Me revoila une fois de plus, ce matin j'ai voulu mettre a jour adobe flashplayer cette mise a jour n'a pas fonctionne et je n'arrive pas a l'installer au bout d'un moment j'ai un message erreur reseau j'ai voulu installer highjackthis meme chose erreur reseau impossible de faire quoique ce soit. Peux tu m'aider une fois de plus
merci
[Résolu] probleme reseau...
Modérateur : Mods Windows
Re: probleme reseau...
Salut,
Tu peux me faire une capture du message d'erreur ?
Pour voir :
Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
Tu peux me faire une capture du message d'erreur ?
Pour voir :
Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)
ainsi que de info.txt (qui sera réduit dans la Barre des Tâches) - NB : Les rapports sont sauvegardés dans le dossier C:\rsit
- Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
Re: probleme reseau...
Bonjour, hier j'ai recupere un point de restauration qui datait de vendredi la veille du probleme ce qui m'a permis de telecharger highjackthis je te poste le log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:59:05, on 25/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Lleyton')
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E655BD50-5373-4D6D-9A54-9DE2C3048D51}: NameServer = 196.40.15.200,196.40.15.199,196.40.31.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 5028 bytes
je vais faire ce que tu m'as dit et te poster les rapports
merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:59:05, on 25/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Lleyton')
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E655BD50-5373-4D6D-9A54-9DE2C3048D51}: NameServer = 196.40.15.200,196.40.15.199,196.40.31.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 5028 bytes
je vais faire ce que tu m'as dit et te poster les rapports
merci
Re: probleme reseau...
voici le log
Logfile of random's system information tool 1.06 (written by random/random)
Run by SANDRINE at 2010-01-25 08:02:46
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 17 GB (55%) free of 31 GB
Total RAM: 511 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:02:47, on 25/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Opera\opera.exe
J:\Mes Docs\Programmes\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\SANDRINE.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Lleyton')
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E655BD50-5373-4D6D-9A54-9DE2C3048D51}: NameServer = 196.40.15.200,196.40.15.199,196.40.31.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 5059 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E77DE237-BFF2-42BD-85F0-DE07BE6D3B57}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-04 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-02-04 23975720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\SYSTRAN\6\Dicts\SystranTranslationEngine.exe"="C:\Program Files\SYSTRAN\6\Dicts\SystranTranslationEngine.exe:*:Enabled:Systran Translation Engine "
"C:\Program Files\SYSTRAN\6\Dicts\SystranCodingEngine.exe"="C:\Program Files\SYSTRAN\6\Dicts\SystranCodingEngine.exe:*:Enabled:Systran Coding Engine "
"C:\Program Files\SYSTRAN\6\SystranToolbar.exe"="C:\Program Files\SYSTRAN\6\SystranToolbar.exe:*:Enabled:SYSTRAN Translation Toolbar"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e9d2656-bcba-11de-b9ff-000d6114ffee}]
shell\AutoRun\command - F:\boot/loader.exe
shell\explore\command - F:\boot//loader.exe
shell\open\command - F:\boot/loader.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3534b338-98b4-11de-b9bc-000d6114ffee}]
shell\AutoRun\command - ice\fire\moco.exe
shell\Explore\command - ice\fire\moco.exe
shell\open\command - ice\fire\moco.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e6f1be-724c-11de-b965-000d6114ffee}]
shell\AutoRun\command - boot/ldr.exe
shell\explore\command - boot//ldr.exe
shell\open\command - boot/ldr.exe
======List of files/folders created in the last 1 months======
2010-01-25 08:02:46 ----D---- C:\rsit
2010-01-25 07:57:54 ----D---- C:\Program Files\Capturino V21
2010-01-23 17:48:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-01-23 17:48:09 ----D---- C:\Config.Msi
2010-01-23 17:48:07 ----D---- C:\Documents and Settings\All Users\Application Data\NOS(3)
2010-01-23 15:51:58 ----D---- C:\Documents and Settings\All Users\Application Data\NOS(2)
2010-01-22 07:31:30 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-01-22 07:27:31 ----D---- C:\Program Files\Atari
2010-01-14 08:11:09 ----D---- C:\Program Files\Adobe
2009-12-30 11:37:56 ----D---- C:\Documents and Settings\SANDRINE\Application Data\Panasonic
2009-12-30 11:37:21 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-12-30 11:37:21 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-12-30 11:37:20 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-12-30 11:37:20 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-12-30 11:37:20 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-12-30 11:37:19 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-12-30 11:36:45 ----D---- C:\Program Files\Panasonic
======List of files/folders modified in the last 1 months======
2010-01-25 08:02:44 ----D---- C:\WINDOWS\Prefetch
2010-01-25 07:58:02 ----D---- C:\WINDOWS\system32
2010-01-25 07:57:54 ----D---- C:\Program Files
2010-01-25 07:17:34 ----D---- C:\Documents and Settings\SANDRINE\Application Data\Skype
2010-01-25 07:09:50 ----D---- C:\Documents and Settings\SANDRINE\Application Data\skypePM
2010-01-25 06:33:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-24 19:47:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-24 06:29:30 ----D---- C:\WINDOWS\system32\wbem
2010-01-23 17:50:50 ----D---- C:\WINDOWS
2010-01-23 17:49:14 ----D---- C:\WINDOWS\system32\config
2010-01-23 17:48:54 ----D---- C:\WINDOWS\Registration
2010-01-23 17:48:19 ----D---- C:\Program Files\Google
2010-01-23 17:48:09 ----SHD---- C:\WINDOWS\Installer
2010-01-23 17:47:48 ----D---- C:\WINDOWS\system32\Restore
2010-01-23 15:52:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-22 07:27:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-19 19:07:26 ----D---- C:\Documents and Settings\SANDRINE\Application Data\uTorrent
2010-01-15 12:00:19 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-01-14 08:11:49 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-14 08:11:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-11 15:12:45 ----D---- C:\WINDOWS\Minidump
2010-01-05 08:39:57 ----D---- C:\Program Files\Kidzui
2009-12-30 11:36:59 ----RSD---- C:\WINDOWS\Fonts
2009-12-27 07:49:55 ----D---- C:\Program Files\PhoTags Express
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-03-07 44384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2007-04-13 350464]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 P1130VID;Creative WebCam NX Pro; C:\WINDOWS\system32\DRIVERS\P1130Vid.sys [2003-05-07 90357]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-22 47360]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ddxgb;ddxgb; \??\C:\DOCUME~1\SANDRINE\LOCALS~1\Temp\ddxgb.sys []
S3 JL2005C;Dual Mode Camera; C:\WINDOWS\System32\Drivers\jl2005c.sys [2007-01-26 68954]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2007-04-04 87560]
S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
et le info.txt
info.txt logfile of random's system information tool 1.06 2010-01-25 08:02:50
======Uninstall list======
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\ITE Raid Driver Setup\Uninst.isu"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Silicon Image Base Driver\Uninst.isu"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis True Image Home-->MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ares 2.1.1-->"C:\Program Files\Ares\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Classic Menu 3.x for Office 2007-->"C:\Program Files\Classic Menu for Office\unins000.exe"
ConvertXtoDVD 3.3.2.100-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Creative PC-CAM Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
Creative WebCam Monitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove
Creative WebCam NX Pro Driver (1.00.06.0512)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script Pd1130.uns -unsext NT -plugin P1130Pin.dll -pluginres P1130Pin.crl
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dora l'exploratrice : Les animaux de la jungle-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF9FA161-78F2-11D8-95ED-000476379056}\setup.exe" -l0x40c -uninst
FastStone Image Viewer 3.7-->C:\Program Files\FastStone Image Viewer\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Kidzui-->"C:\Program Files\Kidzui\uninstall.exe"
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel d'utilisation de Creative WebCam NX Pro (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative WebCam NX Pro\Manuel d'utilisation de Creative WebCam NX Pro\French\CTManual.isu"
Matrox Graphics Software (remove only)-->C:\WINDOWS\system32\PDesk\PDUninst.exe
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MyDefrag v4.2.6-->"C:\Program Files\MyDefrag v4.2.6\unins000.exe"
NTREGOPT 1.1j-->"C:\Program Files\NT Registry Optimizer\unins000.exe"
Opera 10.10-->MsiExec.exe /X{690BE098-6D0D-493D-B079-BD7E8F81A141}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PHOTOfunSTUDIO -viewer--->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe" -l0x40c Package
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek AC'97 Audio-->Alcrmv.exe -r -m
SATARaid-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91649626-E343-11D5-BCEF-005004748D87}\Setup.exe" -l0x9
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
Uninstall Dual Mode Camera-->"C:\Program Files\JL2005C\unins000.exe"
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VoiceOver Kit-->MsiExec.exe /I{6DE13770-01B7-4366-8DA6-48237793F445}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: SANDRINE
Event Code: 7
Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.
Record Number: 18583
Source Name: Cdrom
Time Written: 20091230172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 7
Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.
Record Number: 18582
Source Name: Cdrom
Time Written: 20091230172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 7
Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.
Record Number: 18581
Source Name: Cdrom
Time Written: 20091230172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 18561
Source Name: Tcpip
Time Written: 20091230105535.000000-360
Event Type: warning
User:
Computer Name: SANDRINE
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 18560
Source Name: Tcpip
Time Written: 20091230083127.000000-360
Event Type: warning
User:
=====Application event log=====
Computer Name: SANDRINE
Event Code: 1000
Message: Application défaillante opera.exe, version 10.0.1750.0, module défaillant npswf32.dll, version 10.0.22.87, adresse de défaillance 0x002646cd.
Record Number: 3982
Source Name: Application Error
Time Written: 20090919172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 20
Message:
Record Number: 3899
Source Name: Google Update
Time Written: 20090915134828.000000-360
Event Type: error
User: AUTORITE NT\SYSTEM
Computer Name: SANDRINE
Event Code: 20
Message:
Record Number: 3898
Source Name: Google Update
Time Written: 20090915124828.000000-360
Event Type: error
User: AUTORITE NT\SYSTEM
Computer Name: SANDRINE
Event Code: 8
Message: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/m ... ootseq.txt> avec l'erreur : The server name or address could not be resolved
Record Number: 3880
Source Name: crypt32
Time Written: 20090914112126.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 1002
Message: Application bloquée opera.exe, version 10.0.1750.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Record Number: 3855
Source Name: Application Hang
Time Written: 20090912090313.000000-360
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by SANDRINE at 2010-01-25 08:02:46
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 17 GB (55%) free of 31 GB
Total RAM: 511 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:02:47, on 25/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Opera\opera.exe
J:\Mes Docs\Programmes\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\SANDRINE.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Lleyton')
O4 - HKUS\S-1-5-21-842925246-790525478-1801674531-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Lleyton')
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E655BD50-5373-4D6D-9A54-9DE2C3048D51}: NameServer = 196.40.15.200,196.40.15.199,196.40.31.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 5059 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E77DE237-BFF2-42BD-85F0-DE07BE6D3B57}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-02-04 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-02-04 23975720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logitech\bluetooth\LBTWlgn.dll [2008-05-02 72208]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoBandCustomize"=0
"NoMovingBands"=0
"NoCloseDragDropBands"=0
"NoActiveDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\SYSTRAN\6\Dicts\SystranTranslationEngine.exe"="C:\Program Files\SYSTRAN\6\Dicts\SystranTranslationEngine.exe:*:Enabled:Systran Translation Engine "
"C:\Program Files\SYSTRAN\6\Dicts\SystranCodingEngine.exe"="C:\Program Files\SYSTRAN\6\Dicts\SystranCodingEngine.exe:*:Enabled:Systran Coding Engine "
"C:\Program Files\SYSTRAN\6\SystranToolbar.exe"="C:\Program Files\SYSTRAN\6\SystranToolbar.exe:*:Enabled:SYSTRAN Translation Toolbar"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e9d2656-bcba-11de-b9ff-000d6114ffee}]
shell\AutoRun\command - F:\boot/loader.exe
shell\explore\command - F:\boot//loader.exe
shell\open\command - F:\boot/loader.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3534b338-98b4-11de-b9bc-000d6114ffee}]
shell\AutoRun\command - ice\fire\moco.exe
shell\Explore\command - ice\fire\moco.exe
shell\open\command - ice\fire\moco.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e6f1be-724c-11de-b965-000d6114ffee}]
shell\AutoRun\command - boot/ldr.exe
shell\explore\command - boot//ldr.exe
shell\open\command - boot/ldr.exe
======List of files/folders created in the last 1 months======
2010-01-25 08:02:46 ----D---- C:\rsit
2010-01-25 07:57:54 ----D---- C:\Program Files\Capturino V21
2010-01-23 17:48:26 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-01-23 17:48:09 ----D---- C:\Config.Msi
2010-01-23 17:48:07 ----D---- C:\Documents and Settings\All Users\Application Data\NOS(3)
2010-01-23 15:51:58 ----D---- C:\Documents and Settings\All Users\Application Data\NOS(2)
2010-01-22 07:31:30 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-01-22 07:27:31 ----D---- C:\Program Files\Atari
2010-01-14 08:11:09 ----D---- C:\Program Files\Adobe
2009-12-30 11:37:56 ----D---- C:\Documents and Settings\SANDRINE\Application Data\Panasonic
2009-12-30 11:37:21 ----A---- C:\WINDOWS\system32\PICSDK2.dll
2009-12-30 11:37:21 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-12-30 11:37:20 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-12-30 11:37:20 ----A---- C:\WINDOWS\system32\PICEntry.dll
2009-12-30 11:37:20 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-12-30 11:37:19 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-12-30 11:36:45 ----D---- C:\Program Files\Panasonic
======List of files/folders modified in the last 1 months======
2010-01-25 08:02:44 ----D---- C:\WINDOWS\Prefetch
2010-01-25 07:58:02 ----D---- C:\WINDOWS\system32
2010-01-25 07:57:54 ----D---- C:\Program Files
2010-01-25 07:17:34 ----D---- C:\Documents and Settings\SANDRINE\Application Data\Skype
2010-01-25 07:09:50 ----D---- C:\Documents and Settings\SANDRINE\Application Data\skypePM
2010-01-25 06:33:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-24 19:47:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-24 06:29:30 ----D---- C:\WINDOWS\system32\wbem
2010-01-23 17:50:50 ----D---- C:\WINDOWS
2010-01-23 17:49:14 ----D---- C:\WINDOWS\system32\config
2010-01-23 17:48:54 ----D---- C:\WINDOWS\Registration
2010-01-23 17:48:19 ----D---- C:\Program Files\Google
2010-01-23 17:48:09 ----SHD---- C:\WINDOWS\Installer
2010-01-23 17:47:48 ----D---- C:\WINDOWS\system32\Restore
2010-01-23 15:52:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-22 07:27:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-19 19:07:26 ----D---- C:\Documents and Settings\SANDRINE\Application Data\uTorrent
2010-01-15 12:00:19 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-01-14 08:11:49 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-14 08:11:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-11 15:12:45 ----D---- C:\WINDOWS\Minidump
2010-01-05 08:39:57 ----D---- C:\Program Files\Kidzui
2009-12-30 11:36:59 ----RSD---- C:\WINDOWS\Fonts
2009-12-27 07:49:55 ----D---- C:\Program Files\PhoTags Express
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-03-07 44384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 G400DH;G400DH; C:\WINDOWS\system32\DRIVERS\g400dhm.sys [2007-04-13 350464]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 P1130VID;Creative WebCam NX Pro; C:\WINDOWS\system32\DRIVERS\P1130Vid.sys [2003-05-07 90357]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-22 47360]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ddxgb;ddxgb; \??\C:\DOCUME~1\SANDRINE\LOCALS~1\Temp\ddxgb.sys []
S3 JL2005C;Dual Mode Camera; C:\WINDOWS\System32\Drivers\jl2005c.sys [2007-01-26 68954]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2007-10-07 427288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 MGABGEXE;MGABGEXE; C:\WINDOWS\system32\mgabg.exe [2007-04-04 87560]
S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-08 493200]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
et le info.txt
info.txt logfile of random's system information tool 1.06 2010-01-25 08:02:50
======Uninstall list======
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\ITE Raid Driver Setup\Uninst.isu"
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Silicon Image Base Driver\Uninst.isu"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis True Image Home-->MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ares 2.1.1-->"C:\Program Files\Ares\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Classic Menu 3.x for Office 2007-->"C:\Program Files\Classic Menu for Office\unins000.exe"
ConvertXtoDVD 3.3.2.100-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Creative PC-CAM Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D43F13A1-1E39-4BD4-9682-DF889FE75421}\setup.exe" -l0x40c /remove
Creative WebCam Monitor-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9EC1C6-3B51-11D6-B1A9-BCD2747AA951}\setup.exe" -l0x40c /remove
Creative WebCam NX Pro Driver (1.00.06.0512)-->C:\WINDOWS\CtDrvIns.exe -uninstall -script Pd1130.uns -unsext NT -plugin P1130Pin.dll -pluginres P1130Pin.crl
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dora l'exploratrice : Les animaux de la jungle-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF9FA161-78F2-11D8-95ED-000476379056}\setup.exe" -l0x40c -uninst
FastStone Image Viewer 3.7-->C:\Program Files\FastStone Image Viewer\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Kidzui-->"C:\Program Files\Kidzui\uninstall.exe"
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manuel d'utilisation de Creative WebCam NX Pro (Français)-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Creative\Creative WebCam NX Pro\Manuel d'utilisation de Creative WebCam NX Pro\French\CTManual.isu"
Matrox Graphics Software (remove only)-->C:\WINDOWS\system32\PDesk\PDUninst.exe
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MyDefrag v4.2.6-->"C:\Program Files\MyDefrag v4.2.6\unins000.exe"
NTREGOPT 1.1j-->"C:\Program Files\NT Registry Optimizer\unins000.exe"
Opera 10.10-->MsiExec.exe /X{690BE098-6D0D-493D-B079-BD7E8F81A141}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PHOTOfunSTUDIO -viewer--->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\Setup.exe" -l0x40c Package
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek AC'97 Audio-->Alcrmv.exe -r -m
SATARaid-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91649626-E343-11D5-BCEF-005004748D87}\Setup.exe" -l0x9
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
Uninstall Dual Mode Camera-->"C:\Program Files\JL2005C\unins000.exe"
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VoiceOver Kit-->MsiExec.exe /I{6DE13770-01B7-4366-8DA6-48237793F445}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 serial.alcohol-soft.com
127.0.0.1 www.alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 trial.alcohol-soft.com
127.0.0.1 alcohol-soft.com
======Security center information======
AV: AntiVir Desktop
======System event log======
Computer Name: SANDRINE
Event Code: 7
Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.
Record Number: 18583
Source Name: Cdrom
Time Written: 20091230172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 7
Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.
Record Number: 18582
Source Name: Cdrom
Time Written: 20091230172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 7
Message: Le périphérique \Device\CdRom1 comporte un bloc défectueux.
Record Number: 18581
Source Name: Cdrom
Time Written: 20091230172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 18561
Source Name: Tcpip
Time Written: 20091230105535.000000-360
Event Type: warning
User:
Computer Name: SANDRINE
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 18560
Source Name: Tcpip
Time Written: 20091230083127.000000-360
Event Type: warning
User:
=====Application event log=====
Computer Name: SANDRINE
Event Code: 1000
Message: Application défaillante opera.exe, version 10.0.1750.0, module défaillant npswf32.dll, version 10.0.22.87, adresse de défaillance 0x002646cd.
Record Number: 3982
Source Name: Application Error
Time Written: 20090919172131.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 20
Message:
Record Number: 3899
Source Name: Google Update
Time Written: 20090915134828.000000-360
Event Type: error
User: AUTORITE NT\SYSTEM
Computer Name: SANDRINE
Event Code: 20
Message:
Record Number: 3898
Source Name: Google Update
Time Written: 20090915124828.000000-360
Event Type: error
User: AUTORITE NT\SYSTEM
Computer Name: SANDRINE
Event Code: 8
Message: Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/m ... ootseq.txt> avec l'erreur : The server name or address could not be resolved
Record Number: 3880
Source Name: crypt32
Time Written: 20090914112126.000000-360
Event Type: error
User:
Computer Name: SANDRINE
Event Code: 1002
Message: Application bloquée opera.exe, version 10.0.1750.0, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Record Number: 3855
Source Name: Application Hang
Time Written: 20090912090313.000000-360
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Re: probleme reseau...
Salut,
Tu as des restes d'infections par disques amovibles, pour voir si l'infection n'est plus active :
Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton bureau.
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
Note : le rapport est sauvegardé à la racine du disque : C:\USBFix.txt)
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Du coup le problème est résolu ?hier j'ai recupere un point de restauration qui datait de vendredi la veille du probleme ce qui m'a permis de telecharger highjackthis je te poste le log
Tu as des restes d'infections par disques amovibles, pour voir si l'infection n'est plus active :
Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton bureau.
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
- Double-clique sur "USBFix.exe" pour lancer l'outil.
- Au menu principal choisis La langue : F pour Français
- Au second menu choisis l'option 1(recherche) et tape sur [entrée] .
- Puis laisse travailler l'outil ...
- Une fois terminé, poste le rapport USBFix.txt qui est généré ...
Note : le rapport est sauvegardé à la racine du disque : C:\USBFix.txt)
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Re: probleme reseau...
oui mon probleme est resolu
voici le log je vais refaire la meme chose avec mon disque dur externe pour voir s'il y a quelque chose de ce cote.
############################## | UsbFix V6.079 |
User : SANDRINE (Administrateurs) # SANDRINE
Update on 25/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:04:08 | 25/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : [email protected]
AMD Athlon(tm) XP 2500+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 29,81 Go (16,23 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,92 Go (1,18 Go free) [KINGSTON] # FAT
J:\ -> Disque fixe local # 119,23 Go (72,97 Go free) [Nouveau nom] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 720
C:\WINDOWS\system32\csrss.exe 784
C:\WINDOWS\system32\winlogon.exe 808
C:\WINDOWS\system32\services.exe 852
C:\WINDOWS\system32\lsass.exe 864
C:\WINDOWS\system32\svchost.exe 1040
C:\WINDOWS\system32\svchost.exe 1116
C:\WINDOWS\System32\svchost.exe 1212
C:\WINDOWS\system32\svchost.exe 1268
C:\WINDOWS\system32\svchost.exe 1400
C:\WINDOWS\system32\spoolsv.exe 1596
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1644
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1788
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1800
C:\Program Files\Bonjour\mDNSResponder.exe 1812
C:\WINDOWS\system32\svchost.exe 1976
C:\WINDOWS\Explorer.EXE 1060
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1368
C:\Program Files\iTunes\iTunesHelper.exe 1460
C:\WINDOWS\System32\alg.exe 2012
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1932
C:\WINDOWS\system32\ctfmon.exe 344
C:\WINDOWS\system32\wscntfy.exe 548
C:\Program Files\iPod\bin\iPodService.exe 2064
C:\Program Files\Windows Live\Contacts\wlcomm.exe 2488
C:\WINDOWS\system32\csrss.exe 3252
C:\WINDOWS\system32\winlogon.exe 3280
C:\WINDOWS\system32\wscntfy.exe 3596
C:\WINDOWS\Explorer.EXE 3608
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 3724
C:\Program Files\Java\jre6\bin\jusched.exe 3736
C:\Program Files\iTunes\iTunesHelper.exe 3804
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3852
C:\Program Files\Skype\Phone\Skype.exe 3876
C:\Program Files\Windows Live\Contacts\wlcomm.exe 632
C:\Program Files\Skype\Plugin Manager\skypePM.exe 2784
C:\Program Files\Internet Explorer\IEXPLORE.EXE 2636
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3164
C:\Program Files\Opera\opera.exe 3236
C:\WINDOWS\system32\wbem\wmiprvse.exe 1712
################## | Elements infectieux |
F:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{0e9d2656-bcba-11de-b9ff-000d6114ffee}
Shell\AutoRun\command =F:\boot/loader.exe
Shell\explore\command =F:\boot//loader.exe
Shell\open\command =F:\boot/loader.exe
HKCU\..\..\Explorer\MountPoints2\{3534b338-98b4-11de-b9bc-000d6114ffee}
Shell\AutoRun\command =ice\fire\moco.exe
Shell\Explore\Command =ice\fire\moco.exe
Shell\open\command =ice\fire\moco.exe
HKCU\..\..\Explorer\MountPoints2\{9c23fd22-0a09-11de-89a8-86bdbad5d101}
Shell\AutoRun\command =tmp/bak.exe
Shell\explore\command =tmp/bak.exe
Shell\open\command =tmp/bak.exe
HKCU\..\..\Explorer\MountPoints2\{f1e6f1be-724c-11de-b965-000d6114ffee}
Shell\AutoRun\command =boot/ldr.exe
Shell\explore\command =boot//ldr.exe
Shell\open\command =boot/ldr.exe
################## | ! Fin du rapport # UsbFix V6.079 ! |
voici le log je vais refaire la meme chose avec mon disque dur externe pour voir s'il y a quelque chose de ce cote.
############################## | UsbFix V6.079 |
User : SANDRINE (Administrateurs) # SANDRINE
Update on 25/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:04:08 | 25/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : [email protected]
AMD Athlon(tm) XP 2500+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 29,81 Go (16,23 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,92 Go (1,18 Go free) [KINGSTON] # FAT
J:\ -> Disque fixe local # 119,23 Go (72,97 Go free) [Nouveau nom] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 720
C:\WINDOWS\system32\csrss.exe 784
C:\WINDOWS\system32\winlogon.exe 808
C:\WINDOWS\system32\services.exe 852
C:\WINDOWS\system32\lsass.exe 864
C:\WINDOWS\system32\svchost.exe 1040
C:\WINDOWS\system32\svchost.exe 1116
C:\WINDOWS\System32\svchost.exe 1212
C:\WINDOWS\system32\svchost.exe 1268
C:\WINDOWS\system32\svchost.exe 1400
C:\WINDOWS\system32\spoolsv.exe 1596
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1644
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1788
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1800
C:\Program Files\Bonjour\mDNSResponder.exe 1812
C:\WINDOWS\system32\svchost.exe 1976
C:\WINDOWS\Explorer.EXE 1060
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1368
C:\Program Files\iTunes\iTunesHelper.exe 1460
C:\WINDOWS\System32\alg.exe 2012
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 1932
C:\WINDOWS\system32\ctfmon.exe 344
C:\WINDOWS\system32\wscntfy.exe 548
C:\Program Files\iPod\bin\iPodService.exe 2064
C:\Program Files\Windows Live\Contacts\wlcomm.exe 2488
C:\WINDOWS\system32\csrss.exe 3252
C:\WINDOWS\system32\winlogon.exe 3280
C:\WINDOWS\system32\wscntfy.exe 3596
C:\WINDOWS\Explorer.EXE 3608
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 3724
C:\Program Files\Java\jre6\bin\jusched.exe 3736
C:\Program Files\iTunes\iTunesHelper.exe 3804
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3852
C:\Program Files\Skype\Phone\Skype.exe 3876
C:\Program Files\Windows Live\Contacts\wlcomm.exe 632
C:\Program Files\Skype\Plugin Manager\skypePM.exe 2784
C:\Program Files\Internet Explorer\IEXPLORE.EXE 2636
C:\Program Files\Internet Explorer\IEXPLORE.EXE 3164
C:\Program Files\Opera\opera.exe 3236
C:\WINDOWS\system32\wbem\wmiprvse.exe 1712
################## | Elements infectieux |
F:\autorun.inf
################## | Registre |
################## | Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\{0e9d2656-bcba-11de-b9ff-000d6114ffee}
Shell\AutoRun\command =F:\boot/loader.exe
Shell\explore\command =F:\boot//loader.exe
Shell\open\command =F:\boot/loader.exe
HKCU\..\..\Explorer\MountPoints2\{3534b338-98b4-11de-b9bc-000d6114ffee}
Shell\AutoRun\command =ice\fire\moco.exe
Shell\Explore\Command =ice\fire\moco.exe
Shell\open\command =ice\fire\moco.exe
HKCU\..\..\Explorer\MountPoints2\{9c23fd22-0a09-11de-89a8-86bdbad5d101}
Shell\AutoRun\command =tmp/bak.exe
Shell\explore\command =tmp/bak.exe
Shell\open\command =tmp/bak.exe
HKCU\..\..\Explorer\MountPoints2\{f1e6f1be-724c-11de-b965-000d6114ffee}
Shell\AutoRun\command =boot/ldr.exe
Shell\explore\command =boot//ldr.exe
Shell\open\command =boot/ldr.exe
################## | ! Fin du rapport # UsbFix V6.079 ! |
Re: probleme reseau...
voila
############################## | UsbFix V6.079 |
User : SANDRINE (Administrateurs) # SANDRINE
Update on 25/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:35:10 | 25/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : [email protected]
AMD Athlon(tm) XP 2500+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 29,81 Go (16,17 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,92 Go (1,18 Go free) [KINGSTON] # FAT
J:\ -> Disque fixe local # 119,23 Go (72,97 Go free) [Nouveau nom] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 812
C:\WINDOWS\system32\winlogon.exe 836
C:\WINDOWS\system32\services.exe 880
C:\WINDOWS\system32\lsass.exe 892
C:\WINDOWS\system32\svchost.exe 1064
C:\WINDOWS\system32\svchost.exe 1144
C:\WINDOWS\System32\svchost.exe 1240
C:\WINDOWS\system32\svchost.exe 1296
C:\WINDOWS\system32\svchost.exe 1420
C:\WINDOWS\system32\spoolsv.exe 1624
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1672
C:\WINDOWS\Explorer.EXE 1956
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 316
C:\Program Files\Java\jre6\bin\jusched.exe 280
C:\Program Files\iTunes\iTunesHelper.exe 348
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe 352
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 376
C:\WINDOWS\system32\ctfmon.exe 396
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 656
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 668
C:\Program Files\Bonjour\mDNSResponder.exe 680
C:\WINDOWS\system32\svchost.exe 1080
C:\Program Files\iPod\bin\iPodService.exe 2320
C:\WINDOWS\System32\alg.exe 2584
C:\WINDOWS\system32\wscntfy.exe 2620
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3076
C:\WINDOWS\system32\csrss.exe 3232
C:\WINDOWS\system32\winlogon.exe 3292
C:\WINDOWS\system32\logonui.exe 3660
C:\WINDOWS\system32\userinit.exe 3888
C:\WINDOWS\system32\wscntfy.exe 3904
C:\WINDOWS\Explorer.EXE 3920
C:\WINDOWS\system32\wbem\wmiprvse.exe 428
################## | Elements infectieux |
Supprimé ! C:\Recycler\S-1-5-21-0512487745-1667578765-843848466-3362
Supprimé ! C:\Recycler\S-1-5-21-3695833405-6903402582-700304298-1740
Supprimé ! C:\Recycler\S-1-5-21-6303295140-9459058844-154164214-3708
Supprimé ! C:\Recycler\S-1-5-21-842925246-790525478-1801674531-1003
Supprimé ! C:\Recycler\S-1-5-21-842925246-790525478-1801674531-1005
Supprimé ! C:\Recycler\S-1-5-21-8672580997-6637522862-188313538-8001
F:\autorun.inf -> fichier appelé : "F:\tmp/bak.exe" ( Absent ! )
F:\autorun.inf -> fichier appelé : "F:\tmp/bak.exe" ( Absent ! )
Supprimé ! F:\autorun.inf
Supprimé ! J:\Recycler\S-1-5-21-842925246-790525478-1801674531-1003
Supprimé ! J:\Recycler\S-1-5-21-842925246-790525478-1801674531-1005
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{0e9d2656-bcba-11de-b9ff-000d6114ffee}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3534b338-98b4-11de-b9bc-000d6114ffee}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f1e6f1be-724c-11de-b965-000d6114ffee}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[05/03/2009 11:00|--a------|0] C:\AUTOEXEC.BAT
[05/03/2009 10:55|---hs----|212] C:\boot.ini
[28/08/2001 06:00|-rahs----|4952] C:\Bootfont.bin
[05/03/2009 11:00|--a------|0] C:\CONFIG.SYS
[06/03/2009 01:21|--a------|97] C:\CtDrvIns.log
[06/03/2009 01:21|--a------|1925] C:\CtDrvStp.log
[04/12/2009 08:36|--a------|107480] C:\errlgr.txt
[05/03/2009 11:00|-rahs----|0] C:\IO.SYS
[19/10/2009 12:20|--a------|116553] C:\ituneslib.itl
[05/03/2009 11:00|-rahs----|0] C:\MSDOS.SYS
[13/04/2008 01:43|-rahs----|47564] C:\NTDETECT.COM
[13/04/2008 03:31|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[25/01/2010 14:34|--a------|627] C:\sti.log
[25/01/2010 14:38|--a------|4220] C:\UsbFix.txt
[25/08/2009 15:49|--ah-----|4096] F:\._.Trashes
[12/01/2010 13:50|--a------|76288] F:\CUENTA 2010.xls
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
################## | Upload |
Veuillez envoyer le fichier : C:\DOCUME~1\SANDRINE\Bureau\UsbFix_Upload_Me_SANDRINE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.079 ! |
############################## | UsbFix V6.079 |
User : SANDRINE (Administrateurs) # SANDRINE
Update on 25/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:35:10 | 25/01/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : [email protected]
AMD Athlon(tm) XP 2500+
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
A:\ -> Lecteur de disquettes 3 ½ pouces
C:\ -> Disque fixe local # 29,81 Go (16,17 Go free) # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible # 1,92 Go (1,18 Go free) [KINGSTON] # FAT
J:\ -> Disque fixe local # 119,23 Go (72,97 Go free) [Nouveau nom] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 712
C:\WINDOWS\system32\csrss.exe 812
C:\WINDOWS\system32\winlogon.exe 836
C:\WINDOWS\system32\services.exe 880
C:\WINDOWS\system32\lsass.exe 892
C:\WINDOWS\system32\svchost.exe 1064
C:\WINDOWS\system32\svchost.exe 1144
C:\WINDOWS\System32\svchost.exe 1240
C:\WINDOWS\system32\svchost.exe 1296
C:\WINDOWS\system32\svchost.exe 1420
C:\WINDOWS\system32\spoolsv.exe 1624
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1672
C:\WINDOWS\Explorer.EXE 1956
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 316
C:\Program Files\Java\jre6\bin\jusched.exe 280
C:\Program Files\iTunes\iTunesHelper.exe 348
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe 352
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 376
C:\WINDOWS\system32\ctfmon.exe 396
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 656
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 668
C:\Program Files\Bonjour\mDNSResponder.exe 680
C:\WINDOWS\system32\svchost.exe 1080
C:\Program Files\iPod\bin\iPodService.exe 2320
C:\WINDOWS\System32\alg.exe 2584
C:\WINDOWS\system32\wscntfy.exe 2620
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3076
C:\WINDOWS\system32\csrss.exe 3232
C:\WINDOWS\system32\winlogon.exe 3292
C:\WINDOWS\system32\logonui.exe 3660
C:\WINDOWS\system32\userinit.exe 3888
C:\WINDOWS\system32\wscntfy.exe 3904
C:\WINDOWS\Explorer.EXE 3920
C:\WINDOWS\system32\wbem\wmiprvse.exe 428
################## | Elements infectieux |
Supprimé ! C:\Recycler\S-1-5-21-0512487745-1667578765-843848466-3362
Supprimé ! C:\Recycler\S-1-5-21-3695833405-6903402582-700304298-1740
Supprimé ! C:\Recycler\S-1-5-21-6303295140-9459058844-154164214-3708
Supprimé ! C:\Recycler\S-1-5-21-842925246-790525478-1801674531-1003
Supprimé ! C:\Recycler\S-1-5-21-842925246-790525478-1801674531-1005
Supprimé ! C:\Recycler\S-1-5-21-8672580997-6637522862-188313538-8001
F:\autorun.inf -> fichier appelé : "F:\tmp/bak.exe" ( Absent ! )
F:\autorun.inf -> fichier appelé : "F:\tmp/bak.exe" ( Absent ! )
Supprimé ! F:\autorun.inf
Supprimé ! J:\Recycler\S-1-5-21-842925246-790525478-1801674531-1003
Supprimé ! J:\Recycler\S-1-5-21-842925246-790525478-1801674531-1005
################## | Registre |
################## | Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{0e9d2656-bcba-11de-b9ff-000d6114ffee}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{3534b338-98b4-11de-b9bc-000d6114ffee}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{f1e6f1be-724c-11de-b965-000d6114ffee}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[05/03/2009 11:00|--a------|0] C:\AUTOEXEC.BAT
[05/03/2009 10:55|---hs----|212] C:\boot.ini
[28/08/2001 06:00|-rahs----|4952] C:\Bootfont.bin
[05/03/2009 11:00|--a------|0] C:\CONFIG.SYS
[06/03/2009 01:21|--a------|97] C:\CtDrvIns.log
[06/03/2009 01:21|--a------|1925] C:\CtDrvStp.log
[04/12/2009 08:36|--a------|107480] C:\errlgr.txt
[05/03/2009 11:00|-rahs----|0] C:\IO.SYS
[19/10/2009 12:20|--a------|116553] C:\ituneslib.itl
[05/03/2009 11:00|-rahs----|0] C:\MSDOS.SYS
[13/04/2008 01:43|-rahs----|47564] C:\NTDETECT.COM
[13/04/2008 03:31|-rahs----|252240] C:\ntldr
[?|?|?] C:\pagefile.sys
[25/01/2010 14:34|--a------|627] C:\sti.log
[25/01/2010 14:38|--a------|4220] C:\UsbFix.txt
[25/08/2009 15:49|--ah-----|4096] F:\._.Trashes
[12/01/2010 13:50|--a------|76288] F:\CUENTA 2010.xls
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# F:\autorun.inf -> Dossier créé par UsbFix.
# J:\autorun.inf -> Dossier créé par UsbFix.
################## | Upload |
Veuillez envoyer le fichier : C:\DOCUME~1\SANDRINE\Bureau\UsbFix_Upload_Me_SANDRINE.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .
################## | ! Fin du rapport # UsbFix V6.079 ! |
Re: probleme reseau...
Re,
Relance USBFix avec l'option 5 pour le désinstaller.
Supprime :
C:\RSIT
Pour moi c'est OK ;)
Bye
Relance USBFix avec l'option 5 pour le désinstaller.
Supprime :
C:\RSIT
Pour moi c'est OK ;)
Bye
-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
-
Erreur 0x80070035 et problème de partage réseau
par Closterpat » » dans Windows : Résoudre les problèmes - 13 Réponses
- 189 Vues
-
Dernier message par Closterpat
-
-
- 55 Réponses
- 920 Vues
-
Dernier message par Parisien_entraide
-
- 40 Réponses
- 939 Vues
-
Dernier message par angelique
-
- 7 Réponses
- 183 Vues
-
Dernier message par Malekal_morte
-
- 6 Réponses
- 147 Vues
-
Dernier message par herve62