Bonjour on m'a dit que vous pouviez m'aider
sophie39
-
barnabe0057 Messages postés 14431 Date d'inscription Statut Contributeur Dernière intervention -
barnabe0057 Messages postés 14431 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour,
Logfile of random's system information tool 1.06 (written by random/random)
Run by sophie at 2009-12-10 19:50:03
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 1 GB (7%) free of 20 GB
Total RAM: 703 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:50:07, on 10/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\WinMsgBalloonServer.exe
C:\WINDOWS\system32\WinMsgBalloonClient.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sophie\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\sophie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FE0C025-92E1-4EAD-B406-944BDF6BC03D}: NameServer = 208.67.222.222,208.67.222.220
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 9693 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\Registry Winner Schedule.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-07-29 1153024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-21 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-21 149280]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-07-29 1024512]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-09-07 251336]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-26 39408]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\sophie\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
65535-65535-31890 411:31890:475 ----A---- C:\WINDOWS\system32\cscui.dll
2009-12-10 19:33:26 ----D---- C:\Program Files\trend micro
2009-12-10 19:33:25 ----D---- C:\rsit
2009-12-10 18:46:23 ----D---- C:\Documents and Settings\sophie\Application Data\QUAD Backups
2009-12-10 07:49:07 ----D---- C:\Program Files\Le Mystere de la Momie Demo
2009-12-08 17:20:55 ----D---- C:\Program Files\Blingee Plus
2009-12-07 18:28:23 ----D---- C:\Documents and Settings\sophie\Application Data\Zylom
2009-12-07 18:28:19 ----D---- C:\Documents and Settings\All Users\Application Data\Zylom
2009-12-07 18:28:05 ----D---- C:\Program Files\Zylom Games
2009-12-05 07:27:29 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-04 19:03:49 ----HDC---- C:\WINDOWS\ie8
2009-12-03 07:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-03 07:33:45 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-03 07:33:45 ----D---- C:\Program Files\Adobe
2009-12-03 07:27:23 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-12-02 13:48:00 ----D---- C:\Documents and Settings\sophie\Application Data\Super-Cow
2009-12-01 19:21:46 ----D---- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
2009-12-01 18:55:16 ----D---- C:\Documents and Settings\sophie\Application Data\Yahoo!
2009-12-01 18:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-12-01 18:55:11 ----D---- C:\Program Files\Yahoo!
2009-12-01 18:55:05 ----D---- C:\Program Files\CCleaner
2009-12-01 18:50:59 ----D---- C:\Program Files\RegCleaner
2009-12-01 09:23:48 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\SLMOHServ.dll
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\slmh.exe
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\SLLights.dll
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\minirec.exe
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\amr_cpl.dll
2009-12-01 09:08:03 ----A---- C:\WINDOWS\SmCfg.exe
2009-12-01 09:05:45 ----D---- C:\Documents and Settings\sophie\Application Data\iWin
2009-12-01 09:04:48 ----D---- C:\TMOTM
2009-11-30 19:06:43 ----D---- C:\Program Files\Realtek AC97
2009-11-30 18:40:37 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2009-11-30 18:40:21 ----D---- C:\Program Files\BFG
2009-11-30 18:17:23 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2009-11-30 18:17:23 ----A---- C:\WINDOWS\system32\SMMedia.dll
2009-11-30 18:17:20 ----A---- C:\WINDOWS\SynthCoreA.Dll
2009-11-30 18:17:19 ----A---- C:\WINDOWS\SynCor.exe
2009-11-30 18:17:18 ----A---- C:\WINDOWS\system32\Syncor11.dll
2009-11-30 18:17:18 ----A---- C:\WINDOWS\system32\S11thk32.dll
2009-11-30 18:17:17 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll
2009-11-30 18:17:16 ----D---- C:\WINDOWS\VirtualEar
2009-11-30 18:17:16 ----A---- C:\WINDOWS\system32\Audio3d.dll
2009-11-30 18:17:15 ----A---- C:\WINDOWS\system32\virtear.dll
2009-11-30 18:17:13 ----D---- C:\Program Files\Analog Devices
2009-11-30 18:17:13 ----A---- C:\WINDOWS\system32\DSndUp.exe
2009-11-30 18:17:13 ----A---- C:\WINDOWS\system32\CleanUp.exe
2009-11-30 17:54:13 ----HD---- C:\WINDOWS\msdownld.tmp
2009-11-30 17:53:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-30 10:47:54 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-30 10:46:40 ----D---- C:\Program Files\Microsoft Sync Framework
2009-11-30 10:45:35 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-11-30 10:45:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-11-22 18:12:14 ----D---- C:\Program Files\Microsoft
2009-11-22 18:12:01 ----D---- C:\Program Files\Windows Live SkyDrive
2009-11-22 18:11:31 ----D---- C:\Program Files\Windows Live
2009-11-22 17:59:05 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\java.exe
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-21 19:40:40 ----D---- C:\WINDOWS\system32\appmgmt
2009-11-21 19:40:37 ----D---- C:\Program Files\Search Settings
2009-11-21 19:22:31 ----D---- C:\Config.Msi
2009-11-12 07:15:12 ----DC---- C:\WINDOWS\$NtUninstallKB969947$
======List of files/folders modified in the last 1 months======
2009-12-10 19:49:55 ----D---- C:\WINDOWS\Prefetch
2009-12-10 19:37:19 ----D---- C:\Program Files\Mozilla Firefox
2009-12-10 19:36:14 ----SHD---- C:\WINDOWS\Installer
2009-12-10 19:36:13 ----RD---- C:\Program Files
2009-12-10 19:15:21 ----D---- C:\WINDOWS\system32
2009-12-10 19:15:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-10 19:12:18 ----D---- C:\WINDOWS\Temp
2009-12-10 19:11:54 ----D---- C:\WINDOWS
2009-12-10 19:09:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-10 18:37:41 ----SD---- C:\Documents and Settings\sophie\Application Data\Microsoft
2009-12-10 07:50:12 ----D---- C:\WINDOWS\system32\config
2009-12-10 07:49:58 ----D---- C:\WINDOWS\system32\wbem
2009-12-10 07:49:56 ----D---- C:\WINDOWS\Registration
2009-12-09 22:40:17 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-09 22:38:43 ----HD---- C:\WINDOWS\inf
2009-12-09 22:11:02 ----D---- C:\WINDOWS\Minidump
2009-12-09 14:05:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-09 13:49:16 ----D---- C:\Documents and Settings\sophie\Application Data\Azureus
2009-12-08 17:21:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-07 18:28:23 ----D---- C:\Documents and Settings\sophie\Application Data\Identities
2009-12-07 16:17:45 ----D---- C:\Program Files\Fichiers communs
2009-12-07 12:59:55 ----D---- C:\Program Files\eMule
2009-12-06 18:53:42 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-06 18:53:41 ----RSD---- C:\WINDOWS\assembly
2009-12-06 16:31:18 ----D---- C:\WINDOWS\system32\drivers
2009-12-05 08:24:30 ----D---- C:\WINDOWS\Debug
2009-12-04 20:35:42 ----D---- C:\WINDOWS\system32\Restore
2009-12-04 19:06:40 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-04 19:06:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-04 19:06:39 ----D---- C:\WINDOWS\Help
2009-12-04 19:06:39 ----D---- C:\Program Files\Internet Explorer
2009-12-04 19:05:18 ----D---- C:\WINDOWS\WBEM
2009-12-04 19:05:08 ----D---- C:\WINDOWS\Media
2009-12-04 12:48:48 ----D---- C:\Documents and Settings\sophie\Application Data\Adobe
2009-12-02 21:33:47 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-01 09:08:03 ----D---- C:\WINDOWS\Modio
2009-11-30 19:06:56 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-30 18:22:35 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-30 18:21:36 ----D---- C:\WINDOWS\system
2009-11-30 18:21:34 ----A---- C:\WINDOWS\system32\msssc.dll
2009-11-30 18:17:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-30 17:53:13 ----D---- C:\WINDOWS\system32\DirectX
2009-11-30 14:33:24 ----D---- C:\WINDOWS\ie8updates
2009-11-30 10:46:41 ----D---- C:\WINDOWS\WinSxS
2009-11-25 00:54:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-21 20:22:24 ----D---- C:\Program Files\Free Easy Burner
2009-11-21 19:46:21 ----D---- C:\Program Files\Java
2009-11-21 19:40:52 ----D---- C:\Program Files\Glary Utilities
2009-11-18 16:16:09 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-18 16:12:55 ----D---- C:\WINDOWS\Network Diagnostic
2009-11-11 09:44:07 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2003-07-30 77465]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2009-10-25 237616]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys [2009-10-25 698848]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2009-10-25 13248]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-10-01 594048]
R3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 atimtai;atimtai; C:\WINDOWS\system32\DRIVERS\atimtai.sys [2001-08-23 281728]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2009-10-25 1464848]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2008-04-13 180360]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2009-10-25 101328]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD_RAIDXpert;AMD RAIDXpert; C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-21 153376]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slmdmsr.exe [2009-10-25 61440]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-03-17 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-26 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
mon ordi beug toute la journee !!
merci ai je un virus
je ne peu plus aller sur msn
les clees usb ne copie plus rien elles beugues !!
merci d'avance
Logfile of random's system information tool 1.06 (written by random/random)
Run by sophie at 2009-12-10 19:50:03
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 1 GB (7%) free of 20 GB
Total RAM: 703 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:50:07, on 10/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\WinMsgBalloonServer.exe
C:\WINDOWS\system32\WinMsgBalloonClient.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\eMule\eMule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sophie\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\sophie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FE0C025-92E1-4EAD-B406-944BDF6BC03D}: NameServer = 208.67.222.222,208.67.222.220
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 9693 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\Registry Winner Schedule.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-07-29 1153024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-21 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-04 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-21 149280]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-07-29 1024512]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-07-30 143360]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2009-09-07 251336]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-26 39408]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\sophie\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - C:\Documents and Settings\sophie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\eMule\eMule.exe"="C:\Program Files\eMule\eMule.exe:*:Enabled:eMule Plus"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
65535-65535-31890 411:31890:475 ----A---- C:\WINDOWS\system32\cscui.dll
2009-12-10 19:33:26 ----D---- C:\Program Files\trend micro
2009-12-10 19:33:25 ----D---- C:\rsit
2009-12-10 18:46:23 ----D---- C:\Documents and Settings\sophie\Application Data\QUAD Backups
2009-12-10 07:49:07 ----D---- C:\Program Files\Le Mystere de la Momie Demo
2009-12-08 17:20:55 ----D---- C:\Program Files\Blingee Plus
2009-12-07 18:28:23 ----D---- C:\Documents and Settings\sophie\Application Data\Zylom
2009-12-07 18:28:19 ----D---- C:\Documents and Settings\All Users\Application Data\Zylom
2009-12-07 18:28:05 ----D---- C:\Program Files\Zylom Games
2009-12-05 07:27:29 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-12-04 19:03:49 ----HDC---- C:\WINDOWS\ie8
2009-12-03 07:34:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-03 07:33:45 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-03 07:33:45 ----D---- C:\Program Files\Adobe
2009-12-03 07:27:23 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-12-02 13:48:00 ----D---- C:\Documents and Settings\sophie\Application Data\Super-Cow
2009-12-01 19:21:46 ----D---- C:\Documents and Settings\All Users\Application Data\AdventureChronicles1
2009-12-01 18:55:16 ----D---- C:\Documents and Settings\sophie\Application Data\Yahoo!
2009-12-01 18:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-12-01 18:55:11 ----D---- C:\Program Files\Yahoo!
2009-12-01 18:55:05 ----D---- C:\Program Files\CCleaner
2009-12-01 18:50:59 ----D---- C:\Program Files\RegCleaner
2009-12-01 09:23:48 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\SLMOHServ.dll
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\slmh.exe
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\SLLights.dll
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\minirec.exe
2009-12-01 09:08:03 ----A---- C:\WINDOWS\system32\amr_cpl.dll
2009-12-01 09:08:03 ----A---- C:\WINDOWS\SmCfg.exe
2009-12-01 09:05:45 ----D---- C:\Documents and Settings\sophie\Application Data\iWin
2009-12-01 09:04:48 ----D---- C:\TMOTM
2009-11-30 19:06:43 ----D---- C:\Program Files\Realtek AC97
2009-11-30 18:40:37 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2009-11-30 18:40:21 ----D---- C:\Program Files\BFG
2009-11-30 18:17:23 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2009-11-30 18:17:23 ----A---- C:\WINDOWS\system32\SMMedia.dll
2009-11-30 18:17:20 ----A---- C:\WINDOWS\SynthCoreA.Dll
2009-11-30 18:17:19 ----A---- C:\WINDOWS\SynCor.exe
2009-11-30 18:17:18 ----A---- C:\WINDOWS\system32\Syncor11.dll
2009-11-30 18:17:18 ----A---- C:\WINDOWS\system32\S11thk32.dll
2009-11-30 18:17:17 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll
2009-11-30 18:17:16 ----D---- C:\WINDOWS\VirtualEar
2009-11-30 18:17:16 ----A---- C:\WINDOWS\system32\Audio3d.dll
2009-11-30 18:17:15 ----A---- C:\WINDOWS\system32\virtear.dll
2009-11-30 18:17:13 ----D---- C:\Program Files\Analog Devices
2009-11-30 18:17:13 ----A---- C:\WINDOWS\system32\DSndUp.exe
2009-11-30 18:17:13 ----A---- C:\WINDOWS\system32\CleanUp.exe
2009-11-30 17:54:13 ----HD---- C:\WINDOWS\msdownld.tmp
2009-11-30 17:53:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-30 10:47:54 ----D---- C:\Program Files\Microsoft Silverlight
2009-11-30 10:46:40 ----D---- C:\Program Files\Microsoft Sync Framework
2009-11-30 10:45:35 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-11-30 10:45:18 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-11-22 18:12:14 ----D---- C:\Program Files\Microsoft
2009-11-22 18:12:01 ----D---- C:\Program Files\Windows Live SkyDrive
2009-11-22 18:11:31 ----D---- C:\Program Files\Windows Live
2009-11-22 17:59:05 ----D---- C:\WINDOWS\SxsCaPendDel
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\java.exe
2009-11-21 19:46:46 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-21 19:40:40 ----D---- C:\WINDOWS\system32\appmgmt
2009-11-21 19:40:37 ----D---- C:\Program Files\Search Settings
2009-11-21 19:22:31 ----D---- C:\Config.Msi
2009-11-12 07:15:12 ----DC---- C:\WINDOWS\$NtUninstallKB969947$
======List of files/folders modified in the last 1 months======
2009-12-10 19:49:55 ----D---- C:\WINDOWS\Prefetch
2009-12-10 19:37:19 ----D---- C:\Program Files\Mozilla Firefox
2009-12-10 19:36:14 ----SHD---- C:\WINDOWS\Installer
2009-12-10 19:36:13 ----RD---- C:\Program Files
2009-12-10 19:15:21 ----D---- C:\WINDOWS\system32
2009-12-10 19:15:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-10 19:12:18 ----D---- C:\WINDOWS\Temp
2009-12-10 19:11:54 ----D---- C:\WINDOWS
2009-12-10 19:09:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-10 18:37:41 ----SD---- C:\Documents and Settings\sophie\Application Data\Microsoft
2009-12-10 07:50:12 ----D---- C:\WINDOWS\system32\config
2009-12-10 07:49:58 ----D---- C:\WINDOWS\system32\wbem
2009-12-10 07:49:56 ----D---- C:\WINDOWS\Registration
2009-12-09 22:40:17 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-09 22:38:43 ----HD---- C:\WINDOWS\inf
2009-12-09 22:11:02 ----D---- C:\WINDOWS\Minidump
2009-12-09 14:05:39 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-09 13:49:16 ----D---- C:\Documents and Settings\sophie\Application Data\Azureus
2009-12-08 17:21:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-07 18:28:23 ----D---- C:\Documents and Settings\sophie\Application Data\Identities
2009-12-07 16:17:45 ----D---- C:\Program Files\Fichiers communs
2009-12-07 12:59:55 ----D---- C:\Program Files\eMule
2009-12-06 18:53:42 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-06 18:53:41 ----RSD---- C:\WINDOWS\assembly
2009-12-06 16:31:18 ----D---- C:\WINDOWS\system32\drivers
2009-12-05 08:24:30 ----D---- C:\WINDOWS\Debug
2009-12-04 20:35:42 ----D---- C:\WINDOWS\system32\Restore
2009-12-04 19:06:40 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-04 19:06:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-04 19:06:39 ----D---- C:\WINDOWS\Help
2009-12-04 19:06:39 ----D---- C:\Program Files\Internet Explorer
2009-12-04 19:05:18 ----D---- C:\WINDOWS\WBEM
2009-12-04 19:05:08 ----D---- C:\WINDOWS\Media
2009-12-04 12:48:48 ----D---- C:\Documents and Settings\sophie\Application Data\Adobe
2009-12-02 21:33:47 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-01 09:08:03 ----D---- C:\WINDOWS\Modio
2009-11-30 19:06:56 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-30 18:22:35 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-30 18:21:36 ----D---- C:\WINDOWS\system
2009-11-30 18:21:34 ----A---- C:\WINDOWS\system32\msssc.dll
2009-11-30 18:17:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-30 17:53:13 ----D---- C:\WINDOWS\system32\DirectX
2009-11-30 14:33:24 ----D---- C:\WINDOWS\ie8updates
2009-11-30 10:46:41 ----D---- C:\WINDOWS\WinSxS
2009-11-25 00:54:29 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-21 20:22:24 ----D---- C:\Program Files\Free Easy Burner
2009-11-21 19:46:21 ----D---- C:\Program Files\Java
2009-11-21 19:40:52 ----D---- C:\Program Files\Glary Utilities
2009-11-18 16:16:09 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-18 16:12:55 ----D---- C:\WINDOWS\Network Diagnostic
2009-11-11 09:44:07 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-22 1522688]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2003-07-30 77465]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2009-10-25 237616]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys [2009-10-25 698848]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2009-10-25 13248]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-10-01 594048]
R3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 atimtai;atimtai; C:\WINDOWS\system32\DRIVERS\atimtai.sys [2001-08-23 281728]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2009-10-25 1464848]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2008-04-13 180360]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2009-10-25 101328]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD_RAIDXpert;AMD RAIDXpert; C:\Program Files\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-22 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-21 153376]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slmdmsr.exe [2009-10-25 61440]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-03-17 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-26 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
mon ordi beug toute la journee !!
merci ai je un virus
je ne peu plus aller sur msn
les clees usb ne copie plus rien elles beugues !!
merci d'avance
Configuration: Windows XP Firefox 3.5.5
A voir également:
- Bonjour on m'a dit que vous pouviez m'aider
- Des problèmes sont survenus lors de l'installation des mises à jour, mais nous réessaierons ultérieurement. si le problème persiste et que vous souhaitez rechercher des informations sur internet ou contacter l'assistance pour en obtenir, ceci peut vous aider : (0x80070005) - Guide
- Erreur Windows 10 0x80080005 + Windows update n'existe plus! - Forum Windows 10
- En préparant son diaporama, tom a pris quelques notes qui l'aideront lors de sa présentation. quand il présentera l'âne, il a prévu de raconter une anecdote sur cet animal. comment s'appelle l'âne de son histoire ? - Forum Microsoft Office
- Il n'y a malheureusement aucun transporteur pouvant livrer à votre adresse. - Forum Webmastering
- Problème mise a jour Windows 10 erreur 0x80070643. ✓ - Forum Windows 10
1 réponse
Bonjour,
▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
▶ Déconnecte toi d'internet et ferme toutes tes applications en cours !
▶ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .
▶ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis l'option "L" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
▶ Déconnecte toi d'internet et ferme toutes tes applications en cours !
▶ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .
▶ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis l'option "L" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
