Fenetres intempestive sous firefox
Dernière réponse : dans Sécurité
Bonjour,
depuis quelques jours, des fenêtres intempestives s'ouvrent sous firefox.
J'ai téléchargé hijack et voici mon rapport, merci pour vos réponses :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:13, on 02/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Suppresion malwares\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll (file missing)
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\wso.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 7021 bytes
depuis quelques jours, des fenêtres intempestives s'ouvrent sous firefox.
J'ai téléchargé hijack et voici mon rapport, merci pour vos réponses :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:13, on 02/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Suppresion malwares\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOn.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll (file missing)
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\wso.dll (file missing)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 7021 bytes
Autres pages sur : fenetres intempestive firefox
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Je te remercie t'occuper de mon cas. Si ca peux t'aider, c'est depuis mardi 1er décembre en soirée, date à laquelle j'ai installé un logiciel pour voir la tv sur ordi. En fait, il m'a installé un programme nommé gamezstar.
voici les 2 rapports, je te remercie :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-12-03 13:06:49
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 22 GB (10%) free of 234 GB
Total RAM: 255 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:09:25, on 03/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\Suppresion malwares\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 6795 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
C:\WINDOWS\tasks\Symantec NetDetect.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
Automated Content Enhancer - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll [2009-11-25 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
Content Management Wizard - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll [2009-11-26 1232896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"NAV Agent"=C:\PROGRA~1\NORTON~1\navapw32.exe [2001-08-21 74832]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"=C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe [2003-01-01 155648]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [2002-10-07 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
C:\WINDOWS\System32\hphmon05.exe [2003-05-23 483328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE REBOOT []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2003-08-19 4841472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
nview.dll,nViewLoadHook []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regcmdcons]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2003-06-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MsnFixer.lnk]
C:\hp\bin\msnfix\msnfixjs.js []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe:*:Enabled:volley"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Info.exe folder.htt 480 480
======List of files/folders created in the last 1 months======
2009-12-03 13:06:49 ----D---- C:\rsit
2009-12-02 14:33:48 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-02 12:43:07 ----D---- C:\Program Files\Navilog1
2009-12-02 10:26:51 ----D---- C:\Program Files\RegCleaner
2009-12-02 00:07:39 ----D---- C:\Program Files\Suppresion malwares
2009-12-02 00:03:45 ----D---- C:\Program Files\Hattrick Control
2009-12-01 21:48:28 ----D---- C:\Program Files\Content Management Wizard
2009-12-01 21:46:03 ----D---- C:\Program Files\Customized Platform Advancer
2009-12-01 21:45:21 ----D---- C:\Program Files\Automated Content Enhancer
2009-11-08 11:52:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-11-08 11:48:34 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-08 11:48:31 ----D---- C:\WINDOWS\system32\en-US
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-11-08 11:46:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
======List of files/folders modified in the last 1 months======
2009-12-03 13:07:57 ----D---- C:\WINDOWS\Prefetch
2009-12-03 13:03:44 ----D---- C:\WINDOWS\Minidump
2009-12-03 13:03:44 ----D---- C:\WINDOWS
2009-12-03 12:25:30 ----D---- C:\Program Files\Mozilla Firefox
2009-12-03 12:19:02 ----D---- C:\WINDOWS\Temp
2009-12-03 11:38:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-02 16:07:20 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-02 14:33:48 ----RD---- C:\Program Files
2009-12-02 09:43:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\vlc
2009-12-01 23:00:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-01 22:06:41 ----SHD---- C:\WINDOWS\Installer
2009-12-01 22:06:41 ----SHD---- C:\Config.Msi
2009-11-29 03:50:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-26 23:23:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2009-11-26 23:14:58 ----D---- C:\Program Files\PokerStars
2009-11-25 14:00:46 ----D---- C:\WINDOWS\system32
2009-11-25 08:02:49 ----HD---- C:\WINDOWS\inf
2009-11-25 08:02:35 ----D---- C:\WINDOWS\WinSxS
2009-11-25 07:59:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-17 22:26:11 ----D---- C:\WINDOWS\Debug
2009-11-17 22:22:49 ----D---- C:\WINDOWS\network diagnostic
2009-11-08 21:32:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-08 21:31:59 ----RSD---- C:\WINDOWS\assembly
2009-11-08 20:47:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-08 20:36:40 ----D---- C:\WINDOWS\Registration
2009-11-08 12:40:16 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-08 12:33:20 ----D---- C:\WINDOWS\system32\URTTemp
2009-11-08 11:51:56 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-08 11:51:18 ----D---- C:\WINDOWS\system32\mui
2009-11-08 11:48:29 ----RSD---- C:\WINDOWS\Fonts
2009-11-08 11:47:46 ----D---- C:\WINDOWS\system32\spool
2009-11-08 11:18:41 ----D---- C:\WINDOWS\system32\drivers
2009-11-08 10:56:56 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-06 00:26:31 ----D---- C:\WINDOWS\system32\Restore
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 08:11:41 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-05 07:58:18 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-04 23:22:36 ----D---- C:\WINDOWS\ie8updates
2009-11-04 23:22:13 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-01-01 43488]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-16 788300]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-13 594432]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\System32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
R3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NavEx15.Sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-03 10368]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-16 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-08-11 265344]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-08-13 319488]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 navapsvc;Service Norton AntiVirus Auto-Protect; C:\Program Files\Norton AntiVirus\navapsvc.exe [2001-08-21 115792]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-19 77824]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-12-03 13:09:34
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class![:D]( ":D")
ISPLAY -clean
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Suppresion malwares\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}
HPIZ311-->MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninst
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
======System event log======
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3466
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: erreur
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.
Record Number: 3465
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.
Record Number: 3464
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: Informations
User: NOM-FQIMEKRLHDE\Propriétaire
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3463
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: erreur
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.
Record Number: 3462
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: NOM-FQIMEKRLHDE
Event Code: 103
Message: msnmsgr (3764) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 1112
Source Name: ESENT
Time Written: 20091015161327.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 102
Message: msnmsgr (3764) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 1111
Source Name: ESENT
Time Written: 20091015160620.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 100
Message: msnmsgr (3764) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 1110
Source Name: ESENT
Time Written: 20091015160619.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 101
Message: msnmsgr (3796) Le moteur de base de données est arrêté.
Record Number: 1109
Source Name: ESENT
Time Written: 20091014205611.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 103
Message: msnmsgr (3796) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 1108
Source Name: ESENT
Time Written: 20091014205611.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
voici les 2 rapports, je te remercie :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-12-03 13:06:49
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 22 GB (10%) free of 234 GB
Total RAM: 255 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:09:25, on 03/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\Program Files\Suppresion malwares\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - (no file)
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 6795 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
C:\WINDOWS\tasks\Symantec NetDetect.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
Automated Content Enhancer - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll [2009-11-25 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
Content Management Wizard - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll [2009-11-26 1232896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"NAV Agent"=C:\PROGRA~1\NORTON~1\navapw32.exe [2001-08-21 74832]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"=C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe [2003-01-01 155648]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [2002-10-07 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
C:\WINDOWS\System32\hphmon05.exe [2003-05-23 483328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE REBOOT []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2003-08-19 4841472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
nview.dll,nViewLoadHook []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regcmdcons]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2003-06-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MsnFixer.lnk]
C:\hp\bin\msnfix\msnfixjs.js []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe:*:Enabled:volley"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Info.exe folder.htt 480 480
======List of files/folders created in the last 1 months======
2009-12-03 13:06:49 ----D---- C:\rsit
2009-12-02 14:33:48 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-02 12:43:07 ----D---- C:\Program Files\Navilog1
2009-12-02 10:26:51 ----D---- C:\Program Files\RegCleaner
2009-12-02 00:07:39 ----D---- C:\Program Files\Suppresion malwares
2009-12-02 00:03:45 ----D---- C:\Program Files\Hattrick Control
2009-12-01 21:48:28 ----D---- C:\Program Files\Content Management Wizard
2009-12-01 21:46:03 ----D---- C:\Program Files\Customized Platform Advancer
2009-12-01 21:45:21 ----D---- C:\Program Files\Automated Content Enhancer
2009-11-08 11:52:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-11-08 11:48:34 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-08 11:48:31 ----D---- C:\WINDOWS\system32\en-US
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-11-08 11:46:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
======List of files/folders modified in the last 1 months======
2009-12-03 13:07:57 ----D---- C:\WINDOWS\Prefetch
2009-12-03 13:03:44 ----D---- C:\WINDOWS\Minidump
2009-12-03 13:03:44 ----D---- C:\WINDOWS
2009-12-03 12:25:30 ----D---- C:\Program Files\Mozilla Firefox
2009-12-03 12:19:02 ----D---- C:\WINDOWS\Temp
2009-12-03 11:38:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-02 16:07:20 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-02 14:33:48 ----RD---- C:\Program Files
2009-12-02 09:43:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\vlc
2009-12-01 23:00:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-01 22:06:41 ----SHD---- C:\WINDOWS\Installer
2009-12-01 22:06:41 ----SHD---- C:\Config.Msi
2009-11-29 03:50:34 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-26 23:23:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2009-11-26 23:14:58 ----D---- C:\Program Files\PokerStars
2009-11-25 14:00:46 ----D---- C:\WINDOWS\system32
2009-11-25 08:02:49 ----HD---- C:\WINDOWS\inf
2009-11-25 08:02:35 ----D---- C:\WINDOWS\WinSxS
2009-11-25 07:59:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-17 22:26:11 ----D---- C:\WINDOWS\Debug
2009-11-17 22:22:49 ----D---- C:\WINDOWS\network diagnostic
2009-11-08 21:32:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-08 21:31:59 ----RSD---- C:\WINDOWS\assembly
2009-11-08 20:47:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-08 20:36:40 ----D---- C:\WINDOWS\Registration
2009-11-08 12:40:16 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-08 12:33:20 ----D---- C:\WINDOWS\system32\URTTemp
2009-11-08 11:51:56 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-08 11:51:18 ----D---- C:\WINDOWS\system32\mui
2009-11-08 11:48:29 ----RSD---- C:\WINDOWS\Fonts
2009-11-08 11:47:46 ----D---- C:\WINDOWS\system32\spool
2009-11-08 11:18:41 ----D---- C:\WINDOWS\system32\drivers
2009-11-08 10:56:56 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-06 00:26:31 ----D---- C:\WINDOWS\system32\Restore
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 08:11:41 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-05 07:58:18 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-04 23:22:36 ----D---- C:\WINDOWS\ie8updates
2009-11-04 23:22:13 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-01-01 43488]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-16 788300]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-13 594432]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\System32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
R3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NavEx15.Sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-03 10368]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-16 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-08-11 265344]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-08-13 319488]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 navapsvc;Service Norton AntiVirus Auto-Protect; C:\Program Files\Norton AntiVirus\navapsvc.exe [2001-08-21 115792]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-19 77824]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-12-03 13:09:34
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -cleanCCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Suppresion malwares\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}
HPIZ311-->MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninst
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
======System event log======
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3466
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: erreur
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.
Record Number: 3465
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.
Record Number: 3464
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: Informations
User: NOM-FQIMEKRLHDE\Propriétaire
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3463
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: erreur
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.
Record Number: 3462
Source Name: Service Control Manager
Time Written: 20091024140027.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: NOM-FQIMEKRLHDE
Event Code: 103
Message: msnmsgr (3764) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 1112
Source Name: ESENT
Time Written: 20091015161327.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 102
Message: msnmsgr (3764) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 1111
Source Name: ESENT
Time Written: 20091015160620.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 100
Message: msnmsgr (3764) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 1110
Source Name: ESENT
Time Written: 20091015160619.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 101
Message: msnmsgr (3796) Le moteur de base de données est arrêté.
Record Number: 1109
Source Name: ESENT
Time Written: 20091014205611.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 103
Message: msnmsgr (3796) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 1108
Source Name: ESENT
Time Written: 20091014205611.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3285
Windows 5.1.2600 Service Pack 3
03/12/2009 17:29:45
mbam-log-2009-12-03 (17-29-44).txt
Type de recherche: Examen rapide
Eléments examinés: 104689
Temps écoulé: 12 minute(s), 57 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 36
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 19
Fichier(s) infecté(s): 231
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\config (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\Incoming (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\lang (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\skins (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\Temp (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\WDIR (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\webserver (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1004296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1031765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\106609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1075343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1076046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1076375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\110125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\110890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1146906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1151093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1151984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1220781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1221812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1221828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1239968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1241453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1242109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1243093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\124703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\126843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\127406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\143703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\145500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\146812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1484406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1485187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1485359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1486437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1487390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1487640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1588203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2087296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2120375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2145843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2147953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2148640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2218031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2222531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2257406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\225796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\226078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\226093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\255625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\256203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\256390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\292796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\293078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\293093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\300250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\301390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\301937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\308671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\309281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\309312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\318421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\319500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\320046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\324296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\325140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\325687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\332312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\333171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\342343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\343843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\344390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\358046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\358312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\365296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\366671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\367218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\382687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\384265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\384937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\430812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\431046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\518687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\520312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\618765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\619265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\619609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\620593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\621921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\654437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\656015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\658625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\660875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\887781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\89562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\913718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\918375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\933203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\934921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\935640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\998578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\flec003.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\names.txt (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\config\preferences.ini (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-214526.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-215735.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-220110.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-220748.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224204.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224257.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224339.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-232743.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-234144.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-003306.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-003306.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-004834.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-005619.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-053306.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092235.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092929.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092933.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-093732.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-093738.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-104155.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-105427.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-112644.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-113658.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-114447.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-114538.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-121615.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-123404.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-124938.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-132422.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-142218.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-151140.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-172657.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-183126.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-183131.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-191544.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-195823.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-202705.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-114542.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-122522.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-132144.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-133954.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-134613.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-142539.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-144617.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-150534.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-151103.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-151827.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-160847.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-214619.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-215739.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-220110.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-220748.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224205.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224258.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224339.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-232747.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-234146.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-003308.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-003309.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-004838.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-005620.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-053307.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092236.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092929.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092933.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-093732.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-093738.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-104156.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-105428.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-112644.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-113658.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-114447.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-114538.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-121615.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-123404.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-124939.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-132422.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-142219.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-151140.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-183126.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-183131.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-191545.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-202706.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-114545.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-122524.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-142539.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-144617.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-150534.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-151103.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-151827.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-160847.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\11s11ro1s1a2.sys (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\0535251103110107106.xry (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146120114.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\01011201014650105.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\01011201014650120.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465653.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\ectbbyn.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\prxid93ps.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\th823567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
Version de la base de données: 3285
Windows 5.1.2600 Service Pack 3
03/12/2009 17:29:45
mbam-log-2009-12-03 (17-29-44).txt
Type de recherche: Examen rapide
Eléments examinés: 104689
Temps écoulé: 12 minute(s), 57 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 36
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 19
Fichier(s) infecté(s): 231
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.cmw (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.cmw.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\config (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\Incoming (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\lang (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\skins (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\Temp (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\WDIR (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\webserver (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1004296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1031765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\106609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1075343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1076046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1076375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\110125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\110890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1146906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1151093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1151984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1220781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1221812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1221828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1239968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1241453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1242109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1243093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\124703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\126843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\127406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1384734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\143703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\145500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\146812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1484406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1485187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1485359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1486437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1487390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1487640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\1588203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2087296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2120375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2145843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2147953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2148640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2218031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2222531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\224984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2257406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\225796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\226078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\226093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\2299921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\255625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\256203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\256390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\292796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\293078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\293093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\300250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\301390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\301937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\308671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\309281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\309312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\317546.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\318421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\319500.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\320046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\324296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\325140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\325687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\332312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\333171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\342343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\343843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\344390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\358046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\358312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\365296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\366671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\367218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\376640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\382687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\384265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\384937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\430812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\431046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\513562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\518687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\519656.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\520312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\560390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\618765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\619265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\619609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\620593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\621921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\654437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\656015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\658625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\659703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\660875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\887781.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\89562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\913718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\918375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\933203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\934921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\935640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\downld\998578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\flec003.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\names.txt (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\hidires\config\preferences.ini (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-214526.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-215735.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-220110.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-220748.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224204.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224257.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-224339.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-232743.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091201-234144.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-003306.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-003306.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-004834.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-005619.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-053306.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092235.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092929.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-092933.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-093732.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-093738.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-104155.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-105427.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-112644.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-113658.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-114447.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-114538.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-121615.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-123404.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-124938.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-132422.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-142218.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-151140.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-172657.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-183126.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-183131.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-191544.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-195823.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091202-202705.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-114542.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-122522.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-132144.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-133954.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-134613.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-142539.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-144617.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-150534.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-151103.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-151827.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\NP_20091203-160847.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Automated Content Enhancer\4.1.0.5190\rstatus.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-214619.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-215739.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-220110.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-220748.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224205.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224258.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-224339.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-232747.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091201-234146.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-003308.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-003309.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-004838.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-005620.109.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-053307.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092236.875.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092929.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-092933.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-093732.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-093738.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-104156.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-105428.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-112644.500.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-113658.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-114447.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-114538.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-121615.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-123404.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-124939.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-132422.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-142219.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-151140.546.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-183126.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-183131.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-191545.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091202-202706.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-114545.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-122524.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-142539.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-144617.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-150534.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-151103.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-151827.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Customized Platform Advancer\3.1.0.1630\HJHP_20091203-160847.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Propriétaire\Application Data\drivers\11s11ro1s1a2.sys (Worm.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\0535251103110107106.xry (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146120114.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\01011201014650105.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\01011201014650120.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465653.fx (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\ectbbyn.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\prxid93ps.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\th823567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
############################## | FindyKill V5.020 |
# User : Propriétaire (Administrateurs) # NOM-FQIMEKRLHDE
# Update on 26/11/2009 by Chiquitine29
# Start at: 18:12:06 | 03/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) XP 2800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 228,36 Go (21,89 Go free) [HP_PAVILION] # NTFS
# D:\ # Disque fixe local # 4,51 Go (601,85 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | C: |
Présent ! D:\autorun.inf
################## | C:\WINDOWS |
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
Présent ! C:\Documents and Settings\Propri‚taire\Application Data\drivers
################## | Autres detections ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
# User : Propriétaire (Administrateurs) # NOM-FQIMEKRLHDE
# Update on 26/11/2009 by Chiquitine29
# Start at: 18:12:06 | 03/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) XP 2800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 228,36 Go (21,89 Go free) [HP_PAVILION] # NTFS
# D:\ # Disque fixe local # 4,51 Go (601,85 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | C: |
Présent ! D:\autorun.inf
################## | C:\WINDOWS |
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
Présent ! C:\Documents and Settings\Propri‚taire\Application Data\drivers
################## | Autres detections ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
/!\ Il y aura un redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
############################## | FindyKill V5.020 |
# User : Propriétaire (Administrateurs) # NOM-FQIMEKRLHDE
# Update on 26/11/2009 by Chiquitine29
# Start at: 19:41:27 | 03/12/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com
# AMD Athlon(tm) XP 2800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 228,36 Go (21,9 Go free) [HP_PAVILION] # NTFS
# D:\ # Disque fixe local # 4,51 Go (601,85 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
################## | C: |
Supprimé ! D:\"autorun.inf"
################## | C:\WINDOWS |
Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-0F8DCEDB.pf
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
Supprimé ! C:\Documents and Settings\Propri‚taire\Application Data\drivers
################## | Autres suppressions ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Supprimé ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Supprimé ! [HKLM\software\microsoft\security center] "FirewallOverride"
Supprimé ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | PEH ... |
Corrompu : C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\register.exe
[Offset = 000000E4 - Valeur = 0x0001]
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.020 ! |
1er rapport :
info.txt logfile of random's system information tool 1.06 2009-12-03 20:53:51
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class![:D]( ":D")
ISPLAY -clean
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}
HPIZ311-->MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninst
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
======System event log======
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.
Record Number: 3575
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: Informations
User: NOM-FQIMEKRLHDE\Propriétaire
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3574
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: erreur
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.
Record Number: 3573
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.
Record Number: 3572
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: Informations
User: NOM-FQIMEKRLHDE\Propriétaire
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3571
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: erreur
User:
=====Application event log=====
Computer Name: NOM-FQIMEKRLHDE
Event Code: 0
Message:
Record Number: 1139
Source Name: Capture Device Service
Time Written: 20091017131448.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 101
Message: msnmsgr (2084) Le moteur de base de données est arrêté.
Record Number: 1138
Source Name: ESENT
Time Written: 20091016173054.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 103
Message: msnmsgr (2084) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 1137
Source Name: ESENT
Time Written: 20091016173054.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 102
Message: msnmsgr (2084) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 1136
Source Name: ESENT
Time Written: 20091016162133.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 100
Message: msnmsgr (2084) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 1135
Source Name: ESENT
Time Written: 20091016162132.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
2ème rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-12-03 20:52:43
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 22 GB (10%) free of 234 GB
Total RAM: 255 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:53:40, on 03/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Suppresion malwares\rsit\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 5990 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
C:\WINDOWS\tasks\Symantec NetDetect.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"NAV Agent"=C:\PROGRA~1\NORTON~1\navapw32.exe [2001-08-21 74832]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"=C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe [2003-01-01 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [2002-10-07 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
C:\WINDOWS\System32\hphmon05.exe [2003-05-23 483328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE REBOOT []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2003-08-19 4841472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
nview.dll,nViewLoadHook []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regcmdcons]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2003-06-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MsnFixer.lnk]
C:\hp\bin\msnfix\msnfixjs.js []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe:*:Enabled:volley"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Info.exe folder.htt 480 480
======List of files/folders created in the last 1 months======
2009-12-03 20:52:48 ----D---- C:\Program Files\trend micro
2009-12-03 20:52:43 ----D---- C:\rsit
2009-12-03 18:10:46 ----D---- C:\FindyKill
2009-12-03 17:12:38 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2009-12-03 17:12:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-03 17:12:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-02 10:26:51 ----D---- C:\Program Files\RegCleaner
2009-12-02 00:07:39 ----D---- C:\Program Files\Suppresion malwares
2009-12-02 00:03:45 ----D---- C:\Program Files\Hattrick Control
2009-11-08 11:52:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-11-08 11:48:34 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-08 11:48:31 ----D---- C:\WINDOWS\system32\en-US
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-11-08 11:46:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
======List of files/folders modified in the last 1 months======
2009-12-03 20:53:11 ----D---- C:\WINDOWS\Prefetch
2009-12-03 20:52:48 ----RD---- C:\Program Files
2009-12-03 20:49:38 ----D---- C:\Program Files\Mozilla Firefox
2009-12-03 20:37:08 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-03 20:13:43 ----D---- C:\WINDOWS\system32
2009-12-03 20:13:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-03 20:12:52 ----D---- C:\WINDOWS\Temp
2009-12-03 19:59:10 ----D---- C:\WINDOWS
2009-12-03 19:40:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-03 17:12:28 ----D---- C:\WINDOWS\system32\drivers
2009-12-03 16:42:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-03 14:45:05 ----D---- C:\Program Files\HattrickOrganizer
2009-12-03 13:03:44 ----D---- C:\WINDOWS\Minidump
2009-12-02 09:43:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\vlc
2009-12-01 23:00:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-01 22:06:41 ----SHD---- C:\WINDOWS\Installer
2009-12-01 22:06:41 ----SHD---- C:\Config.Msi
2009-11-26 23:23:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2009-11-26 23:14:58 ----D---- C:\Program Files\PokerStars
2009-11-25 08:02:49 ----HD---- C:\WINDOWS\inf
2009-11-25 08:02:35 ----D---- C:\WINDOWS\WinSxS
2009-11-25 07:59:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-17 22:26:11 ----D---- C:\WINDOWS\Debug
2009-11-17 22:22:49 ----D---- C:\WINDOWS\network diagnostic
2009-11-08 21:32:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-08 21:31:59 ----RSD---- C:\WINDOWS\assembly
2009-11-08 20:36:40 ----D---- C:\WINDOWS\Registration
2009-11-08 12:40:16 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-08 12:33:20 ----D---- C:\WINDOWS\system32\URTTemp
2009-11-08 11:51:56 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-08 11:51:18 ----D---- C:\WINDOWS\system32\mui
2009-11-08 11:48:29 ----RSD---- C:\WINDOWS\Fonts
2009-11-08 11:47:46 ----D---- C:\WINDOWS\system32\spool
2009-11-08 10:56:56 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-06 00:26:31 ----D---- C:\WINDOWS\system32\Restore
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 08:11:41 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-05 07:58:18 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-04 23:22:36 ----D---- C:\WINDOWS\ie8updates
2009-11-04 23:22:13 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-01-01 43488]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-16 788300]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-13 594432]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\System32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
R3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NavEx15.Sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-03 10368]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-16 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-08-11 265344]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-08-13 319488]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 navapsvc;Service Norton AntiVirus Auto-Protect; C:\Program Files\Norton AntiVirus\navapsvc.exe [2001-08-21 115792]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-19 77824]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-12-03 20:53:51
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe" --u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArcSoft ShowBiz 2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{791B20D4-AE59-4DE9-B45F-BA01F3D0A493}\setup.exe" -l0x40c
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -cleanCCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif du dictionnaire français pour Office 2000-->MsiExec.exe /I{DCF67823-AFC3-11D3-BD80-0010A4E5C232}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Photo and Imaging 2.0 - Photosmart Cameras-->MsiExec.exe /X{5D7F0A0E-369E-46C0-9F99-FAB21A064781}
HP PSC & OfficeJet 3.0-->"C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update-->MsiExec.exe /X{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}
HPIZ311-->MsiExec.exe /X{F247869D-3643-4A9F-821B-3534145928E3}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
Java 2 Runtime Environment, SE v1.4.2-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
K-Lite Codec Pack 5.0.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Norton AntiVirus 2002-->MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
NVIDIA GART Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA GART Driver
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Photo et imagerie HP 3.1-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninst
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x040c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
======System event log======
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.
Record Number: 3575
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: Informations
User: NOM-FQIMEKRLHDE\Propriétaire
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3574
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: erreur
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.
Record Number: 3573
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.
Record Number: 3572
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: Informations
User: NOM-FQIMEKRLHDE\Propriétaire
Computer Name: NOM-FQIMEKRLHDE
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.
Record Number: 3571
Source Name: Service Control Manager
Time Written: 20091024140031.000000+120
Event Type: erreur
User:
=====Application event log=====
Computer Name: NOM-FQIMEKRLHDE
Event Code: 0
Message:
Record Number: 1139
Source Name: Capture Device Service
Time Written: 20091017131448.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 101
Message: msnmsgr (2084) Le moteur de base de données est arrêté.
Record Number: 1138
Source Name: ESENT
Time Written: 20091016173054.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 103
Message: msnmsgr (2084) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a arrêté une instance (0).
Record Number: 1137
Source Name: ESENT
Time Written: 20091016173054.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 102
Message: msnmsgr (2084) \\.\C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\elodie.les@hotmail.fr\SharingMetadata\Working\database_E060_1AD4_601A_B0F0\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 1136
Source Name: ESENT
Time Written: 20091016162133.000000+120
Event Type: Informations
User:
Computer Name: NOM-FQIMEKRLHDE
Event Code: 100
Message: msnmsgr (2084) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 1135
Source Name: ESENT
Time Written: 20091016162132.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
2ème rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-12-03 20:52:43
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 22 GB (10%) free of 234 GB
Total RAM: 255 MB (14% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:53:40, on 03/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Suppresion malwares\rsit\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr10.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshell/GameHost/1....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 5990 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
C:\WINDOWS\tasks\Symantec NetDetect.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll [2003-09-03 98304]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton AntiVirus\NavShExt.dll [2001-08-21 102400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"NAV Agent"=C:\PROGRA~1\NORTON~1\navapw32.exe [2001-08-21 74832]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"=C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe [2003-01-01 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
C:\WINDOWS\ALCXMNTR.EXE [2003-04-03 50176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-08-12 335872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe [2002-10-07 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
C:\WINDOWS\System32\hphmon05.exe [2003-05-23 483328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IcoSet]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE [2003-02-11 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
c:\Program Files\Fichiers communs\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE REBOOT []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2003-08-19 4841472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]
nview.dll,nViewLoadHook []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordNow!]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\regcmdcons]
c:\hp\bin\cloaker.exe [1999-11-07 27136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
C:\Windows\Creator\Remind_XP.exe [2003-06-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-07-07 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MsnFixer.lnk]
C:\hp\bin\msnfix\msnfixjs.js []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Local Settings\Temp\Rar$EX01.922\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe"="C:\Documents and Settings\Propriétaire\Bureau\bv\Volley\Volley\volley.exe:*:Enabled:volley"
"C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe"="C:\Documents and Settings\Propriétaire\Mes documents\Stéphane\Téléchargements Mozilla\Blobby_Volley_1.8\volley.exe:*:Enabled:volley"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Info.exe folder.htt 480 480
======List of files/folders created in the last 1 months======
2009-12-03 20:52:48 ----D---- C:\Program Files\trend micro
2009-12-03 20:52:43 ----D---- C:\rsit
2009-12-03 18:10:46 ----D---- C:\FindyKill
2009-12-03 17:12:38 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
2009-12-03 17:12:22 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-03 17:12:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-02 10:26:51 ----D---- C:\Program Files\RegCleaner
2009-12-02 00:07:39 ----D---- C:\Program Files\Suppresion malwares
2009-12-02 00:03:45 ----D---- C:\Program Files\Hattrick Control
2009-11-08 11:52:35 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-11-08 11:48:34 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-08 11:48:31 ----D---- C:\WINDOWS\system32\en-US
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-11-08 11:46:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-11-08 11:46:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
======List of files/folders modified in the last 1 months======
2009-12-03 20:53:11 ----D---- C:\WINDOWS\Prefetch
2009-12-03 20:52:48 ----RD---- C:\Program Files
2009-12-03 20:49:38 ----D---- C:\Program Files\Mozilla Firefox
2009-12-03 20:37:08 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-03 20:13:43 ----D---- C:\WINDOWS\system32
2009-12-03 20:13:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-03 20:12:52 ----D---- C:\WINDOWS\Temp
2009-12-03 19:59:10 ----D---- C:\WINDOWS
2009-12-03 19:40:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-03 17:12:28 ----D---- C:\WINDOWS\system32\drivers
2009-12-03 16:42:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-03 14:45:05 ----D---- C:\Program Files\HattrickOrganizer
2009-12-03 13:03:44 ----D---- C:\WINDOWS\Minidump
2009-12-02 09:43:53 ----D---- C:\Documents and Settings\Propriétaire\Application Data\vlc
2009-12-01 23:00:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-01 22:06:41 ----SHD---- C:\WINDOWS\Installer
2009-12-01 22:06:41 ----SHD---- C:\Config.Msi
2009-11-26 23:23:43 ----D---- C:\Documents and Settings\Propriétaire\Application Data\dvdcss
2009-11-26 23:14:58 ----D---- C:\Program Files\PokerStars
2009-11-25 08:02:49 ----HD---- C:\WINDOWS\inf
2009-11-25 08:02:35 ----D---- C:\WINDOWS\WinSxS
2009-11-25 07:59:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-17 22:26:11 ----D---- C:\WINDOWS\Debug
2009-11-17 22:22:49 ----D---- C:\WINDOWS\network diagnostic
2009-11-08 21:32:00 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-08 21:31:59 ----RSD---- C:\WINDOWS\assembly
2009-11-08 20:36:40 ----D---- C:\WINDOWS\Registration
2009-11-08 12:40:16 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-08 12:33:20 ----D---- C:\WINDOWS\system32\URTTemp
2009-11-08 11:51:56 ----D---- C:\WINDOWS\system32\fr-fr
2009-11-08 11:51:18 ----D---- C:\WINDOWS\system32\mui
2009-11-08 11:48:29 ----RSD---- C:\WINDOWS\Fonts
2009-11-08 11:47:46 ----D---- C:\WINDOWS\system32\spool
2009-11-08 10:56:56 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-06 00:26:31 ----D---- C:\WINDOWS\system32\Restore
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 08:11:41 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-05 07:58:18 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-04 23:22:36 ----D---- C:\WINDOWS\ie8updates
2009-11-04 23:22:13 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-01-01 43488]
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-10-16 788300]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-13 594432]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\System32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-11-13 210304]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
R3 NAVAP;NAVAP; \??\C:\WINDOWS\System32\Drivers\NAVAP.SYS []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091202.006\NavEx15.Sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-03 10368]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-16 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-08-11 265344]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-08-13 319488]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 navapsvc;Service Norton AntiVirus Auto-Protect; C:\Program Files\Norton AntiVirus\navapsvc.exe [2001-08-21 115792]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-19 77824]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
"C:\Program Files\Suppresion malwares", c'est moi qui ai crée ce dossier afin d'y regrouper les différents logiciels pour supprimer mes fenêtres intempestives.
Pour l'anti virus, mon ordi rame avec, c'est un vieux ! Mais, on me conseille avast, je pense l'intaller prochainement afin déviter toute complications pour le futur.
En tout cas, merci à toi, les fenetres intempestives ont disparus.
Affaire résolue.
Citation :
Pour l'anti virus, mon ordi rame avec, c'est un vieux !--> 256Mo de RAM pour XP, c'est peu.
Citation :
Mais, on me conseille avast, je pense l'intaller prochainement afin déviter toute complications pour le futur. --> Je te conseille plutôt AntiVir Personal.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumFenetres pubs intempestives sur Firefox (Vista)
- Forumprobleme fenetre intempestive firefox
- ForumFenêtres intempestives sur Mozilla Firefox
- ForumFenêtres intempestives sous Firefox
- SolutionsProbleme d ouverture de fenetres intempestive [ Résolu]
- ForumOuverture intempestive IE avec fenetres de publicité
- ForumOuverture intempestive de fenetres publicitaires [RESOLU]
- ForumOuverture intempestive de fenêtres ie
- ForumFenêtres intempestive IExplorer (pc-on-internet.com).
- Voir plus
