Impossible d'installer avira
figman
Messages postés
806
Statut
Membre
-
figman Messages postés 806 Statut Membre -
figman Messages postés 806 Statut Membre -
Bonjour,
Mon PC de bureau rame , plante et impossible d'installer antivir , il devient lent quand je fais un scan avec RAV il touve des virus mais il peut pas les supprimer ,
J'attends votre aide pour une désinfection et je vous remercie , voilà le rapport RSIT
ps: mon pc de bureau n'est pas connecter au net ,
@+++
Logfile of random's system information tool 1.05 (written by random/random)
Run by securité at 2009-08-19 10:40:13
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 11 GB (55%) free of 20 GB
Total RAM: 119 MB (19% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DRIVESYS1"=C:\Windows\System32\bycool1\windo.exe [2008-08-13 1475697]
"Cmaudio"=RunDll32 cmicnfg.cpl []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaDICO36]
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe [2004-05-27 252416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-19 1745408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-06-10 229376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Larousse Expression.lnk]
C:\PROGRA~1\Larousse\LAROUS~1\bin\olf.exe [2002-10-25 1142784]
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoFolderOptions"=0
"NoFind"=0
"NoRun"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveTypeAutoRun"=
"NoFolderOptions"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\log.exe"="H:\log.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:ipsec"
"C:\Program Files\Real\RealGames\CueClub\cueclub.exe"="C:\Program Files\Real\RealGames\CueClub\cueclub.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\Windows\System32\bycool1\windo.exe"="C:\Windows\System32\bycool1\windo.exe:*:Enabled:ipsec"
"C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE"="C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE:*:Enabled:ipsec"
"C:\Program Files\Larousse\Larousse Expression\bin\olfTray.exe"="C:\Program Files\Larousse\Larousse Expression\bin\olfTray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:ipsec"
"C:\PROGRA~1\Larousse\Shared\bin\hisrv3.exe"="C:\PROGRA~1\Larousse\Shared\bin\hisrv3.exe:*:Enabled:ipsec"
"C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe"="C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe:*:Enabled:ipsec"
"C:\Program Files\Larousse\Larousse Expression\bin\olf.exe"="C:\Program Files\Larousse\Larousse Expression\bin\olf.exe:*:Enabled:ipsec"
"C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE"="C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE:*:Enabled:ipsec"
"C:\Program Files\Ela-Salaty\Salaty.exe"="C:\Program Files\Ela-Salaty\Salaty.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01347480-067a-11d6-85f1-00a0961f3eb9}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{046c518a-3d46-11de-8681-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{138cdd1c-c1a8-11dc-84b8-00138f7117f8}]
shell\AutoRun\command - I:\RunDll32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{147bf63a-316a-11de-866c-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - I:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b80080a-faa5-11dd-8616-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{208a4470-8d52-11dd-859f-00a0961f3eb9}]
shell\AutoRun\command - H:\d.com
shell\explore\command - H:\d.com
shell\open\command - H:\d.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24ab0362-df1b-11dd-85ed-00a0961f3eb9}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3049dd6e-e44f-11dc-84d9-00138f7117f8}]
shell\AutoRun\command - J:\d6fagcs8.cmd
shell\explore\command - J:\d6fagcs8.cmd
shell\open\command - J:\d6fagcs8.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37369ca2-b79f-11dc-84af-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL systems.com
shell\read\command - explorer.exe
shell\start\command - systems.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37d2a244-3a40-11de-867e-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - I:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{552f29d2-83c2-11dd-8590-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e242250-d3e9-11dd-85e2-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{813a6db4-11f9-11de-8639-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88b3a8b8-1a96-11dd-851c-00138f7117f8}]
shell\AutoRun\command - H:\d6fagcs8.cmd
shell\explore\command - H:\d6fagcs8.cmd
shell\open\command - H:\d6fagcs8.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8feb219e-fb49-11dd-8617-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6da0cf8-dfc4-11dd-85ef-00a0961f3eb9}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a955eeac-07f1-11de-862b-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af0c32ee-cf02-11dc-84c8-00138f7117f8}]
shell\AutoRun\command - I:\RunDll32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1d305da-0e42-11de-8634-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca79f9a0-2418-11de-8659-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - I:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb426bb8-8181-11dd-858b-00a0961f3eb9}]
shell\AutoRun\command - H:\d.com
shell\explore\command - H:\d.com
shell\open\command - H:\d.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8e5c48a-a329-11dd-85be-00a0961f3eb9}]
shell\AutoRun\command - H:\d.com
shell\explore\command - H:\d.com
shell\open\command - H:\d.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd787332-29aa-11de-8665-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3800872-e51b-11dc-84dc-00138f7117f8}]
shell\Auto\command - auto.exe
shell\AutoRun\command - auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{edc92428-75d3-11de-86c7-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f193fd6c-0630-11dd-850c-00138f7117f8}]
shell\AutoRun\command - H:\d6fagcs8.cmd
shell\explore\command - H:\d6fagcs8.cmd
shell\open\command - H:\d6fagcs8.cmd
======List of files/folders created in the last 1 months======
2009-08-19 10:40:21 ----D---- C:\Program Files\trend micro
2009-08-19 10:40:13 ----D---- C:\rsit
2009-08-19 08:30:54 ----D---- C:\WINDOWS\LastGood
2009-08-18 13:03:42 ----SHD---- C:\FOUND.016
2009-08-18 12:56:22 ----SHD---- C:\FOUND.015
2009-08-18 10:53:47 ----D---- C:\Program Files\ESET
2009-08-18 10:53:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2009-08-08 15:58:55 ----D---- C:\Thawla_Ichatahane
2009-07-22 08:31:52 ----SHD---- C:\FOUND.014
======List of files/folders modified in the last 1 months======
2009-08-18 15:57:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-05 15:45:46 ----A---- C:\WINDOWS\quran.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-02 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-02 55936]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2002-04-19 29383]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2002-04-19 81712]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-12-12 784832]
R3 dac970nt;dac970nt; \??\C:\WINDOWS\system32\drivers\ookion.sys []
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys []
S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2002-01-21 19809]
S3 BTWUSB;%BTWUSB.SvcDesc%; C:\WINDOWS\System32\Drivers\btwusb.sys [2002-04-19 59664]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-02 9600]
S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys []
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-02 12288]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-02 5888]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbsermpt;Motorola USB Modem Driver for MPT; C:\WINDOWS\system32\DRIVERS\usbsermpt.sys [2008-04-09 22768]
S4 cdawdm;CDAWDM; C:\WINDOWS\system32\DRIVERS\CDAWDM.sys []
S4 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 143360]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 166960]
S3 SCAN;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-08-19 10:40:27
======Uninstall list======
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
40000 lettres types & correspondance-->"C:\Program Files\Anuman Interactive\40000 lettres types & correspondance\unins000.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
AutoSketch-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Autodesk\AutoSketch\DeIsL12.isu"
BitDefender Total Security 2008-->MsiExec.exe /I{DB368901-C41E-4D86-9809-E0EE635A6939}
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Courriers Types-->C:\WINDOWS\unin040c.exe -fC:\CourriersTypes\Programmes\DeIsL1.isu
Ela-Salaty-->"C:\WINDOWS\Ela-Salaty\uninstall.exe" "/U:C:\Program Files\Ela-Salaty\Uninstall\uninstall.xml"
Larousse Expression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBC55378-F255-4BF9-AA64-496AD831E6DB}\SETUP.EXE" -l0x40c
Micro Application - 36 Dictionnaires et Recueils de Correspondance-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}\SETUP.EXE" -l0x40c -uninst
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
PaperPort 9.0-->MsiExec.exe /I{83BE83F8-49D8-4A51-AB88-D6D6DFB5D502}
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1036
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Widcomm Bluetooth Software 1.2.2.9-->MsiExec.exe /X{0F51A262-1ADF-4914-B448-78AC58C4178A}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
======Security center information======
AV: BitDefender Antivirus (disabled) (outdated)
AV: ESET NOD32 Antivirus 3.0
FW: Pare-feu BitDefender (disabled)
System event log
Computer Name: SECURIT-A2D6A47
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.
Record Number: 921
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
Record Number: 920
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM
Computer Name: SECURIT-A2D6A47
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 919
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM
Computer Name: SECURIT-A2D6A47
Event Code: 7000
Message: Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 918
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: error
User:
Computer Name: SECURIT-A2D6A47
Event Code: 26
Message: Application popup : : Machine Check: Regs
Record Number: 917
Source Name: Application Popup
Time Written: 20090715145322.000000+120
Event Type: information
User:
Application event log
Computer Name: SECURIT-A2D6A47
Event Code: 101
Message: wuauclt (128) Le moteur de base de données est arrêté.
Record Number: 5
Source Name: ESENT
Time Written: 20090510151701.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 103
Message: wuaueng.dll (128) SUS20ClientDataStore: Le moteur de base de données a arrêté une instance (0).
Record Number: 4
Source Name: ESENT
Time Written: 20090510151701.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 102
Message: wuaueng.dll (128) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 3
Source Name: ESENT
Time Written: 20090510151200.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 100
Message: wuauclt (128) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 2
Source Name: ESENT
Time Written: 20090510151200.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 1
Source Name: SecurityCenter
Time Written: 20090510151121.000000+120
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
Mon PC de bureau rame , plante et impossible d'installer antivir , il devient lent quand je fais un scan avec RAV il touve des virus mais il peut pas les supprimer ,
J'attends votre aide pour une désinfection et je vous remercie , voilà le rapport RSIT
ps: mon pc de bureau n'est pas connecter au net ,
@+++
Logfile of random's system information tool 1.05 (written by random/random)
Run by securité at 2009-08-19 10:40:13
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 11 GB (55%) free of 20 GB
Total RAM: 119 MB (19% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DRIVESYS1"=C:\Windows\System32\bycool1\windo.exe [2008-08-13 1475697]
"Cmaudio"=RunDll32 cmicnfg.cpl []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaDICO36]
C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\LanceMediaDICO36.exe [2004-05-27 252416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-19 1745408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-06-10 229376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Larousse Expression.lnk]
C:\PROGRA~1\Larousse\LAROUS~1\bin\olf.exe [2002-10-25 1142784]
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoFolderOptions"=0
"NoFind"=0
"NoRun"=0
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveTypeAutoRun"=
"NoFolderOptions"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\log.exe"="H:\log.exe:*:Enabled:ipsec"
"C:\WINDOWS\Explorer.EXE"="C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"="C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:ipsec"
"C:\Program Files\Real\RealGames\CueClub\cueclub.exe"="C:\Program Files\Real\RealGames\CueClub\cueclub.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ipsec"
"C:\Windows\System32\bycool1\windo.exe"="C:\Windows\System32\bycool1\windo.exe:*:Enabled:ipsec"
"C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE"="C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\Rac36.EXE:*:Enabled:ipsec"
"C:\Program Files\Larousse\Larousse Expression\bin\olfTray.exe"="C:\Program Files\Larousse\Larousse Expression\bin\olfTray.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE"="C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE:*:Enabled:ipsec"
"C:\PROGRA~1\Larousse\Shared\bin\hisrv3.exe"="C:\PROGRA~1\Larousse\Shared\bin\hisrv3.exe:*:Enabled:ipsec"
"C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe"="C:\Program Files\Widcomm\Bluetooth Software\BTStackServer.exe:*:Enabled:ipsec"
"C:\Program Files\Larousse\Larousse Expression\bin\olf.exe"="C:\Program Files\Larousse\Larousse Expression\bin\olf.exe:*:Enabled:ipsec"
"C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE"="C:\Program Files\Micro Application\36 Dictionnaires et Recueils de Correspondance\MediaDICO36.EXE:*:Enabled:ipsec"
"C:\Program Files\Ela-Salaty\Salaty.exe"="C:\Program Files\Ela-Salaty\Salaty.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{01347480-067a-11d6-85f1-00a0961f3eb9}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{046c518a-3d46-11de-8681-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{138cdd1c-c1a8-11dc-84b8-00138f7117f8}]
shell\AutoRun\command - I:\RunDll32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{147bf63a-316a-11de-866c-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - I:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b80080a-faa5-11dd-8616-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{208a4470-8d52-11dd-859f-00a0961f3eb9}]
shell\AutoRun\command - H:\d.com
shell\explore\command - H:\d.com
shell\open\command - H:\d.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24ab0362-df1b-11dd-85ed-00a0961f3eb9}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3049dd6e-e44f-11dc-84d9-00138f7117f8}]
shell\AutoRun\command - J:\d6fagcs8.cmd
shell\explore\command - J:\d6fagcs8.cmd
shell\open\command - J:\d6fagcs8.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37369ca2-b79f-11dc-84af-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL systems.com
shell\read\command - explorer.exe
shell\start\command - systems.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37d2a244-3a40-11de-867e-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - I:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{552f29d2-83c2-11dd-8590-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e242250-d3e9-11dd-85e2-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{813a6db4-11f9-11de-8639-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88b3a8b8-1a96-11dd-851c-00138f7117f8}]
shell\AutoRun\command - H:\d6fagcs8.cmd
shell\explore\command - H:\d6fagcs8.cmd
shell\open\command - H:\d6fagcs8.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8feb219e-fb49-11dd-8617-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6da0cf8-dfc4-11dd-85ef-00a0961f3eb9}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a955eeac-07f1-11de-862b-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af0c32ee-cf02-11dc-84c8-00138f7117f8}]
shell\AutoRun\command - I:\RunDll32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1d305da-0e42-11de-8634-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca79f9a0-2418-11de-8659-00138f7117f8}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - I:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb426bb8-8181-11dd-858b-00a0961f3eb9}]
shell\AutoRun\command - H:\d.com
shell\explore\command - H:\d.com
shell\open\command - H:\d.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8e5c48a-a329-11dd-85be-00a0961f3eb9}]
shell\AutoRun\command - H:\d.com
shell\explore\command - H:\d.com
shell\open\command - H:\d.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd787332-29aa-11de-8665-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3800872-e51b-11dc-84dc-00138f7117f8}]
shell\Auto\command - auto.exe
shell\AutoRun\command - auto.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{edc92428-75d3-11de-86c7-00a0961f3eb9}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL log.exe
shell\Ouvrir\command - H:\log.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f193fd6c-0630-11dd-850c-00138f7117f8}]
shell\AutoRun\command - H:\d6fagcs8.cmd
shell\explore\command - H:\d6fagcs8.cmd
shell\open\command - H:\d6fagcs8.cmd
======List of files/folders created in the last 1 months======
2009-08-19 10:40:21 ----D---- C:\Program Files\trend micro
2009-08-19 10:40:13 ----D---- C:\rsit
2009-08-19 08:30:54 ----D---- C:\WINDOWS\LastGood
2009-08-18 13:03:42 ----SHD---- C:\FOUND.016
2009-08-18 12:56:22 ----SHD---- C:\FOUND.015
2009-08-18 10:53:47 ----D---- C:\Program Files\ESET
2009-08-18 10:53:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2009-08-08 15:58:55 ----D---- C:\Thawla_Ichatahane
2009-07-22 08:31:52 ----SHD---- C:\FOUND.014
======List of files/folders modified in the last 1 months======
2009-08-18 15:57:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-05 15:45:46 ----A---- C:\WINDOWS\quran.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-02 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-02 55936]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2002-04-19 29383]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2002-04-19 81712]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-12-12 784832]
R3 dac970nt;dac970nt; \??\C:\WINDOWS\system32\drivers\ookion.sys []
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys []
S3 btaudio;Périphérique audio Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2002-01-21 19809]
S3 BTWUSB;%BTWUSB.SvcDesc%; C:\WINDOWS\System32\Drivers\btwusb.sys [2002-04-19 59664]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-02 9600]
S3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys []
S3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-02 12288]
S3 Profos;Profos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-02 5888]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 Trufos;Trufos; \??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbsermpt;Motorola USB Modem Driver for MPT; C:\WINDOWS\system32\DRIVERS\usbsermpt.sys [2008-04-09 22768]
S4 cdawdm;CDAWDM; C:\WINDOWS\system32\DRIVERS\CDAWDM.sys []
S4 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 143360]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 166960]
S3 SCAN;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-08-19 10:40:27
======Uninstall list======
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
40000 lettres types & correspondance-->"C:\Program Files\Anuman Interactive\40000 lettres types & correspondance\unins000.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70700000002}
AutoSketch-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\Autodesk\AutoSketch\DeIsL12.isu"
BitDefender Total Security 2008-->MsiExec.exe /I{DB368901-C41E-4D86-9809-E0EE635A6939}
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Courriers Types-->C:\WINDOWS\unin040c.exe -fC:\CourriersTypes\Programmes\DeIsL1.isu
Ela-Salaty-->"C:\WINDOWS\Ela-Salaty\uninstall.exe" "/U:C:\Program Files\Ela-Salaty\Uninstall\uninstall.xml"
Larousse Expression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBC55378-F255-4BF9-AA64-496AD831E6DB}\SETUP.EXE" -l0x40c
Micro Application - 36 Dictionnaires et Recueils de Correspondance-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}\SETUP.EXE" -l0x40c -uninst
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
PaperPort 9.0-->MsiExec.exe /I{83BE83F8-49D8-4A51-AB88-D6D6DFB5D502}
QuickTime-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1036
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Widcomm Bluetooth Software 1.2.2.9-->MsiExec.exe /X{0F51A262-1ADF-4914-B448-78AC58C4178A}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
======Security center information======
AV: BitDefender Antivirus (disabled) (outdated)
AV: ESET NOD32 Antivirus 3.0
FW: Pare-feu BitDefender (disabled)
System event log
Computer Name: SECURIT-A2D6A47
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.
Record Number: 921
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
Record Number: 920
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM
Computer Name: SECURIT-A2D6A47
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 919
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: information
User: AUTORITE NT\SYSTEM
Computer Name: SECURIT-A2D6A47
Event Code: 7000
Message: Le service BDVEDISK n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 918
Source Name: Service Control Manager
Time Written: 20090715145326.000000+120
Event Type: error
User:
Computer Name: SECURIT-A2D6A47
Event Code: 26
Message: Application popup : : Machine Check: Regs
Record Number: 917
Source Name: Application Popup
Time Written: 20090715145322.000000+120
Event Type: information
User:
Application event log
Computer Name: SECURIT-A2D6A47
Event Code: 101
Message: wuauclt (128) Le moteur de base de données est arrêté.
Record Number: 5
Source Name: ESENT
Time Written: 20090510151701.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 103
Message: wuaueng.dll (128) SUS20ClientDataStore: Le moteur de base de données a arrêté une instance (0).
Record Number: 4
Source Name: ESENT
Time Written: 20090510151701.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 102
Message: wuaueng.dll (128) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 3
Source Name: ESENT
Time Written: 20090510151200.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 100
Message: wuauclt (128) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 2
Source Name: ESENT
Time Written: 20090510151200.000000+120
Event Type: information
User:
Computer Name: SECURIT-A2D6A47
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 1
Source Name: SecurityCenter
Time Written: 20090510151121.000000+120
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
A voir également:
- Impossible d'installer avira
- Installer clavier arabe - Télécharger - Divers Web & Internet
- Installer windows 10 sans compte microsoft - Guide
- Installer chromecast sur tv - Guide
- Installer windows 10 gratuitement - Accueil - Mise à jour
- Installer microsoft store - Guide
25 réponses
Salut hackman ,
ça marche pas Dr web sur le pc infecté , par contre je l'ai essayé sur un autre pc ça a marché ,
je fais quoi ?
@+++
ça marche pas Dr web sur le pc infecté , par contre je l'ai essayé sur un autre pc ça a marché ,
je fais quoi ?
@+++
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question