Tous les programmes sont bloqués

sabah -  
 gen-hackman -
Bonjour,un virus a bloqué toute reaction de tout les programmes , est la barre destaches du bureau ne se montre plus . de l'aide slvp
Configuration: Windows XP
Firefox 3.6

11 réponses

Résumé de la discussion

Un utilisateur signale qu'un virus bloque la réactivité des programmes et que la barre des tâches du bureau ne s'affiche plus sous Windows XP et Firefox 3.6. Des solutions pratiques apparaissent, notamment l'utilisation de Dr.Web CureIt en local, l'analyse rapide puis complète, et la quarantaine des éléments infectés après détection, avec sauvegarde du rapport. D'autres réponses évoquent l'installation d'antivir en résident ou Avira pour une protection continue, avec des indications sur le mode sans échec et l'importante étape d'analyser le rapport système généré par les outils de détection.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Télécharge Dr Web CureIt sur ton Bureau :

    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

    - Double clique drweb-cureit.exe et ensuite clique sur Analyse;

    - Clique Ok à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton Oui.
    Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
    - Lorsque le scan rapide est terminé, clique sur le menu Options puis Changer la configuration ; Choisis l'onglet Scanner, et décoche Analyse heuristique. Clique ensuite sur Ok.
    - De retour à la fenêtre principale : clique pour activer Analyse complète
    - Clique le bouton avec flèche verte sur la droite, et le scan débutera.
    - Clique Oui pour tout à l'invite Désinfecter ? lorsqu'un fichier est détecté, et ensuite clique Désinfecter.
    - Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône Suivant, au dessous, et choisis Déplacer en quarantaine l'objet indésirable.
    - Du menu principal de l'outil, au haut à gauche, clique sur le menu Fichier et choisis Enregistrer le rapport. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
    - Ferme Dr.Web Cureit
    - Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
    - Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
    1
  2. Utilisateur anonyme
     
    bonsoir
    as tu téléchargé récemment quelque chose ?
    0
    1. sabah
       
      oui un programme
      0
  3. gen-hackman
     
    bonsoir

    pour suivre.....ca sent le rootkit ^^
    0
    1. sabah
       
      je suis entrain de faire un scan (avec avira) en mod sans echec.
      0
  4. gen-hackman
     
    ce n'est pas ce que t'a demandé Nathandre !!
    0
    1. sabah
       
      est ce possible de Télécharge Dr Web CureIt en mode sans echec?parceque en mode normale firefox est bloqué ne reagit pas.
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. gen-hackman
     
    sans echec avec prise en charge reseau oui
    0
    1. sabah
       
      je n'arrive pas a me connecter pour executer ce que m'a demander :Nathandre.la je suis sur un pc fix mais mon portable qui est en question est connecter par wifi .
      0
  7. gen-hackman
     
    pas grave telecharge-le sur l autre pc et grave-le
    0
    1. sabah
       
      bonjour ,je vous dépose le raport du :drweb


      Desktop_.ini;C:\WINDOWS\system32;Win32.HLLW.Gavir.ini;Supprimé.;
      skssetup-118-SkserKCS.exe\seekservice.dll;C:\Documents and Settings\Sabah\Documenti\sumo.exe/data002/{tmp}\skssetup-118-SkserKCS.exe;Adware.Seekser.1;;
      skssetup-118-SkserKCS.exe\seekservice.exe;C:\Documents and Settings\Sabah\Documenti\sumo.exe/data002/{tmp}\skssetup-118-SkserKCS.exe;Adware.Seekser.1;;
      {tmp}\skssetup-118-SkserKCS.exe;C:\Documents and Settings\Sabah\Documenti\sumo.exe/data002/{tmp};L'archive contient des éléments infectés;;
      data002;C:\Documents and Settings\Sabah\Documenti;L'archive contient des éléments infectés;;
      sumo.exe;C:\Documents and Settings\Sabah\Documenti;Conteneur comporte des objets infectés;Quarantaine.;
      0
    2. Utilisateur anonyme > sabah
       
      bonjour
      on va essayer de faire un diagnostic du PC
      Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

      - http://images.malwareremoval.com/random/RSIT.exe

      ! Déconnecte toi et ferme toutes tes applications en cours !

      * Double-clique sur RSIT.exe pour le lancer .
      * Une première fenêtre s'ouvre avec en titre : Disclaimer of warranty .
      * Devant l'option List files/folders created ... , tu choisis 2 months
      * Clique ensuite sur Continue pour lancer l'analyse ...
      * Laisse faire le scan et ne touche pas au PC ...
      * Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
      * Héberge le contenu de log.txt (c'est celui qui apparait à l'écran), ainsi que de info.txt ici.
      Clique sur parcourir
      Une fois que tu as trouvé les rapports à héberger, clique sur ouvrir
      Clique sur Cliquez ici pour déposer le fichier, puis donne le lien
      qui apparait comme ceci http:/www.cijoint.fr/cjlink.php?file=cj200911/cijgAdC3Ch.txt

      Note : les rapports seront en outre sauvegardés dans ce dossier C:\rsit
      0
    3. sabah > Utilisateur anonyme
       
      je veux déposer le raport dans " ici " mais avira informe la prèsence d'un virus donc je le met dans ce cadre de repondre a.
      voila le 1er raporet :

      Logfile of random's system information tool 1.06 (written by random/random)
      Run by Sabah at 2010-02-07 15:06:12
      Microsoft Windows XP Professional Service Pack 3
      System drive C: has 133 GB (87%) free of 153 GB
      Total RAM: 953 MB (53% free)

      HijackThis download failed

      ======Scheduled tasks folder======

      C:\WINDOWS\tasks\OGALogon.job

      ======Registry dump======

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
      Supporto di collegamento per Adobe PDF Reader - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
      Programme d'aide de l'Assistant de connexion Windows Live - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
      "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-13 208952]
      "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-13 59392]
      "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-13 455168]
      "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-13 455168]
      "Adobe Reader Speed Launcher"=C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
      "Adobe ARM"=C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
      "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-11-30 135168]
      "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-11-30 166912]
      "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-11-30 138240]
      "BigDogPath"=C:\WINDOWS\VM_STI.EXE [2004-12-15 40960]
      "avgnt"=C:\Programmi\Avira\AntiVir Desktop\avgnt.exe [2008-12-15 208641]
      "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "msnmsgr"=C:\Programmi\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
      C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
      C:\Programmi\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-17 53248]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
      C:\WINDOWS\system32\igfxtray.exe [2009-11-30 135168]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
      C:\Programmi\File comuni\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
      C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
      C:\Programmi\Skype\Phone\Skype.exe [2009-10-09 25623336]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
      C:\Programmi\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
      C:\Programmi\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
      C:\WINDOWS\system32\igfxdev.dll [2009-11-30 213504]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
      C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
      WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-06-28 133632]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Programmi\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
      "dontdisplaylastusername"=0
      "legalnoticecaption"=
      "legalnoticetext"=
      "shutdownwithoutlogon"=1
      "undockwithoutlogon"=1

      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
      "NoDriveTypeAutoRun"=145

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
      "HonorAutoRunSetting"=

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
      "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
      "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
      "C:\Programmi\Windows Live\Messenger\wlcsdk.exe"="C:\Programmi\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
      "C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\Programmi\Opera\opera.exe"="C:\Programmi\Opera\opera.exe:*:Enabled:Opera Internet Browser"
      "C:\Programmi\Skype\Plugin Manager\skypePM.exe"="C:\Programmi\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
      "C:\Programmi\ma-config.com\maconfservice.exe"="C:\Programmi\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
      "C:\Programmi\Skype\Phone\Skype.exe"="C:\Programmi\Skype\Phone\Skype.exe:*:Enabled:Skype"

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
      "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
      "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
      "C:\Programmi\Windows Live\Messenger\wlcsdk.exe"="C:\Programmi\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
      "C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

      ======List of files/folders created in the last 2 months======

      2010-02-07 15:06:13 ----D---- C:\Programmi\trend micro
      2010-02-07 15:06:12 ----D---- C:\rsit
      2010-02-07 11:26:50 ----A---- C:\WINDOWS\SchedLgU.Txt
      2010-02-07 01:05:48 ----A---- C:\WINDOWS\ntbtlog.txt
      2010-02-06 18:22:22 ----D---- C:\WINDOWS\Minidump
      2010-02-06 17:25:03 ----A---- C:\WINDOWS\UPGRADE.TXT
      2010-02-06 17:25:00 ----D---- C:\WINDOWS\setup.pss
      2010-02-06 15:53:43 ----SHD---- C:\Config.Msi
      2010-02-06 15:53:33 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\Avira
      2010-02-06 15:36:47 ----D---- C:\Programmi\Avira
      2010-02-05 13:22:31 ----A---- C:\ctapi_out_gr.txt
      2010-02-01 23:40:00 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\PhotoFiltre
      2010-02-01 23:14:06 ----D---- C:\ConvertTemp
      2010-02-01 22:50:14 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\Samsung
      2010-02-01 22:27:03 ----A---- C:\WINDOWS\system32\framedyn.dll
      2010-02-01 22:26:55 ----D---- C:\Programmi\DIFX
      2010-02-01 22:26:47 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
      2010-02-01 22:26:01 ----D---- C:\Programmi\Samsung
      2010-02-01 20:03:58 ----D---- C:\Programmi\VS Revo Group
      2010-02-01 13:15:01 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Avira
      2010-01-31 18:21:00 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\SuperMP3Download
      2010-01-31 18:21:00 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\SuperMP3Download
      2010-01-31 02:04:30 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\Help
      2010-01-30 15:23:34 ----A---- C:\WINDOWS\vidcap32.Exe
      2010-01-30 15:23:34 ----A---- C:\WINDOWS\amcap.exe
      2010-01-30 15:23:33 ----A---- C:\WINDOWS\VM_STI.EXE
      2010-01-30 15:23:33 ----A---- C:\WINDOWS\system32\VM31bSTI.dll
      2010-01-30 15:23:32 ----A---- C:\WINDOWS\system32\RunSetup.dll
      2010-01-30 15:23:32 ----A---- C:\WINDOWS\StillCap.exe
      2010-01-30 15:23:31 ----D---- C:\WINDOWS\CatRoot
      2010-01-30 15:23:31 ----A---- C:\WINDOWS\VMCap.exe
      2010-01-30 13:38:11 ----D---- C:\Programmi\Catch
      2010-01-30 13:30:59 ----D---- C:\WINDOWS\F20A984B9B304A9EA3AC918AF0D85A48.TMP
      2010-01-30 13:15:21 ----A---- C:\WINDOWS\ZSSnp211.exe
      2010-01-30 13:14:42 ----D---- C:\Programmi\Vimicro
      2010-01-30 13:00:22 ----A---- C:\WINDOWS\system32\IGFXDEVLib.dll
      2010-01-30 13:00:22 ----A---- C:\WINDOWS\system32\gfxSrvc.dll
      2010-01-30 13:00:21 ----A---- C:\WINDOWS\system32\igfxCoIn_v5189.dll
      2010-01-30 13:00:21 ----A---- C:\WINDOWS\system32\GfxUI.exe
      2010-01-30 13:00:20 ----A---- C:\WINDOWS\system32\GfxUI.exe.config
      2010-01-30 12:50:49 ----HD---- C:\WINDOWS\PIF
      2010-01-29 11:26:05 ----A---- C:\WINDOWS\system32\msonpmon.dll
      2010-01-29 11:17:52 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
      2010-01-28 13:11:01 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\Softplicity
      2010-01-28 13:10:53 ----D---- C:\Programmi\Total PDF Converter
      2010-01-27 21:06:15 ----D---- C:\Programmi\PhotoFiltre
      2010-01-27 19:22:02 ----D---- C:\Programmi\AKVIS
      2010-01-26 17:28:42 ----D---- C:\Programmi\Adobe
      2010-01-25 20:46:00 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\FaceOnBody
      2010-01-25 20:45:25 ----D---- C:\Programmi\FaceOnBody Pro
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\zh-TW
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\zh-HK
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\tr-TR
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\sv-SE
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\pt-BR
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\nl-NL
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\nb-NO
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\ko-KR
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\he-IL
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\fr-FR
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\fi-FI
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\es-ES
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\el-GR
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\de-DE
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\da-DK
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\ar-SA
      2010-01-18 13:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
      2010-01-18 13:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
      2009-12-30 16:43:07 ----D---- C:\Programmi\FVD Suite
      2009-12-23 15:19:41 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\skypePM
      2009-12-23 15:11:11 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\Skype
      2009-12-23 15:04:12 ----D---- C:\Programmi\File comuni\Skype
      2009-12-23 15:04:09 ----RD---- C:\Programmi\Skype
      2009-12-23 15:04:05 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Skype
      2009-12-21 18:54:26 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\dvdcss
      2009-12-20 17:21:23 ----D---- C:\Programmi\CardRecovery
      2009-12-20 15:32:39 ----D---- C:\Programmi\Digital Assembly
      2009-12-20 11:56:03 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\SPlayer
      2009-12-19 18:24:19 ----D---- C:\Programmi\SPlayer
      2009-12-15 23:13:55 ----N---- C:\WINDOWS\system32\spmsg.dll
      2009-12-15 23:13:51 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
      2009-12-15 23:12:51 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
      2009-12-15 21:20:34 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\Media Player Classic
      2009-12-15 21:18:05 ----A---- C:\WINDOWS\system32\unrar.dll
      2009-12-15 21:00:01 ----D---- C:\WINDOWS\system32\QuickTime
      2009-12-15 20:47:53 ----D---- C:\Documents and Settings\Sabah\Dati applicazioni\vlc
      2009-12-15 20:42:10 ----D---- C:\Programmi\VideoLAN
      2009-12-15 20:20:34 ----A---- C:\WINDOWS\NeroDigital.ini
      2009-12-13 11:30:48 ----D---- C:\Programmi\Vista Start Menu
      2009-12-10 21:23:56 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
      2009-12-10 21:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
      2009-12-10 21:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
      2009-12-10 21:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
      2009-12-10 21:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
      2009-12-10 11:51:20 ----D---- C:\WINDOWS\pss

      ======List of files/folders modified in the last 2 months======

      2010-02-07 15:06:25 ----D---- C:\WINDOWS\Prefetch
      2010-02-07 15:06:13 ----RD---- C:\Programmi
      2010-02-07 14:41:14 ----D---- C:\WINDOWS\system32
      2010-02-07 13:39:42 ----D---- C:\WINDOWS\Temp
      2010-02-07 11:29:42 ----D---- C:\Programmi\Mozilla Firefox
      2010-02-07 11:27:26 ----D---- C:\WINDOWS\system32\CatRoot2
      2010-02-07 11:27:21 ----D---- C:\WINDOWS
      2010-02-07 00:43:32 ----D---- C:\WINDOWS\Network Diagnostic
      2010-02-06 20:01:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
      2010-02-06 16:32:18 ----SHD---- C:\WINDOWS\Installer
      2010-02-06 16:26:08 ----D---- C:\WINDOWS\WinSxS
      2010-02-06 16:25:12 ----RSD---- C:\WINDOWS\assembly
      2010-02-06 16:24:33 ----SD---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft
      2010-02-06 16:24:33 ----D---- C:\Programmi\Microsoft Office
      2010-02-06 16:24:33 ----D---- C:\Programmi\File comuni\Microsoft Shared
      2010-02-06 16:24:29 ----D---- C:\Programmi\File comuni
      2010-02-06 16:23:49 ----D---- C:\Programmi\MSBuild
      2010-02-06 16:23:37 ----RSD---- C:\WINDOWS\Fonts
      2010-02-06 16:21:24 ----D---- C:\Programmi\File comuni\System
      2010-02-06 16:21:21 ----A---- C:\WINDOWS\win.ini
      2010-02-06 15:50:47 ----D---- C:\WINDOWS\system32\CatRoot
      2010-02-06 15:48:59 ----HD---- C:\WINDOWS\inf
      2010-02-06 15:38:23 ----D---- C:\WINDOWS\system32\drivers
      2010-02-05 16:00:18 ----SD---- C:\Documents and Settings\Sabah\Dati applicazioni\Microsoft
      2010-02-03 19:45:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
      2010-02-01 22:26:01 ----HD---- C:\Programmi\InstallShield Installation Information
      2010-02-01 15:49:25 ----D---- C:\Programmi\ESET
      2010-01-31 20:06:49 ----D---- C:\Programmi\SUPERAntiSpyware
      2010-01-31 16:43:39 ----D---- C:\WINDOWS\system32\wbem
      2010-01-31 02:04:30 ----D---- C:\Programmi\WinRAR
      2010-01-30 15:23:31 ----SD---- C:\WINDOWS\Downloaded Program Files
      2010-01-30 15:23:31 ----D---- C:\WINDOWS\twain_32
      2010-01-30 15:23:30 ----D---- C:\Programmi\File comuni\InstallShield
      2010-01-30 13:15:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
      2010-01-30 12:54:52 ----D---- C:\Programmi\ma-config.com
      2010-01-30 12:54:52 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\ma-config.com
      2010-01-28 22:57:17 ----D---- C:\WINDOWS\Debug
      2010-01-26 17:28:55 ----D---- C:\Programmi\File comuni\Adobe
      2010-01-26 17:28:51 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Adobe
      2010-01-25 14:29:49 ----D---- C:\Programmi\Internet Explorer
      2010-01-25 14:29:27 ----HD---- C:\WINDOWS\$hf_mig$
      2010-01-19 13:57:37 ----SD---- C:\WINDOWS\Tasks
      2010-01-19 13:57:37 ----D---- C:\WINDOWS\system32\en-US
      2010-01-18 13:50:51 ----D---- C:\WINDOWS\AppPatch
      2010-01-14 13:29:30 ----D---- C:\Programmi\Messenger Plus! Live
      2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
      2010-01-01 13:55:49 ----D---- C:\Programmi\Windows Media Player
      2010-01-01 13:54:52 ----D---- C:\WINDOWS\Help
      2010-01-01 13:54:51 ----D---- C:\Programmi\Windows Media Connect 2
      2009-12-21 20:06:28 ----A---- C:\WINDOWS\system32\wininet.dll
      2009-12-21 20:06:27 ----A---- C:\WINDOWS\system32\urlmon.dll
      2009-12-21 20:06:26 ----N---- C:\WINDOWS\system32\occache.dll
      2009-12-21 20:06:25 ----A---- C:\WINDOWS\system32\mshtml.dll
      2009-12-21 20:06:21 ----N---- C:\WINDOWS\system32\jsproxy.dll
      2009-12-21 20:06:21 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
      2009-12-21 20:06:21 ----A---- C:\WINDOWS\system32\msfeeds.dll
      2009-12-21 20:06:20 ----A---- C:\WINDOWS\system32\iertutil.dll
      2009-12-21 20:06:19 ----A---- C:\WINDOWS\system32\iepeers.dll
      2009-12-21 20:06:18 ----A---- C:\WINDOWS\system32\ieframe.dll
      2009-12-21 20:06:15 ----N---- C:\WINDOWS\system32\iedkcs32.dll
      2009-12-21 14:20:41 ----N---- C:\WINDOWS\system32\ie4uinit.exe
      2009-12-20 16:07:11 ----D---- C:\WINDOWS\system32\appmgmt
      2009-12-09 16:26:53 ----D---- C:\Programmi\CodeStuff

      ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2008-12-15 87296]
      R1 avgio;avgio; \??\C:\Programmi\Avira\AntiVir Desktop\avgio.sys []
      R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-08 94544]
      R1 intelppm;Driver processore Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40448]
      R1 SASDIFSV;SASDIFSV; \??\C:\Programmi\SUPERAntiSpyware\SASDIFSV.SYS []
      R1 SASKUTIL;SASKUTIL; \??\C:\Programmi\SUPERAntiSpyware\SASKUTIL.sys []
      R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2008-12-05 28352]
      R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
      R1 WmiAcpi;Strumentazione gestione Microsoft Windows per ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
      R1 WS2IFSL;Ambiente di supporto del provider del Servizio Non-IFS di Windows Socket 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-31 12032]
      R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-01 56816]
      R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
      R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-25 1344224]
      R3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2008-11-18 68736]
      R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-03-19 175104]
      R3 CmBatt;Driver scheda AC Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
      R3 HDAudBus;Driver bus UAA Microsoft per High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
      R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-11-30 1912256]
      R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-13 4754944]
      R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-24 30336]
      R3 usbhub;Hub abilitato USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
      R3 usbuhci;Driver Miniport Controller Universal Host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
      S1 kbdhid;Driver di tastiera HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
      S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
      S3 driverhardwarev2;driverhardwarev2; \??\C:\Programmi\ma-config.com\Drivers\driverhardwarev2.sys []
      S3 HidUsb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
      S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
      S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
      S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
      S3 PAC207;CIF USB Camera; C:\WINDOWS\system32\DRIVERS\PFC027.SYS []
      S3 SASENUM;SASENUM; \??\C:\Programmi\SUPERAntiSpyware\SASENUM.SYS []
      S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
      S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
      S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
      S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
      S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
      S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-22 32384]
      S3 USBSTOR;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
      S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
      S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\WudfPf.sys []
      S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\wudfrd.sys []
      S3 ZSMC301b;Vimicro USB PC Camera (ZC0301PL); C:\WINDOWS\System32\Drivers\usbVM31b.sys [2006-04-03 195299]
      S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

      ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R2 AntiVirFirewallService;Avira Firewall; C:\Programmi\Avira\AntiVir Desktop\avfwsvc.exe [2008-12-15 376065]
      R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Programmi\Avira\AntiVir Desktop\avmailc.exe [2008-12-15 174849]
      R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Programmi\Avira\AntiVir Desktop\sched.exe [2008-12-15 107265]
      R2 AntiVirService;Avira AntiVir Guard; C:\Programmi\Avira\AntiVir Desktop\avguard.exe [2008-12-15 183553]
      R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Programmi\Avira\AntiVir Desktop\AVWEBGRD.EXE [2008-12-12 431361]
      S3 aspnet_state;Servizio stato di ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
      S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
      S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
      S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
      S3 maconfservice;Ma-Config Service; C:\Programmi\ma-config.com\maconfservice.exe [2009-12-17 243056]
      S3 NBService;NBService; C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824]
      S3 NMIndexingService;NMIndexingService; C:\Programmi\File comuni\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
      S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
      S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

      -----------------EOF-----------------
      0
    4. Utilisateur anonyme > sabah
       
      il me faudrai info.txt
      0
    5. sabah > sabah
       
      voici le 2ème de info.txt

      info.txt logfile of random's system information tool 1.06 2010-02-07 15:08:28

      ======Uninstall list======

      -->C:\Programmi\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
      -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
      -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
      -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
      -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
      -->C:\WINDOWS\UNRecode.exe /UNINSTALL
      -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
      Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
      Adobe Reader 8.2.0 - Italiano-->MsiExec.exe /I{AC76BA86-7AD7-1040-7B44-A82000000003}
      Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
      Aggiornamento della protezione per Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
      Aggiornamento della protezione per Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
      Aggiornamento per Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
      Aggiornamento per Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
      Aggiornamento per Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
      Aggiornamento rapido per Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
      Aggiornamento rapido per Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
      AKVIS Chameleon-->"C:\Programmi\AKVIS\Chameleon\Uninstall\Uninstall.exe" "C:\Programmi\AKVIS\Chameleon\Uninstall\install.log" -u
      Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
      Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
      Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
      Avira Premium Security Suite-->C:\Programmi\Avira\AntiVir Desktop\setup.exe /REMOVE
      Broadcom Driver v4.170.25.12_Foxconn Installation Program-->C:\Programmi\InstallShield Installation Information\{153F839F-0A63-41D8-890F-7324C0E13743}\setup.exe -runfromtemp -l0x0009 -removeonly
      CardRecovery 5.20-->"C:\Programmi\CardRecovery\unins000.exe"
      CCleaner (remove only)-->"C:\Programmi\CCleaner\uninst.exe"
      FaceOnBody Pro v 2.4-->C:\Programmi\FaceOnBody Pro\Uninstall.exe
      Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
      Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
      Installation Windows Live-->C:\Programmi\Windows Live\Installer\wlarp.exe
      Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
      Intel(R) Graphics Media Accelerator Driver-->C:\Programmi\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
      Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
      Ma-Config.com-->MsiExec.exe /X{18754BA4-4F0C-4E6E-888B-9496AFA05F43}
      Malwarebytes' Anti-Malware-->"C:\Programmi\Malwarebytes' Anti-Malware\unins000.exe"
      Messenger Plus! Live-->"C:\Programmi\Messenger Plus! Live\Uninstall.exe"
      Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA-->MsiExec.exe /I{71CB2612-627C-3D58-8D82-B77444B27B6A}
      Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
      Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
      Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
      Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
      Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
      Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
      Microsoft Silverlight 3 Toolkit November 2009-->MsiExec.exe /I{3EA86486-E94C-49E1-831A-4974B06C1D9B}
      Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
      Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
      Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
      Microsoft Web Platform Installer 2.0-->MsiExec.exe /X{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}
      Mozilla Firefox (3.5.7)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
      MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
      MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
      MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /X{C523D256-313D-4866-B36A-F3DE528246EF}
      MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
      MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
      Nero 7 Ultra Edition-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1040}
      neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
      OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
      Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
      Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
      Pacchetto driver Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
      Pacchetto driver Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
      PC Camera-->C:\PROGRA~1\FILECO~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C679F9B9-C65D-4C65-BD6C-BF90B859E281} /l1036
      PC Camera-->C:\Programmi\InstallShield Installation Information\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}\setup.exe -runfromtemp -l0x0010 -removeonly
      PowerDVD-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
      Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x10 -removeonly
      SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
      SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
      Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
      SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
      SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
      Samsung PC Studio 3-->"C:\Programmi\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
      Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
      Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
      Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
      SPlayer-->"C:\Programmi\SPlayer\uninstall.exe"
      SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
      Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
      VIMICRO USB PC Camera(ZC0301PL)-->RunDll32 C:\PROGRA~1\FILECO~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
      Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
      Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
      Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
      Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
      Windows Media Format 11 runtime-->"C:\Programmi\Windows Media Player\wmsetsdk.exe" /UninstallAll
      Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
      Windows Sidebar-->rundll32.exe advpack.dll,LaunchINFSection WSidebar.inf,DefaultUninstall
      WinRAR gestione archivi-->C:\Programmi\WinRAR\uninstall.exe
      ZSMC USB PC Camera (ZS0211)-->C:\Programmi\InstallShield Installation Information\{44D02D8B-FFB3-4245-8D26-68D10B4C4023}\setup.exe -runfromtemp -l0x0010 -removeonly

      ======Security center information======

      AV: AntiVir Desktop (outdated)
      FW: Avira Firewall

      ======System event log======

      Computer Name: XXX-257974745A3
      Event Code: 7036
      Message: Il servizio QoS RSVP è ora in modalità arrestato.

      Record Number: 4685
      Source Name: Service Control Manager
      Time Written: 20100126173742.000000+060
      Event Type: Informazione
      User:

      Computer Name: XXX-257974745A3
      Event Code: 29
      Message: Il time provider NtpClient è configurato per acquisire l'ora da una o più
      origini dell'ora, ma nessuna origine dell'ora è accessibile attualmente e
      non verrà eseguito alcun tentativo di contattare un'origine per 14 minuti.
      NtpClient non dispone di alcuna origine di ora esatta.

      Record Number: 4684
      Source Name: W32Time
      Time Written: 20100126173629.000000+060
      Event Type: Errore
      User:

      Computer Name: XXX-257974745A3
      Event Code: 17
      Message: Time providerNtpClient: si è verificato un errore durante la ricerca DNS del peer configurato
      manualmente 'time.windows.com,0x1'. NtpClient ritenterà la ricerca DNS fra 15
      minuti.
      Errore Tentativo di operazione del socket verso un host non raggiungibile. (0x80072751)

      Record Number: 4683
      Source Name: W32Time
      Time Written: 20100126173629.000000+060
      Event Type: Errore
      User:

      Computer Name: XXX-257974745A3
      Event Code: 2505
      Message: Il server non ha potuto effettuare il binding del trasporto \Device\NetBT_Tcpip_{8A8554E3-D2D4-48B4-875F-6C55127015F6} perché un altro computer sulla rete ha lo stesso nome. Impossibile avviare il server.

      Record Number: 4682
      Source Name: Server
      Time Written: 20100126173615.000000+060
      Event Type: Errore
      User:

      Computer Name: XXX-257974745A3
      Event Code: 29
      Message: Il time provider NtpClient è configurato per acquisire l'ora da una o più
      origini dell'ora, ma nessuna origine dell'ora è accessibile attualmente e
      non verrà eseguito alcun tentativo di contattare un'origine per 14 minuti.
      NtpClient non dispone di alcuna origine di ora esatta.

      Record Number: 4681
      Source Name: W32Time
      Time Written: 20100126173611.000000+060
      Event Type: Errore
      User:

      =====Application event log=====

      Computer Name: XXX-257974745A3
      Event Code: 1000
      Message: I contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) sono stati caricati.
      I Dati del record contengono nuovi valori di indice assegnati
      al servizio.

      Record Number: 1365
      Source Name: LoadPerf
      Time Written: 20100121125037.000000+060
      Event Type: Informazione
      User:

      Computer Name: XXX-257974745A3
      Event Code: 1001
      Message: Contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) rimossi.
      I dati del record contengono i nuovi valori delle voci del Registro di sistema relativo all'ultimo contatore e
      all'ultima guida.

      Record Number: 1364
      Source Name: LoadPerf
      Time Written: 20100121125037.000000+060
      Event Type: Informazione
      User:

      Computer Name: XXX-257974745A3
      Event Code: 1800
      Message: Servizio Centro sicurezza PC Windows avviato.

      Record Number: 1363
      Source Name: SecurityCenter
      Time Written: 20100121124634.000000+060
      Event Type: Informazione
      User:

      Computer Name: XXX-257974745A3
      Event Code: 1000
      Message: I contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) sono stati caricati.
      I Dati del record contengono nuovi valori di indice assegnati
      al servizio.

      Record Number: 1362
      Source Name: LoadPerf
      Time Written: 20100120165332.000000+060
      Event Type: Informazione
      User:

      Computer Name: XXX-257974745A3
      Event Code: 1001
      Message: Contatori delle prestazioni per il servizio WmiApRpl (WmiApRpl) rimossi.
      I dati del record contengono i nuovi valori delle voci del Registro di sistema relativo all'ultimo contatore e
      all'ultima guida.

      Record Number: 1361
      Source Name: LoadPerf
      Time Written: 20100120165332.000000+060
      Event Type: Informazione
      User:

      ======Environment variables======

      "ComSpec"=%SystemRoot%\system32\cmd.exe
      "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programmi\Alky for Applications\Libraries\;C:\Programmi\Samsung\Samsung PC Studio 3\
      "windir"=%SystemRoot%
      "FP_NO_HOST_CHECK"=NO
      "OS"=Windows_NT
      "PROCESSOR_ARCHITECTURE"=x86
      "PROCESSOR_LEVEL"=6
      "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
      "PROCESSOR_REVISION"=170a
      "NUMBER_OF_PROCESSORS"=1
      "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
      "TEMP"=%SystemRoot%\TEMP
      "TMP"=%SystemRoot%\TEMP

      -----------------EOF-----------------
      0
  8. gen-hackman
     
    bonsoir ces trois fichiers indiquent que ce windows n'est pas legitime

    Quarantined & Deleted !! : C:\WINDOWS\SET3.tmp
    Quarantined & Deleted !! : C:\WINDOWS\SET4.tmp
    Quarantined & Deleted !! : C:\WINDOWS\SET8.tmp
    0
    1. sabah
       
      non , c'a fais presque 3mois que j'ai acheter un nouveau acer avec un nouveau cd je garde toujours la facture pour la garantie bien sur j'ai éviter d'acheter un portable avec xp fixe pour ne pas galérer en cas de réparation ou formatage.
      0
  9. gen-hackman
     
    un nouveau ACER avec un XP installé ???? mdr !!!!

    0
    1. sabah
       
      un nouveau cd xp , est portable acer , avant j'avais un portable avec vista installé.
      0
  10. gen-hackman
     
    tu as du le porter chez un reparateur incertain ...
    0
    1. sabah
       
      en effet chez le même vendeur,avec la garantie pour réparer word qui n'a pas de correcteur d'orthographe.
      0
  11. gen-hackman
     
    fais ceci on va verifier :

    demarrer / executer , tape : cmd puis entrée

    dans la fenetre noire qui s'ouvre , colle :

    type "%Systemroot%\System32\Drivers\etc\host" >> %Homedrive%\A.txt

    puis entrée , et ensuite colle ici le contenu du document texte C:\A.txt
    0
    1. sabah
       
      impossible de trouver le fichier spécifique

      c'est ce qui est ecrit ie ne sais pas comment le copier pour le coller ici la page du cmd est noir.
      0
  12. gen-hackman
     
    ok faute d'impression j ai oublié un "s"

    execute ceci et poste le rapport :

    http://sd-1.archive-host.com/membres/up/829108531491024/Read_File.exe
    0