Windows\system32\Updater.exe 2008-10-08 21:08:44 ----A---- C:\Windows\EAGRAPH.INI 2008-10-07 09:18:41 ----D---- C:\divx 2008-10-07 09:17:21 ----D---- C:\Users\eric\AppData\Roaming\DivX 2008-10-07 09:14:11 ----D---- C:\Program Files\DivX 2008-10-05 10:10:23 ----D---- C:\Users\eric\AppData\Roaming\LG Electronics 2008-10-05 10:08:56 ----D---- C:\lgupload 2008-10-05 10:03:16 ----D---- C:\Program Files\LG Electronics 2008-10-05 10:01:28 ----D---- C:\Users\eric\AppData\Roaming\InstallShield 2008-10-04 14:42:54 ----D---- C:\Program Files\Electronic Arts 2008-10-04 14:42:52 ----D---- C:\ProgramData\Electronic Arts 2008-10-03 22:25:59 ----D---- C:\Program Files\LG PC Suite 2 2008-10-03 21:55:15 ----D---- C:\LGMobileUpgrade 2008-10-03 21:47:52 ----A---- C:\Windows\system32\lgAxconfig.ini 2008-10-03 21:47:52 ----A---- C:\Windows\system32\CommonDL.dll 2008-10-03 21:47:42 ----D---- C:\ProgramData\LGMOBILEAX 2008-10-03 08:09:31 ----D---- C:\Program Files\Bill2's Process Manager 2008-10-02 10:00:11 ----A---- C:\Windows\system32\zlib.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\Zipit.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\Zipdll.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\unzdll.dll 2008-10-02 10:00:11 ----A---- C:\Windows\system32\PicFormat32.dll 2008-10-01 08:28:48 ----D---- C:\Users\eric\AppData\Roaming\Leadertech 2008-09-27 18:31:31 ----D---- C:\Program Files\tsMuxeR_1.8.8b 2008-09-27 10:31:39 ----D---- C:\Program Files\Microsoft Office 2008-09-27 10:31:14 ----RHD---- C:\MSOCache 2008-09-25 18:48:26 ----A---- C:\Windows\system32\XAudio2_1.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\xactengine3_1.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2008-09-25 18:48:26 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2008-09-25 18:48:25 ----A---- C:\Windows\system32\D3DX9_38.dll 2008-09-25 18:48:25 ----A---- C:\Windows\system32\d3dx10_38.dll 2008-09-22 08:22:44 ----D---- C:\Program Files\EA Sports 2008-09-22 08:19:49 ----D---- C:\FIFA 09 Demo 2008-09-21 16:39:10 ----D---- C:\Program Files\MSECache 2008-09-20 07:20:24 ----D---- C:\Program Files\Microsoft 2008-09-18 09:36:46 ----D---- C:\Program Files\THQ ======List of files/folders modified in the last 1 months====== 2008-10-16 18:07:21 ----D---- C:\Program Files\Mozilla Firefox 2008-10-16 18:00:52 ----D---- C:\Windows\System32 2008-10-16 18:00:52 ----D---- C:\Windows\inf 2008-10-16 18:00:52 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-10-16 18:00:24 ----D---- C:\Windows\Temp 2008-10-16 08:13:49 ----RD---- C:\Program Files 2008-10-16 07:32:18 ----D---- C:\Windows 2008-10-15 23:36:41 ----A---- C:\Windows\NeroDigital.ini 2008-10-15 23:36:39 ----D---- C:\Program Files\The KMPlayer FR 2008-10-15 22:54:50 ----SHD---- C:\Windows\Installer 2008-10-15 22:54:26 ----HD---- C:\ProgramData 2008-10-15 22:53:34 ----D---- C:\Windows\system32\catroot 2008-10-15 22:53:27 ----SHD---- C:\System Volume Information 2008-10-14 20:21:53 ----D---- C:\Windows\system32\catroot2 2008-10-12 10:44:28 ----D---- C:\Users\eric\AppData\Roaming\foobar2000 2008-10-11 15:31:35 ----D---- C:\Users\eric\AppData\Roaming\Vso 2008-10-05 10:07:43 ----D---- C:\Windows\system32\drivers 2008-10-05 10:03:16 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-04 16:37:42 ----D---- C:\Users\eric\AppData\Roaming\DeskSoft 2008-10-04 16:37:42 ----D---- C:\Program Files\EarthView 2008-10-04 09:59:25 ----D---- C:\Users\eric\AppData\Roaming\dvdcss 2008-10-01 08:20:07 ----RSD---- C:\Windows\assembly 2008-09-29 07:39:04 ----D---- C:\Windows\Tasks 2008-09-28 12:29:45 ----D---- C:\ProgramData\Team MediaPortal 2008-09-28 11:47:54 ----D---- C:\Program Files\Team MediaPortal 2008-09-27 10:32:32 ----SD---- C:\Users\eric\AppData\Roaming\Microsoft 2008-09-27 10:31:40 ----D---- C:\Program Files\Common Files\microsoft shared 2008-09-25 18:47:22 ----D---- C:\Windows\Logs 2008-09-25 17:44:02 ----D---- C:\ProgramData\Media Center Programs 2008-09-21 16:39:30 ----SD---- C:\ProgramData\Microsoft 2008-09-20 07:20:30 ----D---- C:\Windows\winsxs 2008-09-20 07:17:50 ----D---- C:\Program Files\La Fibre 2008-09-20 07:14:57 ----D---- C:\Program Files\Google 2008-09-20 07:14:55 ----D---- C:\Program Files\Common Files\PX Storage Engine ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-07-18 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 41456] R2 acedrv09;acedrv09; \??\C:\Windows\system32\drivers\acedrv09.sys [2007-06-18 373568] R2 acehlp09;acehlp09; \??\C:\Windows\system32\drivers\acehlp09.sys [2007-05-30 201696] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-09-25 279712] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-09-25 25888] R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2008-05-11 39264] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-06-04 52032] R3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-09-21 170520] R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-09-21 521496] R3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-09-21 1323544] R3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-09-21 72728] R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-09-21 14360] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-09-21 157208] R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-09-21 92696] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2007-09-21 1163800] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-15 7314848] R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-09-21 126488] R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-02-22 47360] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-09-18 98816] R3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416] R3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840] R3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 azb6j5yo;azb6j5yo; C:\Windows\system32\drivers\azb6j5yo.sys [] S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-09-21 98328] S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-09-21 511000] S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-09-21 551960] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-09-21 346856] S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-09-21 174104] S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-09-21 286232] S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-09-21 134680] S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-09-21 329240] S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-09-21 100888] S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-09-21 566296] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-09-05 36864] S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 ZSMC0305;A4 TECH PC Camera V; C:\Windows\System32\Drivers\usbVM305.sys [2006-05-08 391688] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-17 230944] R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-15 196608] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-04-12 66872] R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-04-12 107832] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-04-13 654848] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-07-28 87288] S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-07-14 355584] S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF-----------------
  13. ericd
    merci beaucoup de perdre ton temps ,voila rien ne fonctionnes ,le fichier a ouvrir "updater .exe "ne veut pas que je l utilise ,je ny ai pas acces d ailleurs meme hi jack dis qu il ne peut pas l analyser.la je t ecris mais le clavier et la souris s arretent de temps en temps j ai du mal a ecrire, ramdom system me cree un fichier word completement vierge ...pff c est la misere...pitié ericd
  14. ericd
  15. ericd
    bonjour voila j ai fait une maj de itunes hier soir et des que j ai redemarre mon ordinateur j ai eu un message d antivir qui me signales un backdoor dans c:/windows/system32/Updater.exe il s agit de BDS/VB.gig bien sur je l ai mis direct en access deny mais quand je redemarre le pc, antivir me le detectes toujours ,j ai lance aussi un scan avec hi_jack mais il ne l analyse pas !! il analyse tout le reste sauf ce fichier !! est ce du a l action access deny que j ai demande a antivir?? ou est ce du a autre chose de plus j aimerais savoir si etait possible de l eradiquer ,mais comme c est un fichier Important dans windows systen32 je ne sais pas quoi faire .. merci beaucoup pour votre aide je suis sous Vista premium j ai antivir et hijack ericd
  16. ericd
    ok merci je vais aller voir
  17. ericd
    merci sous vista y a reseau/option" actualiser" (apparement pour focer la detection mais j ai essayé 10 x et rien ),mais on sait pas pourquoi d un coup ca reviens !!
  18. ericd
    salut, voila , j ai 2 pc a la maison 1 sous vista l autre sous xpsp2 j ai un modem netgear dg834 je suis branche avec 2 cables ethernet qui partent du modem,sur les 2 pc j ai bien internet ,mais j ai fait partage les fichiers et imprimantes ,ca a fonctionne hier soir,et depuis ce matin ,ca ne fonctionnes plus ..j ai beau attendre sur le pc de vista j actualise et rien je ne vois que les fichiers partages vista etpas ceux sous xp ,quelqu un a une idee svp? le pc sous xpsp2 s appellle "la cuisine" le pc sous vista s appelle "pc de eric" pourquoi est ce si long a reconnaitre le pc cuisine ?? maj;il vient de me le detecter c est bon,mais pourquoi c est si long??4 heures pour voir le reseau ?y a un probleme la non?? merci a toutes personnes me venant en aide ericd
  19. ericd
    oui c est clair,mais c est le pourquoi du comment que j aimerais savoir !,il n y a pas de raisons que cela fonctionnes sous opera et pas sur ie7,j ai l impression que c est depuis la derniere maj d ie7 y a pas longtemps... ericd
  20. ericd
    bon tant mieux ,je respire ouf ! merci lien rag de ta gentillesse ,j ai teste firefox mais j aimes pas trop je prefere opera oui je sais bizarre mais bon.... par contre ce qui est etrange c est cette histoire de messagerie orange avec laquelle je ne peux plus acceder par l intermediaire d ie7 ..j ai du faire une boulette effacer quelque chose qui est en rapport avec la mesagerie orange ..
  21. ericd
    oui excuse moi !! voila depuis quelques temps certaines pages d internet explorer7 ne s affichent plus 'service messagerie d orange .fr ) et ma connection internet rame . il est a note que j ai du installer opera (tres bon je trouve) pour pouvoir lire mes messages chez orange.fr et la ca fonctionnes tres bien donc je pense que le probleme vient d ie7,je prefere ne pas utiliser outlook express et passer directement par la messagerie orange.fr sinon en ce moment j ai du 3megas au lieu de 6 a 7 megas de debit ...(forfait 8 megas orange) merci de ta patience ericd
  22. ericd
    bonjour ,j ai des difficultes depuis une semaine avec ie7 sous win xp merci de m analyser mon rapport hijack ,je n y comprends rien merci beaucoup a ceux qui prendront de leur temps pour m aider.. ericd Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 18:50:11, on 15/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\svchost.exe F:\Program Files\Windows Defender\MsMpEng.exe F:\WINDOWS\System32\svchost.exe F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe F:\Program Files\Alwil Software\Avast4\ashServ.exe F:\WINDOWS\system32\spoolsv.exe F:\WINDOWS\Explorer.EXE F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe F:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe F:\WINDOWS\SYSTEM32\CTXFISPI.EXE F:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe F:\Program Files\Windows Defender\MSASCui.exe F:\WINDOWS\system32\ctfmon.exe F:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe F:\Program Files\Bonjour\mDNSResponder.exe F:\WINDOWS\system32\CTsvcCDA.EXE F:\WINDOWS\System32\svchost.exe F:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe F:\WINDOWS\system32\nvsvc32.exe F:\WINDOWS\system32\svchost.exe F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe F:\Program Files\Alwil Software\Avast4\ashWebSv.exe F:\Program Files\Opera\Opera.exe F:\Documents and Settings\eric\Bureau\HiJackThis_v2.exe F:\Program Files\Internet Explorer\IEXPLORE.EXE F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AudioDrvEmulator] "F:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "F:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [updReg] F:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [TrueImageMonitor.exe] F:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] F:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Windows Defender] "F:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200707...ex/qtplugin.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://www.touslesdrivers.com/fichiers/har...ion_2_0_4_6.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15031/CTPID.cab O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - F:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - F:\WINDOWS\system32\browseui.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - F:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - F:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - F:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - F:\WINDOWS\system32\services.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - F:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - F:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - F:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NMIndexingService - Nero AG - F:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - F:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - F:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - F:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - F:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - F:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - F:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - F:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 8123 bytes merci .... ericd
  23. ericd

    explorer.exe

    ericd a posté un sujet dans Software

    salut voila j ai installe un jeu et quand je veux supprimer ce jeu impossible il me dit que train.exe qui est l executable du jeu donc,est impossible a supprime parce que partage avec explorer.exe !!!donc quand je veux desinstaller ce jeu rien a faire a cause de cet exe si toutefois vous avez une soluce les gars merci de votre aide j ai utilise un ti logiciel qui s appelle "who locked me " qui vous informe sur le logiciel avec lequel est partage l exe,il me dit que c est avec explorer.exe aie!!! c est grave docteur ??estce que je peux arreter explorer.exe non je crois pas hein ?? merci ericd
  24. ericd
    bonjour, si je peux me permettre c est du grand n importe quoi ce que ton association t as envoyé !!change d assoc lol!! tout fonctionne tres tres bien chez moi ,videos et musiques ....j ai vista ultimate (acheté)et aucuns problemes de ce genre ni d autres d ailleurs!!si ce n est les pilotes non optimisés,creative xfi et nvidia gforce..
  25. ericd
    salut stadiste , oui c est bien pour ca que je comprends pas c est que vlc a en natif tout ce qu il faut pour lire les xvid divx et tout le reste ,comment change t on la sortie video stp ?? merci
×
×
  • Créer...