Analyse hijackthis S.V.P

[shernice]

DiagHelp version v1.2 - http://www.malekal.com

excute le Mon 09/17/2007 ?23:05:01.70

 

 

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch

C:\WINDOWS\prefetch\CMD.EXE-034B0549.pf -->9/17/2007 11:04:22 PM

C:\WINDOWS\prefetch\CHCP.COM-17EDBDC9.pf -->9/17/2007 11:04:18 PM

C:\WINDOWS\prefetch\WINRAR.EXE-0AA31BB9.pf -->9/17/2007 11:03:41 PM

C:\WINDOWS\prefetch\CONIME.EXE-2543A6D8.pf -->9/17/2007 11:01:55 PM

C:\WINDOWS\prefetch\RUNDLL32.EXE-42A8E4DE.pf -->9/17/2007 10:46:53 PM

C:\WINDOWS\prefetch\MSIEXEC.EXE-330626DC.pf -->9/17/2007 10:36:46 PM

C:\WINDOWS\prefetch\WINWORD.EXE-33AEA629.pf -->9/17/2007 10:36:42 PM

C:\WINDOWS\prefetch\OUTLOOK.EXE-29875EE0.pf -->9/17/2007 10:36:29 PM

C:\WINDOWS\prefetch\VERCLSID.EXE-28F52AD2.pf -->9/17/2007 10:36:19 PM

C:\WINDOWS\prefetch\NOTEPAD.EXE-2F2D61E1.pf -->9/17/2007 10:34:31 PM

 

C:\WINDOWS\System32\drivers\npf.sys -->9/8/2007 3:16:58 PM

C:\WINDOWS\System32\drivers\QWBGMQWBHM.DAT -->9/8/2007 3:13:32 PM

C:\WINDOWS\System32\drivers\CHLRXDHMRWBGMR.DAT.tmp -->9/8/2007 12:50:14 PM

C:\WINDOWS\System32\drivers\aswmon.sys -->9/6/2007 6:05:25 PM

C:\WINDOWS\System32\drivers\aswmon2.sys -->9/6/2007 6:05:10 PM

C:\WINDOWS\System32\drivers\aswRdr.sys -->9/6/2007 6:03:02 PM

C:\WINDOWS\System32\drivers\aswTdi.sys -->9/6/2007 6:02:20 PM

 

C:\WINDOWS\System32\FNTCACHE.DAT -->9/17/2007 5:07:08 PM

C:\WINDOWS\System32\tmp.txt -->9/16/2007 11:48:27 AM

C:\WINDOWS\System32\tmp.reg -->9/16/2007 11:48:27 AM

C:\WINDOWS\System32\wpa.dbl -->9/16/2007 10:35:49 AM

C:\WINDOWS\System32\{0D059E7E-DE34-499D-B4D2-18C1089000F7}.dat -->9/14/2007 10:32:11 PM

C:\WINDOWS\System32\SR2.dat -->9/14/2007 10:30:49 PM

C:\WINDOWS\System32\rmoc3260.dll -->9/12/2007 10:47:20 PM

C:\WINDOWS\System32\pndx5032.dll -->9/12/2007 10:47:07 PM

C:\WINDOWS\System32\pndx5016.dll -->9/12/2007 10:47:07 PM

C:\WINDOWS\System32\pncrt.dll -->9/12/2007 10:47:03 PM

C:\WINDOWS\System32\CONFIG.NT -->9/12/2007 10:22:07 PM

C:\WINDOWS\System32\asfiles.txt -->9/8/2007 10:28:02 PM

C:\WINDOWS\System32\Uninstall.ico -->9/8/2007 10:20:31 PM

C:\WINDOWS\System32\pavas.ico -->9/8/2007 10:20:31 PM

C:\WINDOWS\System32\Help.ico -->9/8/2007 10:20:31 PM

C:\WINDOWS\System32\mscpx32r.det -->9/8/2007 5:05:47 PM

C:\WINDOWS\System32\OVAFLRWB.DLL -->9/8/2007 4:20:18 PM

C:\WINDOWS\System32\HMQVB.DLL -->9/8/2007 4:20:18 PM

C:\WINDOWS\System32\EJOUAFKQVAFJOTY.AAB -->9/8/2007 4:20:18 PM

C:\WINDOWS\System32\klb1189239228.wk -->9/8/2007 4:13:48 PM

C:\WINDOWS\System32\mywebhit.ini.tmp -->9/8/2007 3:17:39 PM

C:\WINDOWS\System32\mywebhit.ini -->9/8/2007 3:17:21 PM

C:\WINDOWS\System32\wpcap.dll -->9/8/2007 3:16:58 PM

C:\WINDOWS\System32\WanPacket.dll -->9/8/2007 3:16:58 PM

C:\WINDOWS\System32\Packet.dll -->9/8/2007 3:16:58 PM

 

C:\WINDOWS.log -->9/17/2007 10:31:00 PM

C:\WINDOWS\WindowsUpdate.log -->9/17/2007 10:30:52 PM

C:\WINDOWS\wiadebug.log -->9/17/2007 10:30:46 PM

C:\WINDOWS\wiaservc.log -->9/17/2007 10:30:44 PM

C:\WINDOWS\bootstat.dat -->9/17/2007 10:30:27 PM

C:\WINDOWS\SchedLgU.Txt -->9/17/2007 6:37:08 PM

C:\WINDOWS\setupapi.log -->9/17/2007 8:53:52 AM

C:\WINDOWS\svcpack.log -->9/16/2007 11:01:12 PM

C:\WINDOWS\QTFont.qfn -->9/16/2007 1:51:58 PM

C:\WINDOWS\QTFont.for -->9/16/2007 12:18:17 PM

C:\WINDOWS\spupdsvc.log -->9/16/2007 11:38:43 AM

C:\WINDOWS\tsoc.log -->9/16/2007 10:54:37 AM

C:\WINDOWS\ocmsn.log -->9/16/2007 10:54:37 AM

C:\WINDOWS\ocgen.log -->9/16/2007 10:54:37 AM

C:\WINDOWS\ntdtcsetup.log -->9/16/2007 10:54:37 AM

 

 

MD5 des fichiers sensibles

tcpip.sys b8158e2a6112c0a5ca67bc158fc70218

ndis.sys 3b350e5a2a5e951453f3993275a4523a

null.sys 73c1e1f395918bc2c6dd67af7591a3ad

svchost.exe 0f7d9c87b0ce1fa520473119752c6f79

 

 

Volume in drive C is PRESARIO

Volume Serial Number is FC96-68A1

 

Directory of C:\WINDOWS\system

 

02/16/1999 01:06 AM 4,064 Aspiexec.exe

05/07/1998 04:04 PM 52,736 hpsysdrv.exe

2 File(s) 56,800 bytes

0 Dir(s) 11,882,864,640 bytes free

Volume in drive C is PRESARIO

Volume Serial Number is FC96-68A1

 

Directory of C:\WINDOWS\system32

 

01/20/2003 07:39 PM 4,096 csrss.exe

1 File(s) 4,096 bytes

0 Dir(s) 11,882,864,640 bytes free

 

Contenu de Downloaded Program Files

Volume in drive C is PRESARIO

Volume Serial Number is FC96-68A1

 

Directory of C:\WINDOWS\Downloaded Program Files

 

09/16/2007 11:42 PM <DIR> .

09/16/2007 11:42 PM <DIR> ..

08/24/2006 08:28 AM 141,424 asinst.dll

08/22/2006 09:06 AM 537 asinst.inf

12/07/2004 05:07 PM 32 bdcore.dll

05/25/2006 01:21 AM 118,784 bdupd.dll

07/29/2003 09:44 AM 65 desktop.ini

10/15/1997 01:52 AM 697 DirectAnimation Java Classes.osd

07/25/2002 05:13 PM 24,576 dwusplay.dll

07/25/2002 05:13 PM 196,608 dwusplay.exe

02/14/2007 06:44 PM 378 ImageUploader4.inf

02/14/2007 06:44 PM 2,557,752 ImageUploader4.ocx

05/25/2006 01:21 AM 53,248 ipsupd.dll

07/25/2002 05:05 PM 172,032 isusweb.dll

09/07/2007 11:29 AM 2,305 kavwebscan.inf

03/16/2005 12:34 PM 7,407 lang.ini

12/07/2004 05:07 PM 32 libfn.dll

03/14/2005 02:38 PM 126 live.ini

12/14/2004 01:58 PM 3,486,872 MgAxCtrl.dll

12/14/2004 01:55 PM 159 MgAxCtrl.inf

01/20/2000 03:25 PM 1,162 Microsoft XML Parser for Java.osd

06/01/2006 02:57 AM 1,331 oscan8.inf

06/01/2006 02:54 AM 471,040 oscan8.ocx

05/31/2006 04:15 AM 10 oscan81.ocx_x

03/14/2005 02:58 PM 7,073 scanoptions.tsi

03/27/2007 04:00 PM 5,021 swflash.inf

07/30/2007 07:24 PM 293 wuweb.inf

25 File(s) 7,248,964 bytes

 

Total Files Listed:

25 File(s) 7,248,964 bytes

2 Dir(s) 11,882,860,544 bytes free

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"C:\\Program Files\\Kingsoft\\Powerword 2006\\xdict.exe"="C:\\Program Files\\Kingsoft\\Powerword 2006\\xdict.exe:*:Enabled:Kingsoft PowerWord"

"C:\\Program Files\\Kingsoft\\Powerword 2006\\update.exe"="C:\\Program Files\\Kingsoft\\Powerword 2006\\update.exe:*:Enabled:Kingsoft PowerWord Online Update"

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

 

 

 

exports des policies

REGEDIT4

 

[system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

 

 

Export des clefs sensibles..

Rechercher adresses sensibles dans le fichier HOSTS...

catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-09-17 23:05:36

Windows 5.1.2600 Service Pack 1 NTFS

 

scanning hidden services & system hive ...

 

scanning hidden registry entries ...

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\\x8922q\\x86ec8?]

"SlowInfoCache"=hex:28,02,00,00,01,00,00,00,00,00,19,07,00,00,00,00,1e,e8,37,63,6c,..

"Changed"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]

"I:\DVD Templates\fr_FR\Nouveau b\x958e\x9588gar\x93fen\???"=""

"I:\DVD Templates\fr_FR\G\x959a\x959eal\Mosa\x98cdue\???"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\x8922q\\x86ec8?]

"Inno Setup: Setup Version"="5.1.4"

"Inno Setup: App Path"="C:\Program Files\Kingsoft\Powerword 2006"

"InstallLocation"="C:\Program Files\Kingsoft\Powerword 2006\"

"Inno Setup: Icon Group"="\x91d1\x5c71\x8bcd\x9738 2006 OEM\x7248"

"Inno Setup: User"="Owner"

"Inno Setup: User Info: Name"="uu"

"Inno Setup: User Info: Organization"="kscb0759428"

"Inno Setup: User Info: Serial"=""

"DisplayName"="\x91d1\x5c71\x8bcd\x9738 2006 OEM\x7248"

"DisplayIcon"="C:\Program Files\Kingsoft\Powerword 2006\Setup.ico"

"UninstallString"=""C:\Program Files\Kingsoft\Powerword 2006\unins000.exe""

"QuietUninstallString"=""C:\Program Files\Kingsoft\Powerword 2006\unins000.exe" /SILENT"

"DisplayVersion"="9.0.0.0"

"Publisher"="Kingsoft"

"URLInfoAbout"="http://www.kingsoft.com"

"HelpLink"="http://support.kingsoft.com"

"NoModify"=dword:00000001

"NoRepair"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]

"\xf8f5N\x5a85SO?"="FangSongTi.TTF"

"wiSO"="KaiTi.TTF"

"\x7a0ffNSO?"="LiShuTi.TTF"

"O\x6d03xSO?"="WeiBeiTi.TTF"

"L\x5775iSO?"="XingKaiTi.TTF"

"\x5640\16\x70e0?S?-N\6WA~ ?(?T?r?u?e?T?y?p?e?)???"="tcyen00m.ttf"

"\x5640\16\x70e0?S?-N\x5a85 ?(?T?r?u?e?T?y?p?e?)????"="gcsun00m.ttf"

"\x5640\16\x70e0?S?-N\x5a85A~ ?(?T?r?u?e?T?y?p?e?)????"="tcsun00m.ttf"

"\x5640\16\x70e0?S?-NI{\x7e39 ?(?T?r?u?e?T?y?p?e?)????"="gcdsn00m.ttf"

"\x5640\16\x70e0?S?-N\x8933 ?(?T?r?u?e?T?y?p?e?)????"="gchei00m.ttf"

"\x5640\16\x70e0?S?-N\x8933A~ ?(?T?r?u?e?T?y?p?e?)????"="tchei00m.ttf"

"\x5640\16\x70e0?S?fN\x5a85\x5b68 ?(?T?r?u?e?T?y?p?e?)?????"="gcsun02m.ttf"

"\x5640\16\x70e0?S?fN\x5a85\x5b68A~ ?(?T?r?u?e?T?y?p?e?)?????"="tcsun02m.ttf"

"\x5640\16\x70e0?S?\xf8f5N\x5a85SO ?(?T?r?u?e?T?y?p?e?)????"="gcfsn00m.ttf"

"\x5640\16\x70e0?S?'Y\x5a85 ?(?T?r?u?e?T?y?p?e?)????"="gcsun00b.ttf"

"\x5640\16\x70e0?S?'Y\x5a85A~ ?(?T?r?u?e?T?y?p?e?)????"="tcsun00b.ttf"

"\x5640\16\x70e0?S?'Y\x7a0ffN ?(?T?r?u?e?T?y?p?e?)????"="gcdls00b.ttf"

"\x5640\16\x70e0?S?'Y\x8933 ?(?T?r?u?e?T?y?p?e?)????"="gchei00b.ttf"

"\x5640\16\x70e0?S?'Y\x8933A~ ?(?T?r?u?e?T?y?p?e?)????"="tchei00b.ttf"

"\x5640\16\x70e0?S?\xe668\x5a85A~ ?(?T?r?u?e?T?y?p?e?)?????"="tcbsn00l.ttf"

"\x5640\16\x70e0?S?wiSO ?(?T?r?u?e?T?y?p?e?)???"="gckai00m.ttf"

"\x5640\16\x70e0?S?\x68b6\6WA~ ?(?T?r?u?e?T?y?p?e?)????"="tcyen00b.ttf"

"\x5640\16\x70e0?S?\x82f8I{\x7e39 ?(?T?r?u?e?T?y?p?e?)?????"="gcdsn00l.ttf"

"\x5640\16\x70e0?S?\22?TSO ?(?T?r?u?e?T?y?p?e?)????"="gcstt00b.ttf"

"\x5640\16\x70e0?S?\22?TSOA~ ?(?T?r?u?e?T?y?p?e?)????"="tcstt00b.ttf"

"\x5640\16\x70e0?S?L\x5775i ?(?T?r?u?e?T?y?p?e?)????"="gcska00b.ttf"

"\x5640\16\x70e0?S?L\x5775iA~ ?(?T?r?u?e?T?y?p?e?)????"="tcska00b.ttf"

"\x5640\16\x70e0?S?\x666a[ ?(?T?r?u?e?T?y?p?e?)????"="gccsn00b.ttf"

"\x5640\16\x70e0?S?\x666a[A~ ?(?T?r?u?e?T?y?p?e?)????"="tccsn00b.ttf"

"\x5640\16\x70e0?S?\x666d\x8933 ?(?T?r?u?e?T?y?p?e?)?????"="gccmh00b.ttf"

"\x5640\16\x70e0?S?\x666d\x8933A~ ?(?T?r?u?e?T?y?p?e?)?????"="tccmh00b.ttf"

"\x5640\16\x70e0?S?O\x6d03x ?(?T?r?u?e?T?y?p?e?)????"="gcwei00b.ttf"

"\x5640\16\x70e0?S?O\x6d03xA~ ?(?T?r?u?e?T?y?p?e?)????"="tcwei00b.ttf"

"\x5640\16?\xf8f5/\xf8f50\xf8f5\r\xf8f5\22\xf8f5A~ ?(?T?r?u?e?T?y?p?e?)???"="tpop02b.ttf"

"\x5640\16?Nwi\x20ac{ ?(?T?r?u?e?T?y?p?e?)???"="gkai00m0.ttf"

"\x5640\16?NwiA~ ?(?T?r?u?e?T?y?p?e?)???"="tkai00m.ttf"

"\x5640\16?NL\x5752N\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gsin00m.ttf"

"\x5640\16?NL\x5752NA~ ?(?T?r?u?e?T?y?p?e?)????"="tsin00m.ttf"

"\x5640\16?N\x7a0f\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="glei00m.ttf"

"\x5640\16?N\x7a0fA~ ?(?T?r?u?e?T?y?p?e?)????"="tlei00m.ttf"

"\x5640\16\x7112N\x5a85\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gmin00m0.ttf"

"\x5640\16\x7112N\x5a85A~ ?(?T?r?u?e?T?y?p?e?)????"="tmin00m.ttf"

"\x5640\16\x71a6R\x7491AmA~ ?(?T?r?u?e?T?y?p?e?)????"="tkan00u.ttf"

"\x5640\16?Y\ah\x5a85\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gmin00h.ttf"

"\x5640\16?\\ah\x5a85\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gmin00b0.ttf"

"\x5640\16?^JTSOA~ ?(?T?r?u?e?T?y?p?e?)???"="tpop03b.ttf"

"\x5640\16\x711b_\x615bA~ ?(?T?r?u?e?T?y?p?e?)????"="toor00u.ttf"

"\x5640\16\x7161b\x5a85\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gbsn00l.ttf"

"\x5640\16\x7171ez\x4fc2O\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gchw00u.ttf"

"\x5640\16\x7171ez\x4fc2OA~ ?(?T?r?u?e?T?y?p?e?)????"="tchw00u.ttf"

"\x5640\16\x712am\xe668SOA~ ?(?T?r?u?e?T?y?p?e?)????"="tpop00b.ttf"

"\x5640\16\x712cr\6W\x20ac{ ?(?T?r?u?e?T?y?p?e?)???"="ggtr00h.ttf"

"\x5640\16\x712cr\x68b6\6W\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="ggtr00u.ttf"

"\x5640\16\x712cr\x68b6\x5a85\x20ac{ ?(?T?r?u?e?T?y?p?e?)?????"="gmin00u.ttf"

"\x5640\16\x712cr\x68b6\x8933\x20ac{ ?(?T?r?u?e?T?y?p?e?)?????"="ghei01u.ttf"

"\x5640\16?t\x7e92A~ ?(?T?r?u?e?T?y?p?e?)????"="tovr00u.ttf"

"\x5640\16\x7151|\6W\x20ac{ ?(?T?r?u?e?T?y?p?e?)???"="ggtr00b.ttf"

"\x5640\16\x7151|L\x5775i\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gska00b.ttf"

"\x5640\16\x7151|O\x6d03x\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gwei00b.ttf"

"\x5640\16\x7151|\x8933\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="ghei01b.ttf"

"\x5640\16\x7151|\x8933A~ ?(?T?r?u?e?T?y?p?e?)????"="thei01b.ttf"

"\x5640\16\x718e~\xf8f5N\x5a85\x20ac{ ?(?T?r?u?e?T?y?p?e?)????"="gsun00l.ttf"

"\x5640\16\x718e~\xf8f5N\x5a85A~ ?(?T?r?u?e?T?y?p?e?)????"="tsun00l.ttf"

"\x5640\16\x718e~\6W\x20ac{ ?(?T?r?u?e?T?y?p?e?)???"="ggtr00l0.ttf"

"\x5640\16\x718e~\6WA~ ?(?T?r?u?e?T?y?p?e?)???"="tgtr00l.ttf"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Hachette Multim\x9590ia]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Hachette Multim\x9590ia\3000 recettes ELLE]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\iPod\Programmes de mise ?jour pr\x958f\x9590ents]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\iPod\Programmes de mise ?jour pr\x958f\x9590ents\iPod Updater 2006-01-10]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\iPod\Programmes de mise ?jour pr\x958f\x9590ents\Previous Updaters]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\\x688d\23f\x64ed\24{]

"\x86ec\x97f9T\x20ac\x9aae???"=dword:00000001

"\x86ec\x97f9\x6439eQ???"=dword:00000001

"\20?n\x884f:y??"=dword:00000001

"\26Y\1x\x884f:y?"=dword:00000001

"\x895dzz<h?"=dword:00000000

"IQ\ah\x9096\x5f47??"=dword:00000001

"<SPACE>"=dword:00000000

"<ENTER>"=dword:00000001

"FC Input"=dword:00000000

"FC aid"=dword:00000000

"GB/GBK"=dword:00000000

 

scanning hidden files ...

 

scan completed successfully

hidden services: 0

hidden files: 0

 

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Process list by traversal of KiWaitListHead

 

4 - System

144 - ccPxySvc.exe

252 - ashWebSv.exe

324 - ashMaiSv.exe

512 - csrss.exe

536 - winlogon.exe

580 - services.exe

592 - lsass.exe

764 - svchost.exe

816 - svchost.exe

976 - svchost.exe

1056 - explorer.exe

1268 - ashServ.exe

1460 - spoolsv.exe

1844 - hphmon05.exe

2024 - guard.exe

2076 - E_FATIAEP.EXE

2092 - avgas.exe

2108 - ccApp.exe

2232 - ctfmon.exe

2240 - GoogleToolbarNo

2616 - xdict.exe

2872 - WinRAR.exe

2996 - firefox.exe

3656 - conime.exe

3784 - cmd.exe

 

Total number of processes = 26

NOTE: Under WinXP, this will not show all processes.

 

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

 

Driver/Module list by traversal of PsLoadedModuleList

 

804D4000 - \WINDOWS\system32\ntoskrnl.exe

806C7000 - \WINDOWS\system32\hal.dll

F8C41000 - \WINDOWS\system32\KDCOM.DLL

F8B51000 - \WINDOWS\system32\BOOTVID.dll

F86F4000 - ACPI.sys

F8C43000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS

F8741000 - pci.sys

F8751000 - isapnp.sys

F8C45000 - avgarkt.sys

F8C47000 - intelide.sys

F89C1000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS

F8761000 - MountMgr.sys

F86D5000 - ftdisk.sys

F89C9000 - PartMgr.sys

F8771000 - VolSnap.sys

F86BF000 - atapi.sys

F8781000 - disk.sys

F8791000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS

F89D1000 - PxHelp20.sys

F86AB000 - KSecDD.sys

F8621000 - Ntfs.sys

F85F8000 - NDIS.sys

F89D9000 - viaagp1.sys

F87A1000 - SISAGPX.sys

F89E1000 - pn4rokf391.sys

F87B1000 - ohci1394.sys

F87C1000 - \WINDOWS\System32\DRIVERS\1394BUS.SYS

F85DE000 - Mup.sys

F89E9000 - agp440.sys

F8881000 - \SystemRoot\System32\DRIVERS\nic1394.sys

F8A99000 - \SystemRoot\System32\DRIVERS\processr.sys

F84E1000 - \SystemRoot\System32\DRIVERS\ialmnt5.sys

F84CF000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS

F8AA1000 - \SystemRoot\System32\DRIVERS\usbuhci.sys

F84AD000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS

F8AA9000 - \SystemRoot\System32\DRIVERS\usbehci.sys

F847D000 - \SystemRoot\System32\DRIVERS\HSFHWBS2.sys

F8400000 - \SystemRoot\System32\DRIVERS\ks.sys

F82FC000 - \SystemRoot\System32\DRIVERS\HSF_DP.sys

F8261000 - \SystemRoot\System32\DRIVERS\HSF_CNXT.sys

F8AB1000 - \SystemRoot\System32\Drivers\Modem.SYS

F8991000 - \SystemRoot\System32\DRIVERS\R8139n51.SYS

F8AB9000 - \SystemRoot\System32\DRIVERS\fdc.sys

F824E000 - \SystemRoot\System32\DRIVERS\parport.sys

F89A1000 - \SystemRoot\System32\DRIVERS\serial.sys

F8C15000 - \SystemRoot\System32\DRIVERS\serenum.sys

F89B1000 - \SystemRoot\System32\DRIVERS\i8042prt.sys

F8AC1000 - \SystemRoot\System32\DRIVERS\PS2.sys

F8AC9000 - \SystemRoot\System32\DRIVERS\kbdclass.sys

F8AD1000 - \SystemRoot\System32\DRIVERS\mouclass.sys

F87F1000 - \SystemRoot\System32\DRIVERS\imapi.sys

F8AD9000 - \SystemRoot\System32\Drivers\MxlW2k.SYS

F8801000 - \SystemRoot\System32\DRIVERS\cdrom.sys

F8811000 - \SystemRoot\System32\DRIVERS\redbook.sys

F8AE1000 - \SystemRoot\System32\Drivers\GEARAspiWDM.sys

F8021000 - \SystemRoot\system32\drivers\ALCXWDM.SYS

F8000000 - \SystemRoot\system32\drivers\portcls.sys

F8821000 - \SystemRoot\system32\drivers\drmk.sys

F8E45000 - \SystemRoot\System32\DRIVERS\audstub.sys

F8831000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys

F8C1D000 - \SystemRoot\System32\DRIVERS\ndistapi.sys

F7FEA000 - \SystemRoot\System32\DRIVERS\ndiswan.sys

F8841000 - \SystemRoot\System32\DRIVERS\raspppoe.sys

F8851000 - \SystemRoot\System32\DRIVERS\raspptp.sys

F8C21000 - \SystemRoot\System32\DRIVERS\TDI.SYS

F7F39000 - \SystemRoot\System32\DRIVERS\psched.sys

F8861000 - \SystemRoot\System32\DRIVERS\msgpc.sys

F8AF1000 - \SystemRoot\System32\DRIVERS\ptilink.sys

F8AF9000 - \SystemRoot\System32\DRIVERS\raspti.sys

F8871000 - \SystemRoot\System32\DRIVERS\termdd.sys

F8D0E000 - \SystemRoot\System32\DRIVERS\swenum.sys

F7EDC000 - \SystemRoot\System32\DRIVERS\update.sys

F8891000 - \SystemRoot\System32\Drivers\NDProxy.SYS

F88B1000 - \SystemRoot\System32\DRIVERS\usbhub.sys

F8C63000 - \SystemRoot\System32\DRIVERS\USBD.SYS

F8B09000 - \SystemRoot\System32\DRIVERS\flpydisk.sys

F8C71000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS

F8E7E000 - \SystemRoot\System32\Drivers\Null.SYS

F8C73000 - \SystemRoot\System32\Drivers\Beep.SYS

F8E7F000 - \SystemRoot\System32\DRIVERS\AvgArCln.sys

F8E80000 - \SystemRoot\System32\DRIVERS\AvgAsCln.sys

F8B19000 - \SystemRoot\System32\drivers\vga.sys

F8C75000 - \SystemRoot\System32\Drivers\mnmdd.SYS

F8C77000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys

F8B21000 - \SystemRoot\System32\Drivers\Msfs.SYS

F8B29000 - \SystemRoot\System32\Drivers\Npfs.SYS

F8596000 - \SystemRoot\System32\DRIVERS\rasacd.sys

EF975000 - \SystemRoot\System32\DRIVERS\ipsec.sys

EF921000 - \SystemRoot\System32\DRIVERS\tcpip.sys

EF8E9000 - \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS

EF8D8000 - \??\C:\Program Files\Symantec\SYMEVENT.SYS

F88E1000 - \SystemRoot\System32\Drivers\aswTdi.SYS

EF8B3000 - \SystemRoot\System32\DRIVERS\netbt.sys

F88F1000 - \SystemRoot\System32\DRIVERS\netbios.sys

F8BF1000 - \SystemRoot\System32\DRIVERS\srvkp.sys

EF7EA000 - \SystemRoot\System32\DRIVERS\rdbss.sys

F8901000 - \SystemRoot\System32\DRIVERS\wanarp.sys

EF780000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys

F8911000 - \SystemRoot\System32\DRIVERS\arp1394.sys

F8921000 - \SystemRoot\System32\Drivers\Fips.SYS

F8D1E000 - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys

F8B41000 - \SystemRoot\System32\Drivers\Aavmker4.SYS

EF734000 - \SystemRoot\System32\Drivers\Fastfat.SYS

F8B49000 - \SystemRoot\System32\DRIVERS\usbccgp.sys

F7F35000 - \SystemRoot\System32\DRIVERS\usbscan.sys

F8A01000 - \SystemRoot\System32\DRIVERS\usbprint.sys

BF800000 - \SystemRoot\System32\win32k.sys

F7F1D000 - \SystemRoot\System32\drivers\Dxapi.sys

F7F19000 - \SystemRoot\System32\watchdog.sys

BFF80000 - \SystemRoot\System32\drivers\dxg.sys

F8DCB000 - \SystemRoot\System32\drivers\dxgthk.sys

BF9C6000 - \SystemRoot\System32\ialmdnt5.dll

BF9B8000 - \SystemRoot\System32\ialmrnt5.dll

BF9E4000 - \SystemRoot\System32\ialmdev5.DLL

BFA0A000 - \SystemRoot\System32\ialmdd5.DLL

EF5D3000 - \SystemRoot\System32\drivers\afd.sys

EF660000 - \SystemRoot\System32\DRIVERS\ndisuio.sys

EF3DD000 - \SystemRoot\System32\Drivers\aswMon2.SYS

EF182000 - \SystemRoot\System32\DRIVERS\mrxdav.sys

F8CA1000 - \SystemRoot\System32\Drivers\ParVdm.SYS

EF351000 - \SystemRoot\System32\Drivers\AspiXNT.SYS

EF299000 - \SystemRoot\System32\DRIVERS\mdmxsdk.sys

EF01B000 - \SystemRoot\System32\DRIVERS\srv.sys

EF1E5000 - \SystemRoot\system32\drivers\sysaudio.sys

EEF95000 - \SystemRoot\system32\drivers\wdmaud.sys

EF132000 - \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS

EEBF9000 - \SystemRoot\System32\DRIVERS\ipnat.sys

EEFEB000 - \SystemRoot\System32\Drivers\aswRdr.SYS

EE1D3000 - \SystemRoot\system32\drivers\kmixer.sys

F8D57000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys

 

Total number of drivers = 130

 

Liste des programmes installes

 

ABBYY FineReader 5.0 Sprint

AC3Filter (remove only)

Adobe Download Manager 2.2 (Remove Only)

Adobe Flash Player 9 ActiveX

Adobe Photoshop 7.0

Adobe Premiere Elements 1.0

Adobe Premiere Elements 1.0

Adobe Reader 7.0

Advanced WindowsCare 2.51 Personal

Apple Software Update

Archiveur WinRAR

AutoUpdate

avast! Antivirus

AVG Anti-Rootkit Free

AVG Anti-Spyware 7.5

Blackhawk Striker from Compaq (remove only)

Blasterball 2 from Compaq (remove only)

Bounce from Compaq (remove only)

Cannonballs from Compaq (remove only)

Chinese New Star

ClearProg 1.4.2 Beta 13

Compaq Connections

dBpowerAMP DirectShow Decoder Codec

dBpowerAMP FLAC Codec

dBpowerAMP Monkeys Audio Codec

dBpowerAMP Musepack Codec

dBpowerAMP Music Converter

dBpowerAMP Ogg Vorbis Codec

dBpowerAMP WMA V9.1 Codec

DezPinYin

DirectX 9 Hotfix - KB839643

DivX

DivX Player

Env51

EPSON Attach To Email

EPSON Attach To Email

EPSON Copy Utility 3

EPSON Easy Photo Print

EPSON File Manager

EPSON Image Clip Palette

EPSON Printer Software

EPSON Scan

EPSON Scan Assistant

EPSON Web-To-Page

ESCX4700_4100 User's Guide

Excavation from Compaq (remove only)

FaxTools

Five Card Frenzy from Compaq (remove only)

Free YouTube to iPod Converter version 2.3

GemMaster 3 from Compaq (remove only)

Generic USB Mass Storage Driver

Google Earth

Google Toolbar for Internet Explorer

Google Video Player

HijackThis 2.0.2

Honeycombs from Compaq (remove only)

HP Deskjet Preloaded Printer Drivers

HP eServices Local Prints and Save

HP Photo and Imaging 2.0 - Photosmart Cameras

HP Software Update

HpSdpAppCoreApp

ID3-TagIT

InFlac 1.1.1

Ink

Intel® Extreme Graphics Driver

Internet Explorer Q903235

iPod for Windows 2005-10-12

iPod for Windows 2005-10-12

iTunes

Java 2 Runtime Environment, SE v1.4.1_02

Java Web Start

Kaspersky Online Scanner

KBD

Lecteur Windows Media?10

Lexmark X5100 Series

LiveReg (Symantec Corporation)

LiveUpdate 1.80 (Symantec Corporation)

LSI Logic ASPI for Windows 2000

Mars Rover from Compaq (remove only)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB886903)

Microsoft Data Access Components KB870669

Microsoft Encarta Encyclopedia Standard - WE 2003

Microsoft GB18030 Support Package

Microsoft Money

Microsoft Money System Pack

Microsoft Office Professional Edition 2003

Microsoft Text-to-Speech Engine 4.0 (English)

Microsoft Visual J# .NET Redistributable Package 1.1

Microsoft Works 7.0

Mozilla Firefox (2.0.0.6)

MSN Messenger 7.5

MSN Music Assistant

MUSICMATCH? Jukebox

My Presario PC

Nero Suite

Norton Personal Firewall

Orbital from Compaq (remove only)

Otto from Compaq (remove only)

Panda ActiveScan

PC-Doctor for Windows

Photosmart 140,240,7200,7600,7700,7900 Series

PIF DESIGNER

Polar Bowler from Compaq (remove only)

PS2

PSShortcutsP

Python 2.2 combined Win32 extensions

Python 2.2.1

QuickTime

Real Alternative 1.46

RealPlayer

RecordNow!

S3Display

S3Gamma2

S3Info2

S3Overlay

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows XP (KB890046)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896422)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB896424)

Security Update for Windows XP (KB896426)

Security Update for Windows XP (KB896428)

Security Update for Windows XP (KB899587)

Security Update for Windows XP (KB899588)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901190)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB904706)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905495)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB908519)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB912919)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB914798)

Security Update for Windows XP (KB917344)

Security Update for Windows XP (KB917422)

Security Update for Windows XP (KB917953)

Security Update for Windows XP (KB919007)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB920685)

Security Update for Windows XP (KB921398)

Security Update for Windows XP (KB921883)

Security Update for Windows XP (KB922616)

Security Update for Windows XP (KB922819)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923414)

Security Update for Windows XP (KB924191)

Security Update for Windows XP (KB924496)

Shockwave

Slyder from Compaq (remove only)

Spybot - Search & Destroy 1.4

SpywareBlaster v3.5.1

STX from Compaq (remove only)

Super Jeux de cartes 3

Superpen Soft

Transtar Intelligent Translation Expert

UltimateZip 3.0.3

Update for Windows XP (KB835409)

Update for Windows XP (KB898461)

Update for Windows XP (KB908531)

Update for Windows XP (KB910437)

Update for Windows XP (KB911280)

Virtual Warfare from Compaq (remove only)

WebFldrs XP

Winamp (remove only)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Installer 3.1 (KB893803)

Windows Media Format Runtime

Windows Media Player 9 Hotfix [see KB885492 for more information]

Windows Media Player Hotfix [see Q828026 for more information]

Windows Sasser Worm Removal Tool (KB841720)

Windows XP Hotfix - KB823182

Windows XP Hotfix - KB824105

Windows XP Hotfix - KB825119

Windows XP Hotfix - KB826939

Windows XP Hotfix - KB828035

Windows XP Hotfix - KB828741

Windows XP Hotfix - KB833407

Windows XP Hotfix - KB833987

Windows XP Hotfix - KB835732

Windows XP Hotfix - KB837001

Windows XP Hotfix - KB839645

Windows XP Hotfix - KB840315

Windows XP Hotfix - KB840374

Windows XP Hotfix - KB840987

Windows XP Hotfix - KB841356

Windows XP Hotfix - KB841533

Windows XP Hotfix - KB841873

Windows XP Hotfix - KB842773

Windows XP Hotfix - KB871250

Windows XP Hotfix - KB873333

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB873376

Windows XP Hotfix - KB883939

Windows XP Hotfix - KB885250

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB885836

Windows XP Hotfix - KB888113

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB890175

Windows XP Hotfix - KB890859

Windows XP Hotfix - KB890923

Windows XP Hotfix - KB891781

Windows XP Hotfix - KB893066

Windows XP Hotfix - KB893086

Windows XP Hotfix - KB896688

Windows XP Hotfix - KB896727

Windows XP Hotfix - KB897715

Windows XP Hotfix - KB905915

Windows XP Hotfix - KB911567

Windows XP Hotfix - KB918439

Windows XP Hotfix - KB918899

Windows XP Hotfix - KB925486

Windows XP Hotfix (SP2) [see q329256 for more information]

Windows XP Hotfix (SP2) Q327979

Windows XP Hotfix (SP2) Q329112

Windows XP Hotfix (SP2) Q329909

Windows XP Hotfix (SP2) Q331958

Windows XP Hotfix (SP2) Q811789

Yahoo! Messenger

 

 

 

Volume in drive C is PRESARIO

Volume Serial Number is FC96-68A1

 

Directory of C:\Program Files

 

09/15/2007 02:12 PM <DIR> .

09/15/2007 02:12 PM <DIR> ..

06/15/2005 08:37 PM <DIR> ABBYY FineReader 5.0 Sprint

02/09/2007 09:37 PM <DIR> Adobe

11/29/2005 10:42 AM <DIR> Ahead

09/08/2007 04:18 PM <DIR> Alwil Software

09/08/2007 05:59 PM <DIR> Apple Software Update

07/29/2003 06:54 PM <DIR> BackWeb

05/24/2005 10:47 PM 352,256 BoxChs.dll

05/24/2005 10:47 PM 348,160 boxcht.dll

05/24/2005 10:47 PM 352,256 boxengs.dll

05/24/2005 10:47 PM 352,256 boxengt.dll

08/10/2004 02:15 PM 427,520 BTNexgenIPL32.dll

08/10/2004 02:16 PM 431,104 BTNexgenIPL32u.dll

06/21/2007 11:19 PM <DIR> Chinese New Star

09/12/2007 08:50 AM <DIR> ClearProg

09/12/2007 10:47 PM <DIR> Common Files

07/29/2003 06:54 PM <DIR> Compaq Connections

07/29/2003 09:42 AM <DIR> ComPlus Applications

03/17/2005 08:25 AM 40,960 CYHook.dll

09/26/2005 10:57 PM <DIR> DivX

09/12/2007 08:52 AM <DIR> Easy Internet signup

09/30/2006 05:54 PM <DIR> epson

06/15/2005 08:36 PM <DIR> FaxTools

02/19/2007 05:47 PM <DIR> Free YouTube to iPod Converter

06/21/2007 10:43 PM <DIR> GB18030Tools

05/24/2003 04:42 PM 1,773,568 gdiplus.dll

10/09/2005 11:33 AM 339,968 geniuschs.dll

10/09/2005 11:33 AM 339,968 geniuscht.dll

11/10/2005 01:16 PM 339,968 geniuseng.dll

07/13/2000 09:26 AM 48,960 GETTEXT.EXE

06/17/2002 09:33 AM 126,976 GetTxtNT.dll

02/18/2007 11:31 PM <DIR> Google

09/11/2007 08:55 AM <DIR> GRISOFT

09/08/2007 12:36 AM <DIR> Hewlett-Packard

04/03/2007 03:11 PM <DIR> HP

06/21/2007 11:01 PM <DIR> HW000000

12/28/2001 02:20 PM 36,864 hw32.dll

07/08/1999 04:13 PM 32,256 HW32F.DLL

10/19/1998 03:53 PM 500,732 hwfphras.bin

05/20/2003 07:25 PM 45,056 HWGetPadID.dll

01/09/2002 03:52 PM 1,163,264 HWLMAPI.DLL

04/24/2002 08:09 AM 40,960 HWLoad.exe

05/10/2005 05:09 PM 36,864 hwlx32.dll

09/15/2007 08:41 AM <DIR> HWMail

11/18/2005 04:01 PM 1,998,944 HWPen10.chm

11/17/2005 03:16 PM 1,789,952 HWPen10.exe

11/21/2005 09:16 AM 551,257 HWPen10E.chm

11/18/2005 11:11 AM 1,488,418 HWPen10F.chm

11/17/2005 03:16 PM 1,802,240 HWPen10U.exe

11/30/2005 09:41 AM 323,584 HWPenSign.exe

11/30/2005 09:41 AM 331,776 HWPenSignU.exe

04/26/2005 02:46 AM 1,305,567 HWPHHK.BIN

11/16/1998 08:46 AM 932,710 hwphrase.bin

06/04/2002 10:30 AM 32,768 HwPress.dll

09/23/2005 12:06 PM 217,088 HWSetup.dll

09/23/2005 12:06 PM 217,088 HWSetupU.dll

09/23/2005 02:49 PM 917,504 hwshell.exe

11/22/2005 11:31 AM 899 hwshell.ini

11/10/2005 02:48 PM 139,264 HWSmoothDraw.dll

09/22/2005 09:55 AM 184,320 HWUser.exe

09/22/2005 09:56 AM 188,416 HWUserU.exe

04/25/2005 04:13 PM 730,978 HWYP.BIN

04/16/2006 08:43 PM <DIR> ID3-TagIT

11/16/2005 03:25 PM <DIR> Illustrate

06/21/2007 11:18 PM <DIR> InfoQuick

11/18/2005 11:43 AM 569,344 InputBox.exe

11/18/2005 11:43 AM 573,440 InputBoxU.exe

09/14/2007 10:26 PM <DIR> Internet Explorer

09/11/2007 08:25 AM <DIR> IObit

09/08/2007 06:02 PM <DIR> iPod

09/08/2007 06:02 PM <DIR> iTunes

09/29/2004 05:56 PM <DIR> Java

09/12/2007 09:01 AM <DIR> Java Web Start

06/21/2007 10:39 PM <DIR> JTTS

06/22/2007 08:56 AM <DIR> Kingsoft

07/19/2007 10:43 PM <DIR> Lexmark X5100 Series

11/17/2005 12:13 PM 45,056 Linit.dll

06/15/2005 08:59 PM <DIR> LSI Logic

06/14/2005 08:49 PM <DIR> Messenger

06/16/2005 09:00 PM <DIR> Micro Application

06/15/2005 09:50 PM <DIR> Microsoft ActiveSync

07/29/2003 09:47 AM <DIR> microsoft frontpage

07/29/2003 06:45 PM <DIR> Microsoft Money

06/15/2005 09:49 PM <DIR> Microsoft Office

07/29/2003 06:47 PM <DIR> Microsoft Works

06/15/2005 09:46 PM <DIR> Microsoft.NET

09/30/2004 08:44 AM <DIR> Movie Maker

09/15/2007 06:56 PM <DIR> Mozilla Firefox

07/29/2003 09:41 AM <DIR> MSN

07/29/2003 09:40 AM <DIR> MSN Gaming Zone

12/03/2005 08:12 AM <DIR> MSN Messenger

06/17/2005 11:14 PM <DIR> MsnMusic

07/29/2003 06:30 PM <DIR> MUSICMATCH

07/29/2003 07:00 PM <DIR> My Presario PC

09/15/2007 08:50 AM <DIR> NetMeeting

03/31/2004 03:38 PM 2,058,129 newphchs.bin

09/14/2007 10:33 PM <DIR> Norton Personal Firewall

07/29/2003 09:43 AM <DIR> Online Services

09/16/2007 10:47 AM <DIR> Outlook Express

07/29/2003 07:08 PM <DIR> PC-Doctor for Windows

08/08/2005 04:17 PM 1,159,168 PenChs.dll

08/16/2005 05:52 PM 1,208,320 pencht.dll

12/01/2005 04:45 PM 1,191,936 penengs.dll

12/01/2005 04:45 PM 1,241,088 penengt.dll

07/01/2007 03:31 PM 87 PenSign.DAT

11/09/2005 09:09 AM 73,728 PenSignChs.dll

11/09/2005 09:09 AM 73,728 PenSignCht.dll

12/01/2005 04:07 PM 73,728 PenSignEng.dll

06/21/2007 10:39 PM <DIR> preview

09/08/2007 06:01 PM <DIR> QuickTime

09/12/2007 10:46 PM <DIR> Real

01/21/2006 06:11 PM <DIR> Real Alternative

07/29/2003 06:25 PM <DIR> RecordNow!

09/09/2007 07:47 PM <DIR> RegCleaner

12/01/2005 01:54 PM 458,752 RGenius.exe

12/01/2005 01:55 PM 458,752 RGeniusU.exe

01/09/2002 04:06 PM 131,072 SegmentJ.DLL

09/23/2005 11:46 AM 65,536 SetupChs.dll

09/23/2005 11:46 AM 65,536 setupcht.dll

09/23/2005 11:46 AM 69,632 setupeng.dll

11/18/2005 01:58 PM 37,220 Signchs.chm

11/18/2005 02:00 PM 64,112 Signcht.chm

11/25/2005 03:29 PM 28,436 Signeng.chm

09/08/2007 03:28 PM <DIR> Spybot - Search & Destroy

01/27/2007 04:38 PM <DIR> SpywareBlaster

09/14/2007 10:31 PM <DIR> Symantec

06/22/2007 08:48 AM <DIR> Transtar

08/30/2000 10:07 PM 1,044,480 trilmapi.dll

09/17/2007 10:31 PM <DIR> UltimateZip

06/21/2007 10:39 PM <DIR> V10CHT

06/21/2007 10:39 PM <DIR> v11

09/15/2007 08:53 AM <DIR> WhiteBoard

07/29/2003 06:35 PM <DIR> WildTangent

09/12/2007 09:16 AM <DIR> Winamp

09/16/2007 10:46 AM <DIR> Windows Media Player

09/30/2004 08:44 AM <DIR> Windows NT

09/12/2007 09:16 AM <DIR> WinRAR

07/29/2003 09:47 AM <DIR> xerox

09/08/2007 05:10 PM <DIR> XoftSpySE

10/14/2005 04:43 PM <DIR> Yahoo!

60 File(s) 30,973,969 bytes

81 Dir(s) 11,882,717,184 bytes free

Volume in drive C is PRESARIO

Volume Serial Number is FC96-68A1

 

Directory of C:\Program Files\common files

 

09/12/2007 10:47 PM <DIR> .

09/12/2007 10:47 PM <DIR> ..

04/10/2007 09:31 PM <DIR> Adobe

11/29/2005 10:42 AM <DIR> Ahead

09/08/2007 12:34 AM <DIR> AVSMedia

06/15/2005 09:49 PM <DIR> DESIGNER

09/30/2006 05:56 PM <DIR> InstallShield

06/22/2007 08:56 AM <DIR> Kingsoft

06/21/2007 11:19 PM <DIR> Microsoft Shared

07/29/2003 09:43 AM <DIR> MSSoap

02/13/2007 02:20 PM <DIR> Nero

07/29/2003 05:34 PM <DIR> ODBC

09/12/2007 10:47 PM <DIR> Real

09/30/2004 08:44 AM <DIR> Services

07/29/2003 05:34 PM <DIR> SpeechEngines

06/21/2007 11:19 PM <DIR> StarDock

09/17/2007 10:31 PM <DIR> Symantec Shared

09/16/2007 10:47 AM <DIR> System

09/12/2007 10:47 PM <DIR> xing shared

0 File(s) 0 bytes

19 Dir(s) 11,882,725,376 bytes free

Volume in drive C is PRESARIO

Volume Serial Number is FC96-68A1

 

Directory of C:\

 

05/24/2001 12:59 PM 162,304 UNWISE.EXE

1 File(s) 162,304 bytes

0 Dir(s) 11,882,725,376 bytes free

 

 

Attention : C:\autorun.inf existe

[AutoRun]

open=auto.exe

shellexecute=auto.exe

shell\Auto\command=auto.exe

 

 

c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.4.1.2\iTunesSetupAdmin.exe

c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2711_symnet$20consumer_4.7.1_english\Message.exe

c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2711_symnet$20consumer_4.7.1_english\setup.exe

c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2717_symnet$20consumer_5.4.4_english\Message.exe

c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2717_symnet$20consumer_5.4.4_english\setup.exe

c:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe

c:\Documents and Settings\Owner\Desktop\antivir_workstation_win7u_en_h.exe

c:\Documents and Settings\Owner\Desktop\avgarkt-setup-1.1.0.42.exe

c:\Documents and Settings\Owner\Desktop\avgas-setup-7.5.1.43.exe

c:\Documents and Settings\Owner\Desktop\AWCSetup_CNET.exe

c:\Documents and Settings\Owner\Desktop\Firefox Setup 2.0.0.6.exe

c:\Documents and Settings\Owner\Desktop\HiJackThis.exe

c:\Documents and Settings\Owner\Desktop\ie6setup.exe

c:\Documents and Settings\Owner\Desktop\OTMoveIt.exe

c:\Documents and Settings\Owner\Desktop\RealPlayer10-5GOLD_fr.exe

c:\Documents and Settings\Owner\Desktop\setupfre.exe

c:\Documents and Settings\Owner\Desktop\WGAPluginInstall.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\catchme.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\diff.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\dumphive.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\find2.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\Fport.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\grep.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\KProcCheck.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\LFiles.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\md5sums.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\pslist.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\streams.exe

c:\Documents and Settings\Owner\Desktop\DiagHelp\swreg.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\dumphive.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\exit.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\GenericRenosFix.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\HostsChk.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\Process.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\Reboot.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\restart.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\SmiUpdate.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\SrchSTS.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\swreg.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\swsc.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\swxcacls.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\unzip.exe

c:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\VCCLSID.exe

c:\Documents and Settings\Owner\Local Settings\Temp\Rar$EX00.704\RunScanner.exe

c:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\basic\preupd.exe

c:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\basic\sched.exe

c:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\basic\setup.exe

c:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\basic\update.exe

c:\Documents and Settings\Owner\Local Settings\Temp\RarSFX0\basic\wsctool.exe

c:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\4X6VW9YV\Firefox%20Setup%202.0.0.6[1].exe

c:\Documents and Settings\Shernice\Application Data\Microsoft\Installer\{939E2189-9B65-41FC-A842-1BBC1588BFD1}\ARPPRODUCTICON.exe

c:\Documents and Settings\Shernice\Desktop\Spybot - Search & Destroy\blindman.exe

c:\Documents and Settings\Shernice\Desktop\Spybot - Search & Destroy\SpybotSD.exe

c:\Documents and Settings\Shernice\Desktop\Spybot - Search & Destroy\TeaTimer.exe

c:\Documents and Settings\Shernice\Desktop\Spybot - Search & Destroy\unins000.exe

c:\Documents and Settings\Shernice\Desktop\Spybot - Search & Destroy\Update.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\msgup810_249_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\msgup810_401_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsa64.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsc2F.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsd1B.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsd2.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsg17.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsg1D.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsh2D.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsi2F.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsj21.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsj3.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsk14.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsk50.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsm31.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsm34.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsnF.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nso11.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsoE.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsoF.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsr2C.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsu2.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsv38.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsw1E.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\Local Settings\Temp\nsz25.tmp\msgup_fr.exe

c:\Documents and Settings\Shernice\My Documents\msgr8us.exe

c:\Documents and Settings\All Users\Application Data\Grisoft\AVG Anti-Spyware 7.5\Downloads\help.dll

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\Downloads\ExItem2717_symnet$20consumer_5.4.4_english\SymStore.dll

c:\Documents and Settings\Owner\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

 

****** Fin du rapport DiagHelp

[eclypse]

Re

 

 

OTMoveIt (Old_Timer)

 

Télécharge OTMoveIt de Old_Timer sur ton Bureau.

• Double-clique sur OTMoveIt.exe pour le lancer.
  
• Assure toi que Unregister Dll's and Ocx's soit coché.
  
• Copie-colle dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved
  

C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\

• Clique sur MoveIt! pour lancer la suppression.
  
• Le résultat apparaitra dans le cadre Results. Copie le résultat.
  
• Clique sur Exit pour fermer.
  
• Colle le résultat dans ta prochain réponse.
  

Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas acceptes par Yes. Et poste le rapport situé dans C:\_OTMoveIt\MovedFiles sous le nom [nombres_nombres].log

 

 

AVG AntiSpyware)

 

Télécharges AVG AS

• Mets-le à jour.
  
• Ferme AVG AS. Ne le lance pas tout de suite.
  si tu n'y arrives pas, consultes le tutoriel de Malekal
  ...
  
• Lance AVG AS et cliques sur Analyse
  
• Puis sur l'onglets Puis l'onglet Paramètres, pour Comment réagir ? sélectionne Actions recommandées puis Quarantaine
  
• Reviens a l'onglet Analyse et clique sur Analyse complète du système, le scan démarre
  
• Si un fichier infecté a été détecté, en fin d'analyse clique sur Appliquer toutes les actions
  
• Clique sur Enregistrer le rapport et pour finir Enregistrer le rapport sous, enregistre sur le Bureau
  
• Redémarre en mode normal et poste :
  • le rapport AVG AS
    
  • un nouveau log hijackthis
    

 

Kaspersky

• Assure toi que les contrôles activeX soient bien configurés dans les options internet comme décrit sur ce lien
  
• Fais un scan en ligne Kaspersky avec Internet Explorer :
  
• Clique sur
  
• Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  
• Patiente pendant l'installation des Mises à jour.
  
• Choisis par la suite l'analyse du Poste de travail
  
• Sauvegarde puis colle le rapport généré en fin d'analyse.
  

AIDE : Configurer le contrôle des ActiveX

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

 

 

Perso je ne vois rien d'infectieux ... tout ca parait clean mais bon ... suspicion prevention repression

 

Tes majs ne sont pas faite ...

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Le SP2 existe ... internet explorer 7 aussi ...

[eclypse]

Navilog1 (il.mafioso) - OPTION 1 (recherche)

 

Fais un clic droit sur ce lien Navilog1 de il.mafioso

• Enregistre la cible (du lien) sous... et enregistre-le sur ton bureau.
  
• Ensuite double clique sur navilog1.exe pour lancer l'installation.
  
• Une fois l'installation terminée, le fix s'exécutera automatiquement.
  (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
  
• Laisse-toi guider. Au menu principal, choisis 1 et valide.
  Patiente jusqu'au message : *** Analyse Termine le ..... ***
  
• Appuie sur une touche comme demandé, le bloc-notes va s'ouvrir.
  
• Copie-colle l'intégralité dans ta prochaine réponse. Referme le bloc-notes.
  Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
  

Modifié le 17 septembre 2007 par eclypse

[shernice]

Folder C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\ not found.

 

Created on 09/17/2007 23:46:43

 

Folder C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\ not found.

 

Created on 09/17/2007 23:45:14

 

pour les maj c'est commence

[shernice]

ca rame pour installer sp2

[eclypse]

Oui je sais mais bon sinon tu nas aucune securité et ce qu'on va faire tu reviendras le faire dans 1 mois ... à toi de voir

 

@+

[shernice]

Bonjour.

alors j'ai plante la maj Windows.

impossible d'ouvrir une session et ca ne fonctionnais pas en safe mode.

impossible aussi de retourner a une configuration qui marche car j'avais decoche l'onglet. j'ai reinstalle windows.

 

Merci infiniment pour votre aide. Je vais aller visiter d'autres topics de se site qui a l'ai tres bien.

un dernier hijacthis:

Logfile of HijackThis v1.99.1

Scan saved at 07:59:51, on 18/09/2007

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

c:\Program Files\Norton AntiVirus\navapsvc.exe

C:\windows\system\hpsysdrv.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

C:\WINDOWS\System32\hphmon05.exe

C:\HP\KBD\KBD.EXE

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Compaq Connections\1940576\Program\backWeb-1940576.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qsg9.hpwis.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qsg9.hpwis.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qsg9.hpwis.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qsg9.hpwis.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

O4 - HKLM\..\Run: [NAV CfgWiz] c:\PROGRA~1\NORTON~1\Cfgwiz.exe /R

O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe

[Invité JoK]

Bonsoir

 

Est ce que votre bureau est bien configuré actuellement ?

Et idem pour les options d'alimentation ainsi que pour l'écran de veille ?

 

Que s'est il passé pour que la mise à jour Windows plante ? en avez vous vous une idée ?

[shernice]

Bonsoir Jok.

Je ne sais pas si le pc est bien parametre. j'ai juste lance le system restore du D:\ qui est prevu pour reinstaller le systeme si il bloque. Il etait un peu bizarre ces dernier jours, style il redemare tout de suite apres avoir ete arrete, le disque dur tourne un moment mais rien ne s'affiche, ou aussi des programes qui s'arretent brusquement. Service pack2 ne s'est pas bien installe peut etre a cause d'un truc comme ca. je vais charger sp2 se soir pour voir si je peux l'installer.