Problème PCU tourne sans arrêt

rigattone -  
 rigattone -
Bonjour,

Depuis hier, mon pc est très ralenti. Le pcu tourne entre 96 et 100% sans arrêt. J'ai aussi un message lorsque j'arrive à l'éteindre, impossible de fermer explorer.exe.

Qu'en pensez-vous?

Merci
Fred
Configuration: Windows XP
Opera 9.51

23 réponses

  • 1
  • 2
  1. rigattone
     
    Ci-joint le rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:28:15, on 28/08/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Prog à moi\Opera\Opera.exe
    D:\Dossier Perso\00 Install\Sécurité Nettoyage\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGÀM~1\COPERN~1\COPERN~1.DLL
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Prog à moi\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Belkin Wireless Utility.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
    O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Prog à moi\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGÀM~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGÀM~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968}: NameServer = 213.36.80.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IAS NAP Provider (iasnap32) - Unknown owner - rundll32.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    0
  2. rigattone
     
    Bonjour,

    Voilà 3 jours que j'ai des problèmes avec mon pc.
    Vu que je n'ai eu aucune réponse concernant mon problème. Est ce que je dois en déduire qu'il est bon à jeter ou est-ce que qqun aurait un peu de temps à m'accorder.
    Merci d'avance

    Voici le dernier rapport hijackthis:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Rachel et Fred at 2009-08-28 17:56:13
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 5 GB (15%) free of 36 GB
    Total RAM: 1014 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:56, on 2009-08-28
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Prog à moi\Opera\Opera.exe
    C:\Prog à moi\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Prog à moi\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Documents and Settings\Rachel et Fred\Bureau\RSIT malware removal.exe
    D:\Dossier Perso\00 Install\Sécurité Nettoyage\Rachel et Fred.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGÀM~1\COPERN~1\COPERN~1.DLL
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Prog à moi\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Belkin Wireless Utility.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
    O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Prog à moi\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGÀM~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGÀM~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968}: NameServer = 213.36.80.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IAS NAP Provider (iasnap32) - Unknown owner - rundll32.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    0
  3. rigattone
     
    Encore une journée sans réponse.
    Maintenant 4 jours que mon pc et moi ramons dans un désert inextricable.

    Est ce qu'on peut survivre à tps d'indifférence? Oui/Non

    N'oubliez pas mon rapport est au dessous si ça vous dit !

    PS.Un petit mot d'un modérateur si le sujet l'intéresse, bien sur.

    A+

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:56, on 2009-08-28
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Safe mode with network support

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Prog à moi\Opera\Opera.exe
    C:\Prog à moi\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Prog à moi\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Documents and Settings\Rachel et Fred\Bureau\RSIT malware removal.exe
    D:\Dossier Perso\00 Install\Sécurité Nettoyage\Rachel et Fred.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGÀM~1\COPERN~1\COPERN~1.DLL
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Prog à moi\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Belkin Wireless Utility.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
    O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Prog à moi\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGÀM~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGÀM~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/stat ... DP-1.1.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968}: NameServer = 213.36.80.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IAS NAP Provider (iasnap32) - Unknown owner - rundll32.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    End of file - 10827 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\1 Copernic Intra-Daily ~ACER-CAB9EEA47C Rachel et Fred.job

    C:\WINDOWS\tasks\2 Copernic Daily ~ACER-CAB9EEA47C Rachel et Fred.job

    C:\WINDOWS\tasks\3 Copernic Weekly ~ACER-CAB9EEA47C Rachel et Fred.job

    C:\WINDOWS\tasks\4 Copernic Monthly ~ACER-CAB9EEA47C Rachel et Fred.job

    C:\WINDOWS\tasks\1 Copernic Intra-Daily ~ACER-CAB9EEA47C Projet.job

    C:\WINDOWS\tasks\2 Copernic Daily ~ACER-CAB9EEA47C Projet.job

    C:\WINDOWS\tasks\3 Copernic Weekly ~ACER-CAB9EEA47C Projet.job

    C:\WINDOWS\tasks\4 Copernic Monthly ~ACER-CAB9EEA47C Projet.job

    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

    Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

    Spybot-S&D IE Protection - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-25 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-10 669168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]

    PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-06-04 806912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\PROGÀM~1\COPERN~1\COPERN~1.DLL [2004-12-02 1142744]

    {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-06-04 806912]

    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-25 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-16 15600128]

    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-07 102491]

    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-07 692315]

    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]

    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]

    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]

    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-10-19 69632]

    "EPM-DM"=c:\acer\Empowering Technology\ePower\epm-dm.exe [2005-11-25 212992]

    "Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2005-11-09 3084288]

    "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2009-03-18 397312]

    "ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]

    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

    "HP Software Update"=D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

    "COMODO Internet Security"=C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe [2009-08-27 1796368]

    "TomcatStartup 2.5"=C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-11-12 245760]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]

    "SpybotSD TeaTimer"=C:\Prog à moi\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-30 39408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

    Belkin Wireless Utility.lnk - C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe

    Démarrage rapide du logiciel HP Image Zone.lnk - D:\Prog à moi 2\HP\Digital Imaging\bin\hpqthb08.exe

    HP Digital Imaging Monitor.lnk - D:\Prog à moi 2\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

    C:\WINDOWS\system32\Ati2evxx.dll [2005-12-11 47104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

    C:\WINDOWS\system32\igfxdev.dll [2005-07-17 135168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "NoDriveTypeAutoRun"=323

    "NoDriveAutoRun"=67108863

    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "HonorAutoRunSetting"=

    "NoDriveAutoRun"=

    "NoDriveTypeAutoRun"=

    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

    "C:\WINDOWS\System32\FXSCLNT.exe"="C:\WINDOWS\System32\FXSCLNT.exe:*:Disabled:Microsoft Fax Console"

    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    "C:\Program Files\Hewlett-Packard\Toolbox\JRE\BIN\JAVAW.EXE"="C:\Program Files\Hewlett-Packard\Toolbox\JRE\BIN\JAVAW.EXE:*:Enabled:javaw"

    "C:\Prog à moi\eMule0.49\eMule0.49b\emule.exe"="C:\Prog à moi\eMule0.49\eMule0.49b\emule.exe:*:Enabled:eMule"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6deffaaa-f05b-11dc-ad24-00173f2900c0}]

    shell\AutoRun\command - G:\LaunchU3.exe

    ======List of files/folders created in the last 3 months======

    2009-08-28 17:56:13 ----D---- C:\rsit

    2009-08-28 14:50:07 ----D---- C:\killfix

    2009-08-28 14:50:06 ----A---- C:\WINDOWS\system32\CF27377.exe

    2009-08-28 14:47:39 ----A---- C:\WINDOWS\system32\CF26926.exe

    2009-08-28 14:46:44 ----D---- C:\Qoobox

    2009-08-28 12:57:11 ----A---- C:\fixnavi.txt

    2009-08-28 12:56:55 ----A---- C:\WINDOWS\system32\Process.exe

    2009-08-28 11:31:12 ----A---- C:\WINDOWS\ntbtlog.txt

    2009-08-28 09:20:28 ----A---- C:\FindyKill.txt

    2009-08-28 00:56:58 ----D---- C:\Program Files\trend micro

    2009-08-27 08:31:31 ----HD---- C:\WINDOWS\$NtUninstallKB970653-v3$

    2009-08-25 14:47:48 ----SHD---- C:\FOUND.001

    2009-08-22 15:05:20 ----SHD---- C:\FOUND.000

    2009-08-18 23:37:22 ----HD---- C:\WINDOWS\$NtUninstallKB968389$

    2009-08-17 20:00:44 ----HD---- C:\WINDOWS\$NtUninstallKB960859$

    2009-08-17 19:59:56 ----HD---- C:\WINDOWS\$NtUninstallKB971657$

    2009-08-17 19:59:25 ----HD---- C:\WINDOWS\$NtUninstallKB961118$

    2009-08-17 19:59:19 ----HD---- C:\WINDOWS\$NtUninstallKB971557$

    2009-08-17 19:58:08 ----HD---- C:\WINDOWS\$NtUninstallKB956744$

    2009-08-17 19:57:47 ----HD---- C:\WINDOWS\$NtUninstallKB973869$

    2009-08-17 19:57:41 ----HD---- C:\WINDOWS\$NtUninstallKB973507$

    2009-08-17 19:57:35 ----HD---- C:\WINDOWS\$NtUninstallKB973354$

    2009-08-17 19:57:24 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9$

    2009-08-17 19:54:25 ----HD---- C:\WINDOWS\$NtUninstallKB973815$

    2009-08-07 17:16:48 ----D---- C:\WINDOWS\system32\XPSViewer

    2009-08-07 17:16:42 ----D---- C:\Program Files\MSBuild

    2009-08-07 17:16:40 ----D---- C:\WINDOWS\system32\en-US

    2009-08-07 17:16:33 ----D---- C:\Program Files\Reference Assemblies

    2009-08-07 17:15:51 ----N---- C:\WINDOWS\system32\xpssvcs.dll

    2009-08-07 17:15:51 ----N---- C:\WINDOWS\system32\xpsshhdr.dll

    2009-08-07 17:15:51 ----N---- C:\WINDOWS\system32\prntvpt.dll

    2009-08-05 10:38:05 ----A---- C:\WINDOWS\system32\javaws.exe

    2009-08-05 10:38:05 ----A---- C:\WINDOWS\system32\javaw.exe

    2009-08-05 10:38:05 ----A---- C:\WINDOWS\system32\java.exe

    2009-07-27 18:15:43 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL

    2009-07-25 00:41:57 ----D---- C:\Program Files\AMtechnologie

    2009-07-24 20:07:08 ----A---- C:\WINDOWS\LisNet.TXT

    2009-07-24 19:27:56 ----A---- C:\WINDOWS\PROTOCOL.INI

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\VBAR332.DLL

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\VB5DB.DLL

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\MSREPL35.DLL

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\MSRD2X35.DLL

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\MSJTER35.DLL

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\MSJINT35.DLL

    2009-07-24 19:27:39 ----A---- C:\WINDOWS\system32\MSJET35.DLL

    2009-07-24 19:26:45 ----A---- C:\WINDOWS\unin040c.exe

    2009-07-21 18:38:37 ----HD---- C:\WINDOWS\$NtUninstallKB973346$

    2009-07-21 18:38:29 ----HD---- C:\WINDOWS\$NtUninstallKB971633$

    2009-07-21 18:34:21 ----HD---- C:\WINDOWS\$NtUninstallKB961371$

    2009-07-14 15:15:29 ----D---- C:\Program Files\SodeaSoft

    2009-06-15 12:03:48 ----D---- C:\WINDOWS\Sun

    2009-06-15 11:11:02 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee

    2009-06-11 23:11:28 ----HD---- C:\WINDOWS\$NtUninstallKB961501$

    2009-06-11 23:11:22 ----HD---- C:\WINDOWS\$NtUninstallKB969898$

    2009-06-11 23:08:44 ----HD---- C:\WINDOWS\$NtUninstallKB970238$

    2009-06-11 23:07:09 ----HD---- C:\WINDOWS\$NtUninstallKB968537$

    ======List of files/folders modified in the last 3 months======

    2009-08-28 10:51:22 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt

    2009-08-27 13:05:16 ----A---- C:\WINDOWS\system32\guard32.dll

    2009-08-27 11:47:10 ----A---- C:\WINDOWS\SchedLgU.Txt

    2009-08-07 17:21:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

    2009-08-05 11:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll

    2009-08-04 11:05:40 ----A---- C:\WINDOWS\win.ini

    2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe

    2009-07-25 05:23:00 ----A---- C:\WINDOWS\system32\deploytk.dll

    2009-07-25 00:42:02 ----A---- C:\WINDOWS\ODBCINST.INI

    2009-07-25 00:42:02 ----A---- C:\WINDOWS\ODBC.INI

    2009-07-19 15:29:22 ----A---- C:\WINDOWS\system32\mshtml.dll

    2009-07-19 15:29:20 ----A---- C:\WINDOWS\system32\ieframe.dll

    2009-07-17 21:03:34 ----A---- C:\WINDOWS\system32\atl.dll

    2009-07-14 13:03:14 ----N---- C:\WINDOWS\system32\tzchange.exe

    2009-07-13 23:43:24 ----A---- C:\WINDOWS\system32\wmpdxm.dll

    2009-07-13 23:43:24 ----A---- C:\WINDOWS\system32\wmp.dll

    2009-06-29 17:57:48 ----N---- C:\WINDOWS\system32\occache.dll

    2009-06-29 17:57:48 ----N---- C:\WINDOWS\system32\mstime.dll

    2009-06-29 17:57:48 ----N---- C:\WINDOWS\system32\msrating.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\wininet.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\webcheck.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\urlmon.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\url.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\pngfilt.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\mshtmled.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\msfeeds.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\jsproxy.dll

    2009-06-29 17:57:48 ----A---- C:\WINDOWS\system32\iertutil.dll

    2009-06-29 17:57:46 ----N---- C:\WINDOWS\system32\iernonce.dll

    2009-06-29 17:57:46 ----N---- C:\WINDOWS\system32\iedkcs32.dll

    2009-06-29 17:57:46 ----N---- C:\WINDOWS\system32\ieaksie.dll

    2009-06-29 17:57:46 ----N---- C:\WINDOWS\system32\ieakeng.dll

    2009-06-29 17:57:46 ----N---- C:\WINDOWS\system32\extmgr.dll

    2009-06-29 17:57:46 ----N---- C:\WINDOWS\system32\corpol.dll

    2009-06-29 17:57:46 ----A---- C:\WINDOWS\system32\ieencode.dll

    2009-06-29 17:57:46 ----A---- C:\WINDOWS\system32\ieapfltr.dll

    2009-06-29 17:57:46 ----A---- C:\WINDOWS\system32\icardie.dll

    2009-06-29 17:57:46 ----A---- C:\WINDOWS\system32\dxtrans.dll

    2009-06-29 17:57:46 ----A---- C:\WINDOWS\system32\dxtmsft.dll

    2009-06-29 17:57:46 ----A---- C:\WINDOWS\system32\advpack.dll

    2009-06-29 13:07:12 ----N---- C:\WINDOWS\system32\ie4uinit.exe

    2009-06-29 13:07:12 ----A---- C:\WINDOWS\system32\ieudinit.exe

    2009-06-29 10:33:40 ----N---- C:\WINDOWS\system32\ieakui.dll

    2009-06-25 10:26:32 ----A---- C:\WINDOWS\system32\wdigest.dll

    2009-06-25 10:26:32 ----A---- C:\WINDOWS\system32\secur32.dll

    2009-06-25 10:26:32 ----A---- C:\WINDOWS\system32\schannel.dll

    2009-06-25 10:26:32 ----A---- C:\WINDOWS\system32\msv1_0.dll

    2009-06-25 10:26:32 ----A---- C:\WINDOWS\system32\lsasrv.dll

    2009-06-25 10:26:32 ----A---- C:\WINDOWS\system32\kerberos.dll

    2009-06-16 16:40:02 ----A---- C:\WINDOWS\system32\t2embed.dll

    2009-06-16 16:40:02 ----A---- C:\WINDOWS\system32\fontsub.dll

    2009-06-15 12:44:50 ----A---- C:\WINDOWS\system32\telnet.exe

    2009-06-10 16:14:28 ----A---- C:\WINDOWS\system32\avifil32.dll

    2009-06-10 09:21:22 ----A---- C:\WINDOWS\system32\mstscax.dll

    2009-06-10 08:15:18 ----A---- C:\WINDOWS\system32\wkssvc.dll

    2009-06-03 21:10:34 ----A---- C:\WINDOWS\system32\quartz.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-08-27 25160]

    R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]

    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-01-06 6144]

    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2005-09-29 78720]

    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-07 191456]

    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-09-11 3298432]

    S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []

    S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

    S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-08-27 132168]

    S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

    S1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2008-03-17 19584]

    S1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []

    S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]

    S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-19 5632]

    S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-03-12 20747]

    S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]

    S2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []

    S2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []

    S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]

    S2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []

    S2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []

    S2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\pmemnt.sys []

    S2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-09 13440]

    S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-12-11 1414656]

    S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []

    S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []

    S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []

    S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []

    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

    S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]

    S3 DEKART38;Dekart Smart Card Reader; C:\WINDOWS\system32\DRIVERS\dekart38.sys []

    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS []

    S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]

    S3 HPPLSBULK;HPPLSBULK; C:\WINDOWS\system32\drivers\hpplsbulk.sys [2005-02-03 9344]

    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-01-17 49664]

    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-24 16496]

    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-24 21568]

    S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]

    S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-23 218496]

    S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-17 1049180]

    S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-17 4069888]

    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

    S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]

    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

    S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]

    S3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]

    S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]

    S3 RT61;Belkin RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-08-26 352768]

    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]

    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]

    S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []

    S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []

    S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]

    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    S4 Nwlnranr;Nwlnranr; C:\WINDOWS\system32\drivers\atmarpc.sys [2008-04-13 59904]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    S2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]

    S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]

    S2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]

    S2 cmdAgent;COMODO Internet Security Helper Service; C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe [2009-08-27 715392]

    S2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2008-05-08 122880]

    S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-09 114753]

    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]

    S2 iasnap32;IAS NAP Provider; C:\WINDOWS\system32\iasnap32.dll,azoj []

    S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]

    S2 MSSQL$ACT7;SQL Server (ACT7); C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]

    S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\hpzipm12.exe [2007-08-09 73728]

    S2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-09 217164]

    S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []

    S2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-09 540745]

    S2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

    S2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]

    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-09 68096]

    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-03-09 85096]

    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 182768]

    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-03 86016]

    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]

    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-12-11 393216]

    S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------
    0
  4. archet9
     
    Bonsoir rigattone

    Fais ceci en mode normal stp...(et non en mode sans echec)

    Télécharge RSIT (de random/random) sur le bureau :

    - Double clique sur RSIT.exe qui est sur le bureau
    - Clique sur Continue dans la fenêtre
    - RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
    - Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

    Les rapports sont dans le dossier ici C:\rsit
    a+

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. rigattone
     
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Rachel et Fred at 2009-09-01 00:16:10
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 6 GB (16%) free of 36 GB
    Total RAM: 1014 MB (65% free)

    HijackThis download failed

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\1 Copernic Intra-Daily ~ACER-CAB9EEA47C Rachel et Fred.job
    C:\WINDOWS\tasks\2 Copernic Daily ~ACER-CAB9EEA47C Rachel et Fred.job
    C:\WINDOWS\tasks\3 Copernic Weekly ~ACER-CAB9EEA47C Rachel et Fred.job
    C:\WINDOWS\tasks\4 Copernic Monthly ~ACER-CAB9EEA47C Rachel et Fred.job
    C:\WINDOWS\tasks\1 Copernic Intra-Daily ~ACER-CAB9EEA47C Projet.job
    C:\WINDOWS\tasks\2 Copernic Daily ~ACER-CAB9EEA47C Projet.job
    C:\WINDOWS\tasks\3 Copernic Weekly ~ACER-CAB9EEA47C Projet.job
    C:\WINDOWS\tasks\4 Copernic Monthly ~ACER-CAB9EEA47C Projet.job
    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-25 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-10 669168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
    PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-06-04 806912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {F2E259E8-0FC8-438C-A6E0-342DD80FA53E}
    {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-06-04 806912]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-25 259696]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-16 15600128]
    "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-07 102491]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-07 692315]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-10-19 69632]
    "EPM-DM"=c:\acer\Empowering Technology\ePower\epm-dm.exe [2005-11-25 212992]
    "Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2005-11-09 3084288]
    "eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2009-03-18 397312]
    "ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
    "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
    "HP Software Update"=D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "COMODO Internet Security"=C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe [2009-08-27 1796368]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-04-23 413696]
    "TomcatStartup 2.5"=C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-11-12 245760]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
    "SpybotSD TeaTimer"=C:\Prog à moi\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-30 39408]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Belkin Wireless Utility.lnk - C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe
    Démarrage rapide du logiciel HP Image Zone.lnk - D:\Prog à moi 2\HP\Digital Imaging\bin\hpqthb08.exe
    HP Digital Imaging Monitor.lnk - D:\Prog à moi 2\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2005-12-11 47104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxdev.dll [2005-07-17 135168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
    "C:\WINDOWS\System32\FXSCLNT.exe"="C:\WINDOWS\System32\FXSCLNT.exe:*:Disabled:Microsoft Fax Console"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Hewlett-Packard\Toolbox\JRE\BIN\JAVAW.EXE"="C:\Program Files\Hewlett-Packard\Toolbox\JRE\BIN\JAVAW.EXE:*:Enabled:javaw"
    "C:\Prog à moi\eMule0.49\eMule0.49b\emule.exe"="C:\Prog à moi\eMule0.49\eMule0.49b\emule.exe:*:Enabled:eMule"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6deffaaa-f05b-11dc-ad24-00173f2900c0}]
    shell\AutoRun\command - G:\LaunchU3.exe

    ======File associations======

    .scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
    .scr - install -
    .scr - config -

    ======List of files/folders created in the last 1 months======

    2009-08-31 11:09:00 ----SHD---- C:\FOUND.001
    2009-08-30 11:22:06 ----SHD---- C:\FOUND.000
    2009-08-29 19:03:47 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-08-29 18:13:24 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-08-29 14:17:15 ----D---- C:\Documents and Settings\Rachel et Fred\Application Data\Autodesk
    2009-08-28 17:56:13 ----D---- C:\rsit
    2009-08-28 14:50:07 ----D---- C:\killfix
    2009-08-28 14:50:06 ----A---- C:\WINDOWS\system32\CF27377.exe
    2009-08-28 14:47:39 ----A---- C:\WINDOWS\system32\CF26926.exe
    2009-08-28 14:46:44 ----D---- C:\Qoobox
    2009-08-28 12:57:11 ----A---- C:\fixnavi.txt
    2009-08-28 12:56:55 ----A---- C:\WINDOWS\system32\Process.exe
    2009-08-28 09:20:28 ----A---- C:\FindyKill.txt
    2009-08-28 00:56:58 ----D---- C:\Program Files\trend micro
    2009-08-07 17:16:48 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-08-07 17:16:42 ----D---- C:\Program Files\MSBuild
    2009-08-07 17:16:40 ----D---- C:\WINDOWS\system32\en-US
    2009-08-07 17:16:33 ----D---- C:\Program Files\Reference Assemblies
    2009-08-07 17:15:51 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-08-07 17:15:51 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-08-07 17:15:51 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-08-05 10:38:05 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-08-05 10:38:05 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-08-05 10:38:05 ----A---- C:\WINDOWS\system32\java.exe

    ======List of files/folders modified in the last 1 months======

    2009-08-31 23:31:12 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
    2009-08-27 13:05:16 ----A---- C:\WINDOWS\system32\guard32.dll
    2009-08-07 17:21:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-08-05 11:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll
    2009-08-04 11:05:40 ----A---- C:\WINDOWS\win.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-08-27 25160]
    R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-01-06 6144]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2005-09-29 78720]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-07 191456]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-09-11 3298432]
    S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
    S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
    S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-08-27 132168]
    S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
    S1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2008-03-17 19584]
    S1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
    S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-13 28520]
    S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-03-19 5632]
    S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-03-12 20747]
    S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-18 55656]
    S2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
    S2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
    S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    S2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
    S2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
    S2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\pmemnt.sys []
    S2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-09 13440]
    S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-12-11 1414656]
    S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
    S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
    S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
    S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    S3 DEKART38;Dekart Smart Card Reader; C:\WINDOWS\system32\DRIVERS\dekart38.sys []
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS []
    S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
    S3 HPPLSBULK;HPPLSBULK; C:\WINDOWS\system32\drivers\hpplsbulk.sys [2005-02-03 9344]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-01-17 49664]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-24 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-24 21568]
    S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
    S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-23 218496]
    S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-17 1049180]
    S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-17 4069888]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
    S3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
    S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888]
    S3 RT61;Belkin RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-08-26 352768]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
    S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
    S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 Nwlnranr;Nwlnranr; C:\WINDOWS\system32\drivers\atmarpc.sys [2008-04-13 59904]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    S2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-13 108289]
    S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-18 185089]
    S2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
    S2 cmdAgent;COMODO Internet Security Helper Service; C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe [2009-08-27 715392]
    S2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2008-05-08 122880]
    S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-09 114753]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S2 iasnap32;IAS NAP Provider; C:\WINDOWS\system32\iasnap32.dll,azoj []
    S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
    S2 MSSQL$ACT7;SQL Server (ACT7); C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
    S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\hpzipm12.exe [2007-08-09 73728]
    S2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-09 217164]
    S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
    S2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-09 540745]
    S2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
    S2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-09 68096]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
    S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe [2009-03-09 85096]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 182768]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-03 86016]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
    S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-12-11 393216]
    S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

    -----------------EOF-----------------

    info.txt logfile of random's system information tool 1.06 2009-08-28 17:57:03

    ======Uninstall list======

    -->C:\Prog à moi\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\WINDOWS\IsUn0c0c.exe -f"C:\Program Files\Motorola Inc.\Motorola USB Modem Installation\Uninst.isu"
    -->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer French Guide Link\Uninst.isu"
    -->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Acer eDataSecurity Management 1.00.23-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E431C518-2EE2-471E-9234-BE995C36D513}\setup.exe" -l0x40c -removeonly
    Acer eLock Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}
    Acer Empowering Technology framework-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{15B70821-7893-4607-805A-BB80F3EA8279}
    Acer eNet Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\Setup.exe" -l0x40c
    Acer ePerformance Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DEE08946-40F0-4890-853E-60A6C3306041}
    Acer ePower Management-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\Setup.exe" -l0x9
    Acer ePresentation Management-->C:\WINDOWS\UnInst32.exe AcerePrj.UNI
    Acer eSettings Management-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}
    Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
    Acer Screensaver-->MsiExec.exe /I{D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
    Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
    Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
    Adobe Reader Japanese Fonts-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-705000000001}
    Alice Auto-diagnostic-->C:\Program Files\TechCity Solutions\AliceSAV\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    AutoCAD 2008 - Français-->D:\Prog à moi 2\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-040C-0002-0060B0CE6BBA} /M ACAD
    Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
    AXMA-->C:\WINDOWS\IsUn040c.exe -f"C:\Prog à moi\AXMA\Fax-internet\Uninst.isu" -c"C:\Prog à moi\AXMA\Fax-internet\install.dll"
    Belkin 802.11g Wireless Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F07C011F-82D0-42CE-B2A6-28CD4BF385E2}\Setup.exe"
    CCleaner (remove only)-->"C:\Prog à moi\CCleaner\uninst.exe"
    COMODO Internet Security-->C:\Prog à moi\Comodo\COMODO Internet Security\cfpconfg.exe -u
    Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Copernic Agent Professional-->"C:\WINDOWS\CopernicAgentUninstall.exe" /ARGSFILE="C:\Prog à moi\Copernic Agent\unwise.dat"
    Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
    Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
    dBpoweramp m4a Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
    dBpoweramp Musepack Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Musepack Codec.dat
    dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
    dBpoweramp Ogg Vorbis Codec-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
    DivX Codec-->C:\Prog à moi\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Prog à moi\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Prog à moi\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Prog à moi\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_AcrS009E\HXFSETUP.EXE -U -IAcrS009E.inf
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"D:\Dossier Perso\00 Install\Sécurité Nettoyage\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    HP Color LaserJet 2820/2830/2840 2.0-->"D:\Prog à moi 2\HP\Digital Imaging\{1030DCDC-2425-407d-BEE1-13558B837FCA}\setup\hpzscr01.exe" -datfile hppscr01.dat
    HP Image Zone 4.7-->D:\Prog à moi 2\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
    Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
    IrfanView (remove only)-->C:\Prog à moi\IrfanView\iv_uninstall.exe
    IsoBuster 2.4-->"C:\Prog à moi\IsoBuster\Uninst\unins000.exe"
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
    Kit de Connexion Alice ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A0221AD-D30B-4320-8F9B-1D0F0E6C6843}\setup.exe" -l0x40c ControlPanel
    Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logiciel Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
    Lotus SmartSuite - Français-->MsiExec.exe /I{536D6172-7453-7569-7465-392E3830040C}
    Malwarebytes' Anti-Malware-->"C:\Prog à moi\Malwarebytes' Anti-Malware\unins000.exe"
    mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
    Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
    Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
    Microsoft SQL Server 2005 Express Edition (ACT7)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 8.0 Support DLLs-->MsiExec.exe /X{342F5437-C87D-4BB5-89B9-B23E16C6A395}
    Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Montpellier Business Plan Classic-->MsiExec.exe /I{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
    mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
    NTI Backup NOW! 4-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1036 BUN4
    Opera 9.51-->MsiExec.exe /X{179624B1-2683-45ED-965A-B72189EB5820}
    Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
    Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
    PDFCreator Toolbar-->"C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_2578.exe" _?=C:\Program Files\PDFCreator Toolbar
    PDFCreator-->C:\Prog à moi\PDFCreator\unins000.exe
    PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
    Radio Media Player-->C:\Program Files\Windows Media Player\Plugins\Radios Media Player\uninst.exe
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    Rhinoceros 4.0 Evaluation-->MsiExec.exe /I{761EC7CE-E646-4A8C-95DA-A24C6CDACF3F}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Spybot - Search & Destroy-->"C:\Prog à moi\Spybot - Search & Destroy\unins000.exe"
    SpywareBlaster 4.1-->"C:\Prog à moi\SpywareBlaster\unins000.exe"
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    VideoCAM GF112-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{088B7BF8-AC95-4348-B77B-619AEB3A74A5} /l1036
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    VLC media player 0.9.4-->C:\Prog à moi\VideoLAN\VLC\uninstall.exe
    VSO Image Resizer 2.0.1.7-->"D:\Prog à moi 2\Image Resizer\unins000.exe"
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    WinHTTrack Website Copier 3.41-3-->"D:\Prog à moi 2\WinHTTrack\unins000.exe"

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: AntiVir Desktop
    FW: COMODO Firewall

    ======System event log======

    Computer Name: ACER-CAB9EEA47C
    Event Code: 7026
    Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
    avgio
    avipbb
    cmdGuard
    Fips
    intelppm
    NetworkX
    ssmdrv
    StarOpen

    Record Number: 5
    Source Name: Service Control Manager
    Time Written: 20090828113306.000000+120
    Event Type: erreur
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 4201
    Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968} était connectée au réseau,
    et a lancé une opération normale sur la carte réseau.

    Record Number: 4
    Source Name: Tcpip
    Time Written: 20090828113143.000000+120
    Event Type: Informations
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 3
    Message: \Device\ACPIEC : Le contrôleur intégré du matériel a renvoyé des données alors que rien n'a été demandé. Ceci pourrait indiquer que le BIOS a tenté d'accéder au contrôleur intégré de manière incorrecte, sans synchronisation avec le système d'exploitation. Les données vont être ignorées.

    Record Number: 3
    Source Name: ACPIEC
    Time Written: 20090828113136.000000+120
    Event Type: Avertissement
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 6005
    Message: Le service d'Enregistrement d'événement a démarré.

    Record Number: 2
    Source Name: EventLog
    Time Written: 20090828113118.000000+120
    Event Type: Informations
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 6009
    Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

    Record Number: 1
    Source Name: EventLog
    Time Written: 20090828113118.000000+120
    Event Type: Informations
    User:

    =====Application event log=====

    Computer Name: ACER-CAB9EEA47C
    Event Code: 17895
    Message: CPU time stamp frequency has changed from 153939 to 336971 ticks per millisecond. The new frequency will be used.

    Record Number: 43157
    Source Name: MSSQL$ACT7
    Time Written: 20090803133922.000000+120
    Event Type: Informations
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 17895
    Message: CPU time stamp frequency has changed from 286845 to 153939 ticks per millisecond. The new frequency will be used.

    Record Number: 43156
    Source Name: MSSQL$ACT7
    Time Written: 20090803132322.000000+120
    Event Type: Informations
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 17895
    Message: CPU time stamp frequency has changed from 439883 to 286845 ticks per millisecond. The new frequency will be used.

    Record Number: 43155
    Source Name: MSSQL$ACT7
    Time Written: 20090803130322.000000+120
    Event Type: Informations
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 17895
    Message: CPU time stamp frequency has changed from 147372 to 439883 ticks per millisecond. The new frequency will be used.

    Record Number: 43154
    Source Name: MSSQL$ACT7
    Time Written: 20090803125122.000000+120
    Event Type: Informations
    User:

    Computer Name: ACER-CAB9EEA47C
    Event Code: 17895
    Message: CPU time stamp frequency has changed from 346247 to 147372 ticks per millisecond. The new frequency will be used.

    Record Number: 43153
    Source Name: MSSQL$ACT7
    Time Written: 20090803123522.000000+120
    Event Type: Informations
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Intel\Wireless\Bin;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Prog à moi\IsoBuster;C:\Prog à moi\Samsung\Samsung PC Studio 3;D:\Prog à moi 2\Samsung\Samsung PC Studio 3
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
    "PROCESSOR_REVISION"=0d08
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "SAFEBOOT_OPTION"=NETWORK

    -----------------EOF-----------------
    0
  7. archet9
     
    Telecharge GENPROC

    http://www.genproc.com/GenProc.exe

    Copie et colle le rapport stp...

    a+
    0
  8. rigattone
     
    Salut,

    voici le rapport
    Rapport GenProc 2.617 [2] - 2009-09-01 à 9:09:22
    @ Windows XP Service Pack 3 - Mode normal

    Il est impératif de désactiver le résident TeaTimer de Spybot pendant l'ensemble des manipulations qui vont suivre. Aide Tea-Timer : http://ww11.genproc.com/spybot/spybot.html

    # Etape 1/ Télécharge :

    - CCleaner https://www.ccleaner.com/ccleaner/download (FileHippo). Ce logiciel va permettre de supprimer tous les fichiers temporaires. Lance-le et clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. Ferme le programme.

    - USBFix http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe (Chiquitine29) sur le Bureau, et procède simplement à son installation.

    Redémarre en mode sans échec comme indiqué ici https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/ ; Choisis ta session courante *** Rachel et Fred *** (pour retrouver le rapport, clique sur le raccourci "Rapport GenProc[2]" sur ton bureau).

    # Etape 2/

    Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectées sans les ouvrir, puis double-clique sur le raccourci USBFix présent sur ton Bureau : choisis l' option 2 (Suppression), ton bureau disparaitra et le pc redémarrera. Au redémarrage, USBFix scannera ton pc, laisse travailler l'outil.

    # Etape 3/

    Lance CCleaner : "Nettoyeur"/"lancer le nettoyage" et c'est tout.

    # Etape 4/

    Redémarre normalement et poste, dans la même réponse :

    - Le contenu du rapport UsbFix.txt situé dans C:\ ;
    - Un nouveau rapport HijackThis http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ;
    - Un nouveau rapport GenProc ;

    Précise les difficultés que tu as eu (ce que tu n'as pas pu faire...) ainsi que l'évolution de la situation.

    ~~ Arguments de la procédure ~~

    # Détections [1] GenProc 2.617 2009-09-01 à 9:03:40

    # Détections [2] GenProc 2.617 2009-09-01 à 9:10:20
    USBFix:le 2009-09-01 à 9:14:08 "C:\WINDOWS\antiv.exe"

    ----------------------------------------------------------------------
    Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
    ----------------------------------------------------------------------

    ~~ Fin à 9:15:27 ~~
    0
  9. archet9
     
    Ok,
    suis la procédure indiquée et poste moi les rapports stp...

    a+
    0
  10. rigattone
     
    Salut,

    Voici les rapports:

    ############################## | UsbFix V6.024 |

    User : Rachel et Fred (Administrateurs) # ACER-CAB9EEA47C
    Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
    Start at: 09:41:07 | 2009-09-02
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Pentium(R) M processor 1.73GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 7.0.5730.13
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
    FW : COMODO Firewall[ Enabled ]3.9

    C:\ -> Disque fixe local # 35.06 Go (3.96 Go free) [ACER] # FAT32
    D:\ -> Disque fixe local # 35.55 Go (20.64 Go free) [ACERDATA] # FAT32
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM # 4.09 Mo (0 Mo free) [U3 System] # CDFS
    G:\ -> Disque amovible # 1.86 Go (562 Mo free) [My U3 Drive] # FAT

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hpzipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\WINDOWS\antiv.exe
    Non supprimé ! F:\autorun.inf

    ################## | Autres |

    ################## | Suspect ! ... | https://www.virustotal.com/gui/ |

    ################## | Registre # Clés Run infectieuses |

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [2009-01-21 16:47|--ah-----|232] -> C:\sqmdata09.sqm
    [2008-11-05 23:04|--ah-----|232] -> C:\sqmdata06.sqm
    [2004-08-05 05:00|-rahs----|4952] -> C:\Bootfont.bin
    [2008-10-07 13:55|-rahs----|252240] -> C:\ntldr
    [2004-08-05 05:00|-rahs----|47564] -> C:\NTDETECT.COM
    [2008-03-20 12:36|-rahs----|216] -> C:\boot.ini
    [2006-01-06 06:31|--a------|0] -> C:\CONFIG.SYS
    [2006-01-06 06:58|--a------|50] -> C:\AUTOEXEC.BAT
    [2006-01-06 06:31|-rahs----|0] -> C:\IO.SYS
    [2006-01-06 06:31|-rahs----|0] -> C:\MSDOS.SYS
    [2006-01-06 17:26|-rahs----|75] -> C:\Preload.aaa
    [2008-11-05 23:04|--ah-----|244] -> C:\sqmnoopt06.sqm
    [?|?|?] -> C:\pagefile.sys
    [?|?|?] -> C:\hiberfil.sys
    [2008-11-05 23:34|--ah-----|244] -> C:\sqmnoopt07.sqm
    [2008-11-05 23:34|--ah-----|232] -> C:\sqmdata07.sqm
    [2008-11-06 18:23|--ah-----|244] -> C:\sqmnoopt08.sqm
    [2008-11-06 18:23|--ah-----|232] -> C:\sqmdata08.sqm
    [2009-02-06 00:06|--a------|74] -> C:\CMLoader.log
    [2008-12-01 13:25|--a------|7172] -> C:\AD-report-01.12.2008.log
    [2009-01-21 16:47|--ah-----|244] -> C:\sqmnoopt09.sqm
    [2009-02-22 13:14|--a------|146029950] -> C:\log_fs.log
    [2009-03-09 15:09|--a------|5191] -> C:\PERF.LOG
    [2009-03-07 01:42|--ah-----|244] -> C:\sqmnoopt10.sqm
    [2009-03-07 01:42|--ah-----|232] -> C:\sqmdata10.sqm
    [2009-03-07 16:38|--ah-----|244] -> C:\sqmnoopt11.sqm
    [2009-03-07 16:38|--ah-----|232] -> C:\sqmdata11.sqm
    [2009-03-18 11:22|--a------|5148] -> C:\aaw7boot.log
    [2009-09-01 09:52|--a------|638] -> C:\TCleaner.txt
    [2009-03-19 19:40|--ah-----|244] -> C:\sqmnoopt12.sqm
    [2009-03-19 19:40|--ah-----|232] -> C:\sqmdata12.sqm
    [2009-03-22 01:04|--ah-----|244] -> C:\sqmnoopt13.sqm
    [2009-03-22 01:04|--ah-----|232] -> C:\sqmdata13.sqm
    [2009-07-13 19:14|--a------|508] -> C:\updatedatfix.log
    [2009-07-17 16:17|--ah-----|244] -> C:\sqmnoopt14.sqm
    [2009-07-17 16:17|--ah-----|232] -> C:\sqmdata14.sqm
    [2009-07-19 00:18|--ah-----|244] -> C:\sqmnoopt15.sqm
    [2009-07-19 00:18|--ah-----|232] -> C:\sqmdata15.sqm
    [2009-07-27 23:14|--ah-----|244] -> C:\sqmnoopt16.sqm
    [2009-07-27 23:14|--ah-----|232] -> C:\sqmdata16.sqm
    [2009-07-28 09:02|--ah-----|244] -> C:\sqmnoopt17.sqm
    [2009-07-28 09:02|--ah-----|232] -> C:\sqmdata17.sqm
    [2009-07-29 00:42|--ah-----|244] -> C:\sqmnoopt18.sqm
    [2009-07-29 00:42|--ah-----|232] -> C:\sqmdata18.sqm
    [2009-07-29 11:27|--ah-----|244] -> C:\sqmnoopt19.sqm
    [2009-07-29 11:27|--ah-----|232] -> C:\sqmdata19.sqm
    [2009-09-02 09:48|--a------|5067] -> C:\UsbFix.txt
    [2009-07-29 11:58|--ah-----|244] -> C:\sqmnoopt00.sqm
    [2009-07-29 11:58|--ah-----|232] -> C:\sqmdata00.sqm
    [2009-07-29 15:43|--ah-----|244] -> C:\sqmnoopt01.sqm
    [2009-07-29 15:43|--ah-----|232] -> C:\sqmdata01.sqm
    [2008-06-04 12:13|--ah-----|244] -> C:\sqmnoopt02.sqm
    [2008-06-04 12:13|--ah-----|268] -> C:\sqmdata02.sqm
    [2008-10-28 00:44|--a------|9325] -> C:\ActExtLog.txt
    [2008-10-07 14:16|--ah-----|244] -> C:\sqmnoopt03.sqm
    [2008-10-07 14:16|--ah-----|232] -> C:\sqmdata03.sqm
    [2008-10-07 14:47|--ah-----|244] -> C:\sqmnoopt04.sqm
    [2008-10-07 14:47|--ah-----|232] -> C:\sqmdata04.sqm
    [2008-10-21 18:41|--ah-----|244] -> C:\sqmnoopt05.sqm
    [2008-10-21 18:41|--ah-----|232] -> C:\sqmdata05.sqm
    [2006-02-13 19:09|-r-------|921600] -> F:\LaunchU3.exe
    [2006-04-25 16:37|-r-------|2992834] -> F:\Launchpad.zip
    [2006-02-13 19:08|-r-------|145] -> F:\autorun.inf
    [2006-02-13 18:09|-ra------|921600] -> G:\LaunchU3.exe

    ################## | Cracks / Keygens / Serials |

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:40, on 2009-09-02
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\system32\hpzipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe
    C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
    C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
    D:\Prog à moi 2\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Dossier Perso\00 Install\Sécurité Nettoyage\Rachel et Fred.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - (no file)
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Belkin Wireless Utility.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
    O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Prog à moi\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGÀM~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE (file missing)
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGÀM~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968}: NameServer = 213.36.80.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IAS NAP Provider (iasnap32) - Unknown owner - rundll32.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    0
  11. rigattone
     
    Salut,

    Voici les rapports:

    ############################## | UsbFix V6.024 |

    User : Rachel et Fred (Administrateurs) # ACER-CAB9EEA47C
    Update on 01/09/09 by Chiquitine29, C_XX & Chimay8
    Start at: 09:41:07 | 2009-09-02
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Pentium(R) M processor 1.73GHz
    Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 7.0.5730.13
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]
    FW : COMODO Firewall[ Enabled ]3.9

    C:\ -> Disque fixe local # 35.06 Go (3.96 Go free) [ACER] # FAT32
    D:\ -> Disque fixe local # 35.55 Go (20.64 Go free) [ACERDATA] # FAT32
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM # 4.09 Mo (0 Mo free) [U3 System] # CDFS
    G:\ -> Disque amovible # 1.86 Go (562 Mo free) [My U3 Drive] # FAT

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\hpzipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\WINDOWS\antiv.exe
    Non supprimé ! F:\autorun.inf

    ################## | Autres |

    ################## | Suspect ! ... | https://www.virustotal.com/gui/ |

    ################## | Registre # Clés Run infectieuses |

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\F\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [2009-01-21 16:47|--ah-----|232] -> C:\sqmdata09.sqm
    [2008-11-05 23:04|--ah-----|232] -> C:\sqmdata06.sqm
    [2004-08-05 05:00|-rahs----|4952] -> C:\Bootfont.bin
    [2008-10-07 13:55|-rahs----|252240] -> C:\ntldr
    [2004-08-05 05:00|-rahs----|47564] -> C:\NTDETECT.COM
    [2008-03-20 12:36|-rahs----|216] -> C:\boot.ini
    [2006-01-06 06:31|--a------|0] -> C:\CONFIG.SYS
    [2006-01-06 06:58|--a------|50] -> C:\AUTOEXEC.BAT
    [2006-01-06 06:31|-rahs----|0] -> C:\IO.SYS
    [2006-01-06 06:31|-rahs----|0] -> C:\MSDOS.SYS
    [2006-01-06 17:26|-rahs----|75] -> C:\Preload.aaa
    [2008-11-05 23:04|--ah-----|244] -> C:\sqmnoopt06.sqm
    [?|?|?] -> C:\pagefile.sys
    [?|?|?] -> C:\hiberfil.sys
    [2008-11-05 23:34|--ah-----|244] -> C:\sqmnoopt07.sqm
    [2008-11-05 23:34|--ah-----|232] -> C:\sqmdata07.sqm
    [2008-11-06 18:23|--ah-----|244] -> C:\sqmnoopt08.sqm
    [2008-11-06 18:23|--ah-----|232] -> C:\sqmdata08.sqm
    [2009-02-06 00:06|--a------|74] -> C:\CMLoader.log
    [2008-12-01 13:25|--a------|7172] -> C:\AD-report-01.12.2008.log
    [2009-01-21 16:47|--ah-----|244] -> C:\sqmnoopt09.sqm
    [2009-02-22 13:14|--a------|146029950] -> C:\log_fs.log
    [2009-03-09 15:09|--a------|5191] -> C:\PERF.LOG
    [2009-03-07 01:42|--ah-----|244] -> C:\sqmnoopt10.sqm
    [2009-03-07 01:42|--ah-----|232] -> C:\sqmdata10.sqm
    [2009-03-07 16:38|--ah-----|244] -> C:\sqmnoopt11.sqm
    [2009-03-07 16:38|--ah-----|232] -> C:\sqmdata11.sqm
    [2009-03-18 11:22|--a------|5148] -> C:\aaw7boot.log
    [2009-09-01 09:52|--a------|638] -> C:\TCleaner.txt
    [2009-03-19 19:40|--ah-----|244] -> C:\sqmnoopt12.sqm
    [2009-03-19 19:40|--ah-----|232] -> C:\sqmdata12.sqm
    [2009-03-22 01:04|--ah-----|244] -> C:\sqmnoopt13.sqm
    [2009-03-22 01:04|--ah-----|232] -> C:\sqmdata13.sqm
    [2009-07-13 19:14|--a------|508] -> C:\updatedatfix.log
    [2009-07-17 16:17|--ah-----|244] -> C:\sqmnoopt14.sqm
    [2009-07-17 16:17|--ah-----|232] -> C:\sqmdata14.sqm
    [2009-07-19 00:18|--ah-----|244] -> C:\sqmnoopt15.sqm
    [2009-07-19 00:18|--ah-----|232] -> C:\sqmdata15.sqm
    [2009-07-27 23:14|--ah-----|244] -> C:\sqmnoopt16.sqm
    [2009-07-27 23:14|--ah-----|232] -> C:\sqmdata16.sqm
    [2009-07-28 09:02|--ah-----|244] -> C:\sqmnoopt17.sqm
    [2009-07-28 09:02|--ah-----|232] -> C:\sqmdata17.sqm
    [2009-07-29 00:42|--ah-----|244] -> C:\sqmnoopt18.sqm
    [2009-07-29 00:42|--ah-----|232] -> C:\sqmdata18.sqm
    [2009-07-29 11:27|--ah-----|244] -> C:\sqmnoopt19.sqm
    [2009-07-29 11:27|--ah-----|232] -> C:\sqmdata19.sqm
    [2009-09-02 09:48|--a------|5067] -> C:\UsbFix.txt
    [2009-07-29 11:58|--ah-----|244] -> C:\sqmnoopt00.sqm
    [2009-07-29 11:58|--ah-----|232] -> C:\sqmdata00.sqm
    [2009-07-29 15:43|--ah-----|244] -> C:\sqmnoopt01.sqm
    [2009-07-29 15:43|--ah-----|232] -> C:\sqmdata01.sqm
    [2008-06-04 12:13|--ah-----|244] -> C:\sqmnoopt02.sqm
    [2008-06-04 12:13|--ah-----|268] -> C:\sqmdata02.sqm
    [2008-10-28 00:44|--a------|9325] -> C:\ActExtLog.txt
    [2008-10-07 14:16|--ah-----|244] -> C:\sqmnoopt03.sqm
    [2008-10-07 14:16|--ah-----|232] -> C:\sqmdata03.sqm
    [2008-10-07 14:47|--ah-----|244] -> C:\sqmnoopt04.sqm
    [2008-10-07 14:47|--ah-----|232] -> C:\sqmdata04.sqm
    [2008-10-21 18:41|--ah-----|244] -> C:\sqmnoopt05.sqm
    [2008-10-21 18:41|--ah-----|232] -> C:\sqmdata05.sqm
    [2006-02-13 19:09|-r-------|921600] -> F:\LaunchU3.exe
    [2006-04-25 16:37|-r-------|2992834] -> F:\Launchpad.zip
    [2006-02-13 19:08|-r-------|145] -> F:\autorun.inf
    [2006-02-13 18:09|-ra------|921600] -> G:\LaunchU3.exe

    ################## | Cracks / Keygens / Serials |

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:40, on 2009-09-02
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\system32\hpzipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe
    C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
    C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
    D:\Prog à moi 2\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Dossier Perso\00 Install\Sécurité Nettoyage\Rachel et Fred.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - (no file)
    O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Prog à moi\Comodo\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Belkin Wireless Utility.lnk = ?
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
    O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Prog à moi\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGÀM~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE (file missing)
    O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Prog à moi 2\WinHTTrack\WinHTTrackIEBar.dll
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGÀM~1\COPERN~1\COPERN~1.EXE (file missing)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGÀM~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGÀM~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968}: NameServer = 213.36.80.1
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: IAS NAP Provider (iasnap32) - Unknown owner - rundll32.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    0
  12. rigattone
     
    Il y a malheureusement pas d'amélioration,
    en mode sans échec le cpu tourne à entre 0 et 5%,
    en mode normal, sans avoir aucune application ouverte il est déjà à 96%. Les manip sont très très lente (souris, frappe, ouverture et fermeture de prog). De plus il m'est quasi impossible d'arrêter le pc correctement, message d'erreur du type "le programme ne se ferme pas" sur Explorer et qq fois d'autres.

    Est ce matériel ou viral.
    Merci
    0
  13. rigattone
     
    Salut,

    En allant dans la page démarrage de msconfig, j'ai vu que j'avais le fichier winupgro.exe dans le dossier
    C:\Documents and Settings\Projet\Application Data\drivers

    Je l'ai décoché au démarrage pour l'instant, en attente de la suite.
    Est ce que ça peut être la cause ou une des causes du pb actuel?

    Merci
    0
  14. archet9
     
    Re...

    En allant dans la page démarrage de msconfig, j'ai vu que j'avais le fichier winupgro.exe dans le dossier
    C:\Documents and Settings\Projet\Application Data\drivers


    ===> INFECTION BAGLE

    En conséquences:

    Télécharge FindyKill
    de Chiquitine29 sur ton bureau :

    http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

    ! Déconnecte toi et ferme toutes applications en cours !

    • Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

    • Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

    • Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

    • Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    • Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

    ? Laisse travailler l'outil et ne touche à rien ...

    --> Poste le rapport qui apparait à la fin , sur le forum ...

    ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

    a+

    0
  15. rigattone
     
    Salut,

    mais j'ai déjà appliqué findykill sans succès, voici le rapport:

    ############################## | FindyKill V5.007 |

    # User : Rachel et Fred (Administrateurs) # ACER-CAB9EEA47C
    # Update on 31/08/09 by Chiquitine29
    # Start at: 12:20:55 | 2009-09-03
    # Website : http://pagesperso-orange.fr/NosTools/index.html

    # Intel(R) Pentium(R) M processor 1.73GHz
    # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 7.0.5730.13
    # Windows Firewall Status : Disabled
    # AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]
    # FW : COMODO Firewall[ (!) Disabled ]3.9

    # C:\ # Disque fixe local # 35.06 Go (3.93 Go free) [ACER] # FAT32
    # D:\ # Disque fixe local # 35.55 Go (20.63 Go free) [ACERDATA] # FAT32
    # E:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\Explorer.EXE
    C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\system32\hpzipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe
    D:\Prog à moi 2\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | C: |

    ################## | C:\WINDOWS |

    ################## | C:\WINDOWS\system32 |

    ################## | C:\WINDOWS\system32\drivers |

    ################## | C:\Documents and Settings\Rachel et Fred\Application Data |

    ################## | C:\Documents and Settings\Rachel et Fred\Temporary Internet Files |

    ################## | Registre / Clés infectieuses |

    ################## | Etat / Services / Informations |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | Cracks / Keygens / Serials |

    ################## | ! Fin du rapport # FindyKill V5.007 ! |

    Le fichier winupgro est tjs présent.

    Est ce la cause ou une des causes de mes problèmes?
    Merci
    0
  16. rigattone
     
    Salut,

    mais j'ai déjà appliqué findykill sans succès, voici le rapport:

    ############################## | FindyKill V5.007 |

    # User : Rachel et Fred (Administrateurs) # ACER-CAB9EEA47C
    # Update on 31/08/09 by Chiquitine29
    # Start at: 12:20:55 | 2009-09-03
    # Website : http://pagesperso-orange.fr/NosTools/index.html

    # Intel(R) Pentium(R) M processor 1.73GHz
    # Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 7.0.5730.13
    # Windows Firewall Status : Disabled
    # AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]
    # FW : COMODO Firewall[ (!) Disabled ]3.9

    # C:\ # Disque fixe local # 35.06 Go (3.93 Go free) [ACER] # FAT32
    # D:\ # Disque fixe local # 35.55 Go (20.63 Go free) [ACERDATA] # FAT32
    # E:\ # Disque CD-ROM

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Prog à moi\Comodo\COMODO Internet Security\cmdagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\SCardSvr.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\Explorer.EXE
    C:\Prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\WINDOWS\system32\hpzipm12.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    D:\Prog à moi 2\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe
    D:\Prog à moi 2\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | C: |

    ################## | C:\WINDOWS |

    ################## | C:\WINDOWS\system32 |

    ################## | C:\WINDOWS\system32\drivers |

    ################## | C:\Documents and Settings\Rachel et Fred\Application Data |

    ################## | C:\Documents and Settings\Rachel et Fred\Temporary Internet Files |

    ################## | Registre / Clés infectieuses |

    ################## | Etat / Services / Informations |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | Cracks / Keygens / Serials |

    ################## | ! Fin du rapport # FindyKill V5.007 ! |

    Le fichier winupgro est tjs présent.

    Est ce la cause ou une des causes de mes problèmes?
    Merci
    0
  17. archet9
     
    ---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    /!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

    ---> Double-clique sur Combofix.exe
    Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
    Accepte en cliquant sur "Oui"

    ---> Mets-le en langue française F
    Tape sur la touche 1 (Yes) pour démarrer le scan.

    /!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

    En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

    Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

    /!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

    Note : Le rapport se trouve également là : C:\ComboFix.txt

    a+
    0
  18. rigattone
     
    Voici le rapport, pas d'amélioration pour l'instant.

    ComboFix 09-09-01.04 - Rachel et Fred 2009-09-06 22:45.5.1 - FAT32x86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1014.495 [GMT 2:00]
    Running from: c:\documents and settings\Rachel et Fred\Bureau\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
    FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\Installer\67c0ba.msp
    c:\windows\Installer\67c0be.msp
    c:\windows\Installer\67c0c2.msp
    c:\windows\Installer\67c0c3.msp
    c:\windows\Installer\67c0c7.msp
    c:\windows\Installer\67c0cb.msp

    .
    ((((((((((((((((((((((((( Files Created from 2009-08-06 to 2009-09-06 )))))))))))))))))))))))))))))))
    .

    2009-09-05 16:08 . 2009-09-05 16:08 -------- d-sh--w- C:\FOUND.003
    2009-09-04 07:48 . 2009-09-04 07:48 -------- d-sh--w- C:\FOUND.002
    2009-09-02 08:41 . 2009-09-02 08:41 -------- d-----w- C:\GenProc
    2009-09-01 19:42 . 2009-09-01 19:42 0 ----a-w- c:\windows\nsreg.dat
    2009-09-01 19:38 . 2009-09-01 19:38 -------- d-----w- c:\documents and settings\Rachel et Fred\Local Settings\Application Data\Mozilla
    2009-08-31 21:20 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-08-31 21:20 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-08-31 09:09 . 2009-08-31 09:09 -------- d-sh--w- C:\FOUND.001
    2009-08-30 15:45 . 2005-06-30 14:58 7296 ----a-w- c:\windows\system32\drivers\osaio.sys
    2009-08-30 09:22 . 2009-08-30 09:22 -------- d-sh--w- C:\FOUND.000
    2009-08-29 12:17 . 2009-08-29 12:17 -------- d-----w- c:\documents and settings\Rachel et Fred\Local Settings\Application Data\Autodesk
    2009-08-29 12:17 . 2009-08-29 12:17 -------- d-----w- c:\documents and settings\Rachel et Fred\Application Data\Autodesk
    2009-08-28 12:50 . 2009-08-28 12:50 -------- d-----w- C:\killfix
    2009-08-27 22:56 . 2009-08-27 22:57 -------- d-----w- c:\program files\trend micro
    2009-08-17 15:01 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-09-03 21:53 . 2008-10-01 22:10 40960 ----a-r- c:\documents and settings\Projet\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut2_EDA1C1F7F27E4B20B9BC39964452DBB1.exe
    2009-09-03 21:53 . 2008-10-01 22:10 40960 ----a-r- c:\documents and settings\Projet\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\NewShortcut1_EDA1C1F7F27E4B20B9BC39964452DBB1.exe
    2009-09-03 21:53 . 2008-10-01 22:10 10134 ----a-r- c:\documents and settings\Projet\Application Data\Microsoft\Installer\{EDA1C1F7-F27E-4B20-B9BC-39964452DBB1}\ARPPRODUCTICON.exe
    2009-09-02 07:54 . 2006-01-06 15:16 561994 ----a-w- c:\windows\system32\perfh00C.dat
    2009-09-02 07:54 . 2006-01-06 15:16 103994 ----a-w- c:\windows\system32\perfc00C.dat
    2009-09-01 23:19 . 2006-01-06 15:04 664 ----a-w- c:\windows\system32\d3d9caps.dat
    2009-08-27 11:05 . 2009-03-18 10:03 179792 ----a-w- c:\windows\system32\guard32.dll
    2009-08-27 11:05 . 2009-03-18 10:03 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
    2009-08-27 11:05 . 2009-03-18 10:03 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
    2009-08-27 11:05 . 2009-03-18 10:03 132168 ----a-w- c:\windows\system32\drivers\cmdguard.sys
    2009-08-18 13:21 . 2009-04-30 20:17 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2009-08-17 10:34 . 2008-03-11 23:05 119376 ----a-w- c:\documents and settings\Projet\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-08-17 09:52 . 2008-10-24 17:05 119376 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2009-08-07 15:16 . 2009-08-07 15:16 -------- d-----w- c:\program files\MSBuild
    2009-08-07 15:16 . 2009-08-07 15:16 -------- d-----w- c:\program files\Reference Assemblies
    2009-08-05 09:00 . 2004-08-05 03:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-08-05 08:36 . 2009-08-05 08:36 152576 ----a-w- c:\documents and settings\Projet\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
    2009-07-25 03:23 . 2009-01-12 17:45 411368 ----a-w- c:\windows\system32\deploytk.dll
    2009-07-24 22:41 . 2009-07-24 22:41 -------- d-----w- c:\program files\AMtechnologie
    2009-07-17 19:03 . 2004-08-05 03:00 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-14 13:22 . 2009-07-14 13:22 -------- d-----w- c:\documents and settings\Projet\Application Data\SodeaSoft
    2009-07-14 13:15 . 2009-07-14 13:15 -------- d-----w- c:\program files\SodeaSoft
    2009-07-13 21:43 . 2004-08-05 03:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    2009-06-29 15:57 . 2004-08-05 03:00 827392 ------w- c:\windows\system32\wininet.dll
    2009-06-29 15:57 . 2004-08-05 03:00 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-06-29 15:57 . 2004-08-05 03:00 17408 ------w- c:\windows\system32\corpol.dll
    2009-06-25 08:26 . 2004-08-05 03:00 736768 ----a-w- c:\windows\system32\lsasrv.dll
    2009-06-25 08:26 . 2004-08-05 03:00 56832 ----a-w- c:\windows\system32\secur32.dll
    2009-06-25 08:26 . 2004-08-05 03:00 54272 ----a-w- c:\windows\system32\wdigest.dll
    2009-06-25 08:26 . 2004-08-05 03:00 301568 ----a-w- c:\windows\system32\kerberos.dll
    2009-06-25 08:26 . 2004-08-05 03:00 147456 ----a-w- c:\windows\system32\schannel.dll
    2009-06-25 08:26 . 2004-08-05 03:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-06-24 11:18 . 2004-08-05 03:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2009-06-16 14:40 . 2004-08-05 03:00 81920 ----a-w- c:\windows\system32\fontsub.dll
    2009-06-16 14:40 . 2004-08-05 03:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-06-15 10:44 . 2004-08-05 03:00 78848 ----a-w- c:\windows\system32\telnet.exe
    2009-06-15 09:57 . 2009-06-15 09:10 152576 ----a-w- c:\documents and settings\Projet\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
    2009-06-10 14:14 . 2004-08-05 03:00 85504 ----a-w- c:\windows\system32\avifil32.dll
    2009-06-10 07:21 . 2004-08-05 03:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
    2009-06-10 06:15 . 2004-08-05 03:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
    2008-06-04 14:30 . 2008-06-04 14:30 15397 ----a-w- c:\program files\settings.dat
    2008-03-31 12:40 . 2008-03-31 12:40 3785 ----a-w- c:\program files\index.swf
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-09-02_12.31.11 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2009-09-04 19:42 . 2009-09-04 19:42 16384 c:\windows\Temp\Perflib_Perfdata_2f4.dat
    + 2004-12-07 15:07 . 2009-09-06 00:14 102400 c:\windows\BDOSCAN8\bdcore.dll
    - 2004-12-07 15:07 . 2009-03-16 21:48 102400 c:\windows\BDOSCAN8\bdcore.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-30 39408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-07 102491]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-07 692315]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 59392]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
    "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-10-19 69632]
    "EPM-DM"="c:\acer\Empowering Technology\ePower\epm-dm.exe" [2005-11-25 212992]
    "Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2005-11-09 3084288]
    "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2009-03-18 397312]
    "ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "COMODO Internet Security"="c:\prog à moi\Comodo\COMODO Internet Security\cfp.exe" [2009-08-27 1796368]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-04-23 413696]
    "TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-11-12 245760]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2005-11-16 15600128]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    "DWQueuedReporting"="c:\progra~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Belkin Wireless Utility.lnk - c:\program files\Belkin\Belkin 802.11g Wireless Card Configuration Utility\Belkinwcui.exe [2008-3-12 1523712]
    D‚marrage rapide du logiciel HP Image Zone.lnk - d:\prog … moi 2\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-4 53248]
    HP Digital Imaging Monitor.lnk - d:\prog … moi 2\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\system32\guard32.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
    @="Service"
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\System32\\FXSCLNT.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\Hewlett-Packard\\Toolbox\\JRE\\BIN\\JAVAW.EXE"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "4876:TCP"= 4876:TCP:messenger

    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-03-18 132168]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-03-18 25160]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-04-30 108289]
    R2 MSSQL$ACT7;SQL Server (ACT7);c:\prog à moi\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
    S2 iasnap32;IAS NAP Provider;rundll32.exe c:\windows\system32\iasnap32.dll,azoj --> rundll32.exe c:\windows\system32\iasnap32.dll,azoj [?]
    S3 DEKART38;Dekart Smart Card Reader;c:\windows\system32\DRIVERS\dekart38.sys --> c:\windows\system32\DRIVERS\dekart38.sys [?]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\progra~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [2008-03-12 17149]
    S3 HPPLSBULK;HPPLSBULK;c:\windows\system32\drivers\hpplsbulk.sys [2009-03-05 9344]
    S3 PAC207;VideoCAM GF112;c:\windows\system32\drivers\PFC027.sys [2005-04-08 162176]
    S4 Nwlnranr;Nwlnranr;c:\windows\system32\drivers\atmarpc.sys [2004-08-05 59904]
    .
    - - - - ORPHANS REMOVED - - - -

    MSConfigStartUp-CTFMON - (no file)

    .
    ------- Supplementary Scan -------
    .
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Chercher avec Copernic Agent - c:\prog à moi\Copernic Agent\Web\SearchExt.htm
    IE: E&xporter vers Microsoft Excel - c:\progàm~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    TCP: {B7EDDF1B-73A9-4FE4-8A4C-2B03F35FE968} = 213.36.80.1
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.1.cab
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-06 22:52
    Windows 5.1.2600 Service Pack 3 FAT NTAPI

    detected NTDLL code modification:
    ZwClose, ZwOpenFile

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\software\BufferZone\Virtual\Untrusted\Machine\System\CurrentControlSet]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

    [HKEY_LOCAL_MACHINE\software\INTEL\Wireless\Folders\ü** ]
    "Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(912)
    c:\windows\system32\guard32.dll
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'lsass.exe'(968)
    c:\windows\system32\guard32.dll
    .
    Completion time: 2009-09-06 22:55
    ComboFix-quarantined-files.txt 2009-09-06 20:55
    ComboFix2.txt 2009-09-04 11:01
    ComboFix3.txt 2009-09-02 12:37

    Pre-Run: 3,192,717,312 octets libres
    Post-Run: 3,318,120,448 octets libres

    196 --- E O F --- 2009-09-06 01:05
    0
  19. archet9
     
    Fais un scan avec cet antispyware :
    Telecharges Malwarebytes + tutoriel

    Tu l´installes; mets le a jour...(onglet mise a jour)
    Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
    Puis click sur "rechercher".
    Laisses le scanner le pc...
    Si des elements on ete trouvés > click sur supprimer la selection.
    si il t´es demandé de redemarrer > click sur "oui".
    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
    Copies et colles le rapport stp.

    a+

    0
  20. rigattone
     
    Rien de détecter mais tjs pas d'amélioration.

    07/09/2009 ---- 20:03:12,60

    ----------------------------------
    §§§§§§ [winupgro] §§§§§§
    ----------------------------------
    [ ] Registre
    [ ] Fichier (rapide)
    [ ] Fichier (disque systeme)
    [X] Fichier (complete)

    *******************
    [Fichier]
    *******************

    d:\FindyKill\Tools\winupgro.exe

    *********************
    [Même date]
    *********************

    Aucun fichier créé à la même date détecté

    ----------------------------------
    §§§§§ Fin Rapport §§§§§
    ----------------------------------
    0
    1. rigattone
       
      C'est pas le bon rapport, voilà celui de mba,

      Malwarebytes' Anti-Malware 1.40
      Version de la base de données: 2754
      Windows 5.1.2600 Service Pack 3 (Safe Mode)

      07/09/2009 21:55:55
      mbam-log-2009-09-07 (21-55-55).txt

      Type de recherche: Examen rapide
      Eléments examinés: 113509
      Temps écoulé: 4 minute(s), 36 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 0

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      (Aucun élément nuisible détecté)
      0
  • 1
  • 2