Google infecté

Résolu
yohanaldo Messages postés 63 Statut Membre -  
 coachkpn1 -
Bonjour,

Depuis quelques jours, mes recherches sur google me redirigent vers d'autres sites, souvent les memes, pour antivirus par ex
La raison etant que j'ai telecharger un lien d'un ami sur facebook et depuis c'est l'horreur
J'ai un deuxieme probleme qui s'est cree suite à cela c'est que la navigation sur internet explorer est devenu assez lente

Apres de nombreuses recherches sur le forum je n'ai pas reussi à reparer le probleme tout seul. Je ne suis pas un génie de l'informatique mais je connais quelques termes
Je vous remercie par avance pour votre aide

46 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

La discussion porte sur des redirections de recherches Google et une lenteur de navigation après avoir cliqué sur un lien reçu, sous Windows Vista et Internet Explorer 7.
Plusieurs propositions suggèrent d’éliminer des éléments indésirables et d’analyser le système avec des outils de sécurité tels que HijackThis, ToolsCleaner ou UsbFix pour déceler les redirections et les extensions indésirables.
D'autres conseils évoquent de nettoyer les programmes suspects, désactiver les barres d'outils ou réinitialiser les paramètres de navigation, et de vérifier les rapports générés pour écarter malware ou adware.
Une nuance utile : les symptômes peuvent provenir de plusieurs extensions ou programmes résidents en démarrage, et il peut être pertinent d’analyser les processus et les téléchargements récents pour cibler les sources.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo, bienvenu sur CCM

    On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
    http://images.malwareremoval.com/random/RSIT.exe

    - Clique droit sur RSIT.exe qui est sur le bureau et choisir exécuter en tant qu'administrateur

    - Clique sur Continue dans la fenêtre
    - RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
    - Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l'analyse

    Les rapports sont dans le dossier ici C:\rsit

    @++ :)
    0
    1. yohanaldo Messages postés 63 Statut Membre 3
       
      Tout d'abord merci de t'interesser à mon probleme, comme tu me l'as demandé voici le rapport : log.txt + info.txt

      Logfile of random's system information tool 1.06 (written by random/random)
      Run by yohan at 2010-04-19 20:25:04
      Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
      System drive C: has 30 GB (13%) free of 226 GB
      Total RAM: 3070 MB (47% free)

      HijackThis download failed

      ======Scheduled tasks folder======

      C:\Windows\tasks\Ad-Aware Update (Weekly).job
      C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      C:\Windows\tasks\User_Feed_Synchronization-{49B6D35B-DB48-4A59-BDD5-455EE97F972C}.job

      ======Registry dump======

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
      HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
      Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
      &Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
      Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
      Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
      Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2009-08-17 564624]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
      CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
      Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
      "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
      "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]
      "HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-11 98304]
      "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
      "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
      "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-06 1041704]
      "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
      "toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
      "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
      "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
      "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
      "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
      "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
      "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-08-17 85888]

      [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
      "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-03-03 323392]
      "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-01-14 1688872]
      "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
      "ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2009-12-19 1824040]
      "SpeedBitVideoAccelerator"=C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe [2009-05-18 2823784]

      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
      Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
      Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll [2008-03-29 103848]
      StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [2008-05-05 591128]
      Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll []

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
      "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
      "ConsentPromptBehaviorAdmin"=0
      "EnableLUA"=0
      "dontdisplaylastusername"=0
      "legalnoticecaption"=
      "legalnoticetext"=
      "shutdownwithoutlogon"=1
      "undockwithoutlogon"=1
      "EnableUIADesktopToggle"=0

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
      "BindDirectlyToPropertySetStorage"=

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
      "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
      shell\AutoRun\command - H:\SFR.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}]
      shell\AutoRun\command - E:\AUTORUN.EXE

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}]
      shell\AutoRun\command - E:\SFR.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}]
      shell\AutoRun\command - E:\AUTOSTARTER.EXE

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}]
      shell\AutoRun\command - E:\SFR.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}]
      shell\AutoRun\command - E:\SFR.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}]
      shell\AutoRun\command - F:\AUTOSTARTER.EXE


      ======File associations======

      .js - edit - C:\Windows\System32\Notepad.exe %1
      .js - open - C:\Windows\System32\WScript.exe "%1" %*

      ======List of files/folders created in the last 1 months======

      2010-04-19 20:25:04 ----DC---- C:\rsit
      2010-04-19 01:58:24 ----SHDC---- C:\Config.Msi
      2010-04-19 01:10:51 ----A---- C:\Windows\system32\lsdelete.exe
      2010-04-18 15:46:44 ----D---- C:\Program Files\Power IE
      2010-04-12 02:39:09 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}
      2010-04-12 02:38:32 ----D---- C:\ProgramData\Lavasoft
      2010-04-12 02:38:32 ----D---- C:\Program Files\Lavasoft
      2010-04-12 02:30:18 ----D---- C:\Program Files\CCleaner
      2010-04-12 01:50:41 ----A---- C:\Windows\msnfix.txt
      2010-04-11 16:53:24 ----D---- C:\Program Files\AxBx
      2010-04-11 02:53:32 ----D---- C:\Program Files\webserver
      2010-04-11 02:52:41 ----A---- C:\Windows\system32\captcha.dll
      2010-04-11 02:47:14 ----H---- C:\Windows\bill106.exe
      2010-04-09 19:19:29 ----D---- C:\Program Files\Microsoft Visual Studio
      2010-04-03 03:00:21 ----A---- C:\Windows\system32\browserchoice.exe
      2010-03-31 04:30:10 ----A---- C:\Windows\system32\mshtml.dll
      2010-03-31 04:30:09 ----A---- C:\Windows\system32\ieframe.dll
      2010-03-31 04:30:08 ----A---- C:\Windows\system32\wininet.dll
      2010-03-31 04:30:08 ----A---- C:\Windows\system32\urlmon.dll
      2010-03-31 04:30:08 ----A---- C:\Windows\system32\iertutil.dll
      2010-03-31 04:30:07 ----A---- C:\Windows\system32\occache.dll
      2010-03-31 04:30:07 ----A---- C:\Windows\system32\mstime.dll
      2010-03-31 04:30:07 ----A---- C:\Windows\system32\msfeeds.dll
      2010-03-31 04:30:07 ----A---- C:\Windows\system32\ieui.dll
      2010-03-31 04:30:07 ----A---- C:\Windows\system32\iedkcs32.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\msfeedssync.exe
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\msfeedsbs.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\jsproxy.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\ieUnatt.exe
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\iesysprep.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\iesetup.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\iernonce.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\iepeers.dll
      2010-03-31 04:30:06 ----A---- C:\Windows\system32\ie4uinit.exe
      2010-03-30 23:46:31 ----D---- C:\Users\yohan\AppData\Roaming\Magic Academy
      2010-03-28 20:03:48 ----D---- C:\Program Files\Lavalys

      ======List of files/folders modified in the last 1 months======

      2010-04-19 20:25:18 ----D---- C:\Program Files\Trend Micro
      2010-04-19 20:25:12 ----D---- C:\Windows\prefetch
      2010-04-19 20:19:39 ----D---- C:\Users\yohan\AppData\Roaming\DNA
      2010-04-19 20:09:47 ----D---- C:\Windows\Temp
      2010-04-19 09:48:10 ----SHD---- C:\System Volume Information
      2010-04-19 04:02:26 ----A---- C:\Windows\NeroDigital.ini
      2010-04-19 03:55:30 ----D---- C:\Windows\Tasks
      2010-04-19 02:00:24 ----SHD---- C:\Windows\Installer
      2010-04-19 01:59:38 ----AD---- C:\Windows\System32
      2010-04-19 01:59:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
      2010-04-19 01:59:37 ----D---- C:\Windows\inf
      2010-04-19 01:52:13 ----D---- C:\Windows
      2010-04-19 01:51:36 ----D---- C:\Program Files\DNA
      2010-04-19 01:49:03 ----D---- C:\Program Files\Google
      2010-04-18 15:53:07 ----D---- C:\ProgramData\Google
      2010-04-18 15:51:36 ----SD---- C:\Users\yohan\AppData\Roaming\Microsoft
      2010-04-18 15:50:04 ----D---- C:\Windows\Web
      2010-04-18 15:46:44 ----RD---- C:\Program Files
      2010-04-18 01:51:34 ----D---- C:\Users\yohan\AppData\Roaming\BitTorrent
      2010-04-12 03:40:32 ----D---- C:\ProgramData\Microsoft Help
      2010-04-12 03:34:06 ----D---- C:\Windows\winsxs
      2010-04-12 03:33:50 ----RSD---- C:\Windows\assembly
      2010-04-12 03:27:00 ----D---- C:\Program Files\Common Files\microsoft shared
      2010-04-12 03:13:37 ----A---- C:\Windows\win.ini
      2010-04-12 02:51:13 ----D---- C:\Windows\system32\Tasks
      2010-04-12 02:40:13 ----DC---- C:\Windows\system32\DRVSTORE
      2010-04-12 02:40:13 ----D---- C:\Windows\system32\catroot
      2010-04-12 02:40:13 ----AD---- C:\Windows\system32\drivers
      2010-04-12 02:39:09 ----HD---- C:\ProgramData
      2010-04-12 02:32:49 ----D---- C:\Windows\Minidump
      2010-04-12 02:32:49 ----D---- C:\Windows\Debug
      2010-04-11 20:21:11 ----D---- C:\Program Files\Steam
      2010-04-11 20:20:11 ----D---- C:\Windows\system32\WDI
      2010-04-11 20:17:37 ----D---- C:\Windows\system32\Msdtc
      2010-04-11 20:17:31 ----D---- C:\Windows\system32\wbem
      2010-04-11 20:15:49 ----D---- C:\Windows\system32\config
      2010-04-11 20:15:20 ----D---- C:\Windows\system32\spool
      2010-04-11 20:15:20 ----D---- C:\Windows\system32\CodeIntegrity
      2010-04-11 20:15:20 ----D---- C:\Windows\system32\catroot2
      2010-04-11 20:15:08 ----D---- C:\ProgramData\HP Product Assistant
      2010-04-11 20:15:08 ----D---- C:\Program Files\Microsoft Works
      2010-04-11 20:15:05 ----D---- C:\Windows\registration
      2010-04-09 19:19:49 ----D---- C:\Program Files\MSBuild
      2010-04-09 19:19:31 ----D---- C:\Program Files\Microsoft Office
      2010-04-09 19:15:04 ----D---- C:\Program Files\Microsoft Visual Studio 8
      2010-04-09 19:14:55 ----D---- C:\Windows\ShellNew
      2010-04-09 18:53:51 ----D---- C:\Program Files\Common Files\InstallShield
      2010-04-09 18:53:46 ----HD---- C:\Program Files\InstallShield Installation Information
      2010-04-02 03:16:11 ----D---- C:\Windows\system32\migration
      2010-04-02 03:16:11 ----D---- C:\Program Files\Internet Explorer
      2010-03-23 02:25:22 ----D---- C:\Program Files\BetClic Poker

      ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
      R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
      R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
      R1 dmoko;Agnitum 4.0 Explorer Pages Driver InfoTech Workstation; \??\C:\Windows\system32\drivers\ndisoko.sys [2009-04-11 32768]
      R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
      R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-01-19 5632]
      R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
      R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
      R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-31 279712]
      R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-31 25888]
      R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
      R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
      R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
      R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-10 3839488]
      R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
      R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
      R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
      R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
      R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
      R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-06-26 3662848]
      R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-05-29 146848]
      R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
      R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
      R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-06 198960]
      R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
      S3 alp61tex;alp61tex; C:\Windows\system32\drivers\alp61tex.sys []
      S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
      S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-28 23040]
      S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
      S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-28 507904]
      S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-28 30208]
      S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
      S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
      S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
      S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
      S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
      S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
      S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
      S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
      S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
      S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
      S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
      S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
      S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-07-28 149504]
      S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
      S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
      S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
      S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
      S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
      S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
      S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
      S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
      S3 usbanyka;USB Web Camera; C:\Windows\system32\DRIVERS\UsbAnyka.sys [2007-11-13 17536]
      S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
      S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
      S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
      S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
      S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
      S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
      S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
      S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
      S3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
      S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
      S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
      S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

      ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

      R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
      R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
      R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
      R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
      R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-10 692224]
      R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
      R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
      R2 captcha;captcha; C:\Windows\system32\svchost.exe [2008-01-21 21504]
      R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
      R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
      R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]
      R2 ipokoraid;Control Software Computer Property; C:\Windows\system32\svchost.exe [2008-01-21 21504]
      R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1229232]
      R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
      R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
      R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
      R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2009-05-18 288368]
      R2 webserver;webserver; C:\Program Files\webserver\webserver.exe [2010-04-11 13824]
      R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
      R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
      R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
      R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
      R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
      S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
      S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
      S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
      S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
      S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-28 647680]
      S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
      S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
      S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
      S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
      S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
      S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-08-21 149352]
      S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
      S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-22 104944]
      S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]

      -----------------EOF-----------------
      0
  2. yohanaldo Messages postés 63 Statut Membre 3
     
    le rapport info.txt :

    info.txt logfile of random's system information tool 1.06 2010-04-19 20:25:21

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
    Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
    Ad-Aware-->"C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
    Ad-Aware-->C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
    Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
    Adobe Photoshop Elements 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobePE6*
    Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
    Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
    Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    ATI Display Driver V8.510.0.0000-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VGA*
    ATK Hotkey UTILITY V1.00.0037-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ATKHotkey*
    ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x040c -removeonly
    Auslogics Disk Defrag-->"C:\Program Files\Auslogics\Auslogics Disk Defrag\unins000.exe"
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    BetClic Poker-->C:\PROGRA~1\BETCLI~1\UNWISE.EXE C:\PROGRA~1\BETCLI~1\INSTALL.LOG
    BitTorrent-->C:\Program Files\BitTorrent\uninst.exe
    Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
    Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
    CamStudio 2.0 Fr-->"C:\Program Files\CamStudio\unins000.exe"
    Cartoonist 1.3-->"C:\Program Files\Cartoonist\unins000.exe"
    Catalyst Control Center - Branding-->MsiExec.exe /I{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    DeskScapes-->C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\INSTALL.LOG
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DreamMaker-->C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\INSTALL.LOG
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    EVEREST Corporate Edition v5.30-->"C:\Program Files\Lavalys\EVEREST Corporate Edition\unins000.exe"
    Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
    Gestionnaire de Connexion SFR 2009.09-->"C:\Program Files\SFR\Gestionnaire de Connexion SFR\unins000.exe"
    Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
    Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Google Web Accelerator-->MsiExec.exe /X{6A1975EB-27E6-491D-94BC-6355FA25F40F}
    GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
    GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
    HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B46AC30C-22D2-4610-B041-1DA7BB29EB57}\setup\hpzscr01.exe -datfile hposcr21.dat
    HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{818ABC3C-635C-4651-8183-D0E9640B7DD1}
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
    Indeo® Software-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Intel A/V Codecs V2.0-->C:\Windows\IsUninst.exe -fC:\Windows\system32\CDUninst.isu
    Intel Wireless WiFi Link Adapters Ver12.0.0.82-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *WLAN*
    Intel(R) Matrix Storage Manager V8.2.0.1001-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *IMSM*
    Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
    ITECIR Vista Driver V5.0.4.6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CIR*
    ITECIR-->C:\Program Files\InstallShield Installation Information\{40580068-9B10-40B5-9548-536CE88AB23C}\setup.exe -runfromtemp -l0x040c -removeonly
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    KaraFun 1.18-->"C:\Program Files\KaraFun\unins000.exe"
    K-Lite Codec Pack 4.4.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LFP MANAGER 08-->C:\Program Files\EA SPORTS\LFP MANAGER 08\eauninstall.exe
    LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe"
    ManyCam 2.4 (remove only)-->"C:\Program Files\ManyCam 2.4\uninstall.exe"
    MAX_FR_Atube Toolbar-->C:\PROGRA~1\MAX_FR~1\UNWISE.EXE /U C:\PROGRA~1\MAX_FR~1\INSTALL.LOG
    Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Mondo 2010 (Beta)-->MsiExec.exe /X{20140000-000F-0000-0000-0000000FF1CE}
    Microsoft Office Mondo 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall MONDO /dll OSETUP.DLL
    Microsoft Office MondoOnly MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0102-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-001A-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0018-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0115-0409-0000-0000000FF1CE}
    Microsoft Office SharePoint Designer MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0017-0409-0000-0000000FF1CE}
    Microsoft Office Visio MUI (English) 2010 (Beta)-->MsiExec.exe /X{20140000-0054-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*
    Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
    Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
    Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
    Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
    Packardbell EcoButton UTILITY V1.00.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *EcoButton*
    Packardbell_EcoBtn-->C:\Program Files\InstallShield Installation Information\{7DBCD0B0-F5E1-4072-9B68-EBF32B322756}\setup.exe -runfromtemp -l0x0009 -removeonly
    Photo! Web Album 1.2-->"C:\Program Files\Photo!\Photo! Web Album\unins000.exe"
    Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
    Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2*
    Poker 770-->"C:\Poker\Poker 770\_SetupCasino_5725_EN.exe" /uninstall
    Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
    Realtek High Definition Audio Driver V6.0.1.5643-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO*
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
    Realtek PCI-E Gigabit Ethernet Driver V6.206.0502.2008-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LAN*
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *RICOH*
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x40c anything
    SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
    Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
    SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
    Skype 3.6.2.248-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
    Skype(TM) 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    SpeedBit Video Accelerator-->"C:\Program Files\SpeedBit Video Accelerator\VARemove.exe" temp
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    StyleXP (remove only)-->"C:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
    Synaptics Pointing Device driver Ver11.0.4.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *TOUCHPAD*
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Torrent101-->C:\Program Files\Torrent101\uninst.exe
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Outlook 2007 Junk Email Filter (kb979895)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D45674C6-9127-4C84-8826-93FBC552DF53}
    USB 2.0 1.3M UVC WebCam Camera driver V61.005.029.190-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CAMERA*
    USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
    Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
    Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
    Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    X10 Hardware(TM)-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

    ======Security center information======

    AV: BitDefender Antivirus
    FW: BitDefender Firewall
    AS: BitDefender Antispyware
    AS: Windows Defender

    ======System event log======
    0
  3. yohanaldo Messages postés 63 Statut Membre 3
     
    Computer Name: PC-de-yohan
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB968816(Security Update) à l'état Installation demandée(Install Requested)
    Record Number: 71050
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090910010503.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-yohan
    Event Code: 4376
    Message: Servicing a requis un redémarrage pour terminer la définition du package KB968816(Security Update) à l'état Installation demandée(Install Requested)
    Record Number: 71047
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090910010503.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-yohan
    Event Code: 4374
    Message: Windows Servicing a déterminé que ce package KB968816(Security Update) n'est pas applicable à ce système.
    Record Number: 71007
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090910010458.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-yohan
    Event Code: 4374
    Message: Windows Servicing a déterminé que ce package KB905866(Update) n'est pas applicable à ce système.
    Record Number: 70911
    Source Name: Microsoft-Windows-Servicing
    Time Written: 20090910010225.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-yohan
    Event Code: 7000
    Message: Le service Profos n'a pas pu démarrer en raison de l'erreur :
    Cette demande n'est pas prise en charge.
    Record Number: 70822
    Source Name: Service Control Manager
    Time Written: 20090910000005.000000-000
    Event Type: Erreur
    User:

    =====Application event log=====

    Computer Name: PC-de-yohan
    Event Code: 1008
    Message: Le service Windows Search tente de supprimer l'ancien catalogue.

    Record Number: 937
    Source Name: Microsoft-Windows-Search
    Time Written: 20090106173800.000000-000
    Event Type: Avertissement
    User:

    Computer Name: PC-de-yohan
    Event Code: 1530
    Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

    DÉTAIL -
    16 user registry handles leaked from \Registry\User\S-1-5-21-2881880658-3555428079-2209020445-1000:
    Process 644 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\trust
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\My
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\CA
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Policies\Microsoft\SystemCertificates
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\Root
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\Disallowed
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
    Process 1824 (\Device\HarddiskVolume2\Program Files\Common Files\Symantec Shared\ccSvcHst.exe) has opened key \REGISTRY\USER\S-1-5-21-2881880658-3555428079-2209020445-1000\Software\Microsoft\SystemCertificates\TrustedPeople

    Record Number: 917
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20090106173500.000000-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-yohan
    Event Code: 8194
    Message: Erreur du service de cliché instantané des volumes : erreur lors de l'interrogation de l'interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

    Opération :
    Données du rédacteur en cours de collecte

    Contexte :
    ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}
    Nom du rédacteur: System Writer
    ID d'instance du rédacteur: {953ddc91-0777-4ed6-a326-27bbf5623234}
    Record Number: 907
    Source Name: VSS
    Time Written: 20090106173015.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-yohan
    Event Code: 10
    Message: Le filtre d'événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n'a pas pu être réactivé dans l'espace de noms « //./root/CIMV2 » à cause de l'erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 820
    Source Name: Microsoft-Windows-WMI
    Time Written: 20090106152144.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-yohan
    Event Code: 1008
    Message: Le service Windows Search tente de supprimer l'ancien catalogue.

    Record Number: 816
    Source Name: Microsoft-Windows-Search
    Time Written: 20090106152141.000000-000
    Event Type: Avertissement
    User:

    =====Security event log=====

    Computer Name: PC-de-yohan
    Event Code: 4634
    Message: Fermeture de session d'un compte.

    Sujet :
    ID de sécurité : S-1-5-21-2881880658-3555428079-2209020445-1000
    Nom du compte : yohan
    Domaine du compte : PC-de-yohan
    ID du compte : 0x12cfc8e9

    Type d'ouverture de session : 7

    Cet événement est généré lorsqu'une session ouverte est supprimée. Il peut être associé à un événement d'ouverture de session en utilisant la valeur ID d'ouverture de session. Les ID d'ouverture de session ne sont uniques qu'entre les redémarrages sur un même ordinateur.
    Record Number: 24312
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090917155616.297800-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-yohan
    Event Code: 5032
    Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.

    Code d'erreur : 2
    Record Number: 24311
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090917155612.460800-000
    Event Type: Échec de l'audit
    User:

    Computer Name: PC-de-yohan
    Event Code: 5032
    Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.

    Code d'erreur : 2
    Record Number: 24310
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090917155612.460800-000
    Event Type: Échec de l'audit
    User:

    Computer Name: PC-de-yohan
    Event Code: 5032
    Message: Le Pare-feu Windows n'a pas pu notifier l'utilisateur qu'il a empêché une application d'accepter des connexions entrantes sur le réseau.

    Code d'erreur : 2
    Record Number: 24309
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090917155612.460800-000
    Event Type: Échec de l'audit
    User:

    Computer Name: PC-de-yohan
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d'ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 24308
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090917133532.764200-000
    Event Type: Succès de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "DFSTRACINGON"=FALSE
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=2
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_REVISION"=1706
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%

    -----------------EOF-----------------

    J'ai parcelé la reponse parce que je n'arrive pas à tout envoyer d'un coup

    En attendant de tes nouvelles, je te remercie encore pour ton aide
    0
  4. moisalim1
     
    Je pense que vous devriez expliqué votre problème un peu différemment, mais plus juste. Votre windows est infecté, mais sûrement pas google.
    0
    1. yohanaldo Messages postés 63 Statut Membre 3
       
      bonsoir l'ordi fonctionne tres bien en revanche google me redirige vers d'autres sites non souhaités ce qui ne me le fait pas quand j'utilise un autre moteur de recherche
      Seul google a se probleme
      voila les faits apres je ne suis pas specialiste en informatique donc j ecoute les conseils
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    Télécharge et installe UsbFix par El Desaparecido , C_XX & Chimay8
    http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe

    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir.

    * Faire un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur".

    * Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    * Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

    * Laisse travailler l'outil.

    * Ensuite poste le rapport UsbFix.txt qui apparaitra.

    Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Note2 : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    * Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html

    @++ :)
    0
  7. yohanaldo Messages postés 63 Statut Membre 3
     
    Re dédétraqué

    Voici le rapport de UsbFix :

    ############################## | UsbFix V6.106 |

    User : yohan (Administrateurs) # PC-DE-YOHAN
    Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 02:30:22 | 21/04/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
    Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18904
    Windows Firewall Status : Enabled
    AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
    FW : BitDefender Firewall[ Enabled ]12.0

    C:\ -> Disque fixe local # 220,88 Go (29,28 Go free) [HDD] # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM

    ################## | Elements infectieux |

    C:\Windows\System32\autorun.inf

    ################## | Registre |

    ################## | Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\H
    shell\AutoRun\command =H:\SFR.exe

    HKCU\..\..\Explorer\MountPoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}
    shell\AutoRun\command =E:\AUTORUN.EXE

    HKCU\..\..\Explorer\MountPoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}
    shell\AutoRun\command =E:\SFR.exe

    HKCU\..\..\Explorer\MountPoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}
    shell\AutoRun\command =E:\AUTOSTARTER.EXE

    HKCU\..\..\Explorer\MountPoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}
    shell\AutoRun\command =E:\SFR.exe

    HKCU\..\..\Explorer\MountPoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}
    shell\AutoRun\command =E:\SFR.exe

    HKCU\..\..\Explorer\MountPoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}
    shell\AutoRun\command =F:\AUTOSTARTER.EXE

    ################## | Vaccin |

    (!) Cet ordinateur n'est pas vacciné !

    ################## | ! Fin du rapport # UsbFix V6.106 ! |
    0
    1. yohanaldo Messages postés 63 Statut Membre 3
       
      Merci encore pour ton implication
      0
  8. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    (!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, caméra, Carte SD, etc...) susceptible d avoir été infectés sans les ouvrir

    Pour Vita/7 faire un clique droit sur le raccourci UsbFix présent sur ton bureau et choisi "Exécuter en tant qu'administrateur".

    * Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    * Au second menu Choisis l'option " 2 " ( Suppression ) et tape sur [entrée]

    * Ton bureau disparaîtra et le pc redémarrera.

    * Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.

    * Ensuite poste le rapport UsbFix.txt qui apparaîtra avec le bureau.

    * Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    -----

    Télécharge et installe MalwareByte's Anti-Malware
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    - Mets le à jour

    ---

    - Redémarre en mode sans échec :

    Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

    ---

    - Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
    - Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
    - clique sur Rechercher

    - Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur OK

    - Si MalwareByte's n'a rien détecté, clique sur OK Un rapport va apparaître ferme-le.

    - Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

    - Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

    Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur OK

    Tutoriel pour MalwareByte's ici :
    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    @++ :)
    0
  9. yohanaldo Messages postés 63 Statut Membre 3
     
    Bonjour voici le rapport de UsbFix :

    ############################## | UsbFix V6.106 |

    User : yohan (Administrateurs) # PC-DE-YOHAN
    Update on 19/04/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 14:16:35 | 21/04/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
    Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18904
    Windows Firewall Status : Enabled
    AV : BitDefender Antivirus 12.0 [ Enabled | Updated ]
    FW : BitDefender Firewall[ Enabled ]12.0

    C:\ -> Disque fixe local # 220,88 Go (29,22 Go free) [HDD] # NTFS
    D:\ -> Disque CD-ROM
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM

    ################## | Elements infectieux |

    Supprimé ! C:\Windows\System32\autorun.inf
    Supprimé ! C:\$Recycle.Bin\S-1-5-18
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-2881880658-3555428079-2209020445-1000
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-2881880658-3555428079-2209020445-501

    ################## | Registre |

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\H\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{30110ff9-d9d4-11de-92cd-ac11ea6793e7}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{44ec625a-8a1d-11de-86bb-890121e050c7}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a7177b77-52d9-11de-9e94-f228c1dab0e1}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{bbebe755-7ca5-11de-9b4d-bc1bf3e599f2}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{bbebe77c-7ca5-11de-9b4d-00a0c6000000}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{f1edff29-de54-11dd-817d-c471b15de9e1}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [21/04/2010 14:16|--a--c---|850] C:\aaw7boot.log
    [18/09/2006 23:43|--a--c---|24] C:\autoexec.bat
    [11/04/2009 08:36|-rahs----|333257] C:\bootmgr
    [28/07/2008 21:52|-ra-sc---|8192] C:\BOOTSECT.BAK
    [28/03/2010 17:44|--a--c---|74] C:\CMLoader.log
    [18/09/2006 23:43|--a--c---|10] C:\config.sys
    [23/04/2008 17:10|--a--c---|2916] C:\files.crc
    [?|?|?] C:\hiberfil.sys
    [02/05/2007 12:03|--a--c---|267864] C:\hpzids01.dll
    [09/01/2009 21:02|-rahsc---|0] C:\IO.SYS
    [09/01/2009 21:02|-rahsc---|0] C:\MSDOS.SYS
    [?|?|?] C:\pagefile.sys
    [28/07/2008 12:34|--a--c---|650] C:\RHDSetup.log
    [24/06/2008 23:41|--a--c---|735209472] C:\Serial.noceurs.French.DVDRiP.DivX.FTT.avi
    [28/07/2008 12:37|--a------|86] C:\setup.log
    [27/08/2009 23:47|--a------|54154] C:\test.log
    [14/10/2009 00:30|--a------|909] C:\updatedatfix.log
    [21/04/2010 14:20|--a--c---|2678] C:\UsbFix.txt

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

    ################## | Upload |

    Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_PC-de-yohan.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.106 ! |
    0
  10. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    Faire l'autre partie, le scan avec MalwareByte's Anti-Malware.

    @++ :)
    0
  11. yohanaldo Messages postés 63 Statut Membre 3
     
    Bonsoir le scan de MalwareByte me fait beuguer l'ordi à chaque fois (c'est à dire qu'il s'eteint tout seul) donc je fais au mieux pour te le poster vite
    0
  12. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    Fais alors un examen rapide en mode normal.

    @++ :)
    0
  13. yohanaldo Messages postés 63 Statut Membre 3
     
    Bonjour j ai enfin reussi a faire un scan avec malwarebytes sur lequel il a detecté 39 infections. Je les ai supprimé et apparemment google refonctionne
    Je suis dsl d'avoir attendu 15 jours mais je te promet que c'est un miracle d'avoir fait le scan en entier sans coupure d'ordi
    Si tu peux et si tu souhaite toujours m'aider voici le rapport
    cordialement

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Version de la base de données: 4014

    Windows 6.0.6002 Service Pack 2 (Safe Mode)
    Internet Explorer 8.0.6001.18904

    04/05/2010 08:11:39
    mbam-log-2010-05-04 (08-11-39).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 112192
    Temps écoulé: 4 minute(s), 49 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 9
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 3
    Fichier(s) infecté(s): 25

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ipokoraid (Worm.Koobface) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmoko (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DMOKO (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webserver (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rpcssc (Worm.KoobFace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\captcha (Worm.KoobFace) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\Skins (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101 (Trojan.Swizzor) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Windows\System32\captcha.dll (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Windows\System32\certoko.dll (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Windows\System32\drivers\ndisoko.sys (Worm.Koobface) -> Quarantined and deleted successfully.
    C:\Windows\bill106.exe (PWS.Ldpinch) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\icon-uninstall.ico (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\session.store (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\settings.ini (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\settings.stp (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\SkinCrafterDll.dll (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\state.dht (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\Torrent101.url (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\uninst.exe (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Program Files\Torrent101\Skins\Zorg.skf (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101\HomePage.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Users\yohan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent101\Uninstall.lnk (Trojan.Swizzor) -> Quarantined and deleted successfully.
    C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
    C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
    C:\Program Files\webserver\webserver.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Windows\kdiue732.txt (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Users\yohan\Local Settings\Application Data\010112010146100109.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\yohan\Local Settings\Application Data\010112010146114111.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\yohan\Local Settings\Application Data\010112010146115119.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\yohan\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\yohan\Local Settings\Application Data\rdr_1271010025.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    C:\Users\yohan\Local Settings\Application Data\rdr_1271010364.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
    0
  14. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    Refais un scan avec RSIT et poste le contenu du rapport log.txt à la fin de l'analyse

    Le rapport est dans le dossier ici C:\rsit

    @++ :)
    0
  15. yohanaldo Messages postés 63 Statut Membre 3
     
    Salut à toi, voici le rapport log.txt :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by yohan at 2010-05-05 18:35:29
    Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
    System drive C: has 25 GB (11%) free of 226 GB
    Total RAM: 3070 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:35:57, on 05/05/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18904)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\ATK Hotkey\HControlUser.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\ManyCam 2.4\ManyCam.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\yohan\Desktop\RSIT.exe
    C:\Program Files\trend micro\yohan.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Luxand Blink!] C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe /s
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    O8 - Extra context menu item: Se&nd to OneNote - res:///105
    O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: Groom - {66F83792-DAE1-4823-8F20-ADA94B33A4FF} - C:\Program Files\Toox\Groom\Groom.exe (HKCU)
    O13 - Gopher Prefix:
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
    O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
    O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - (no file)
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: Service SFR Gestionnaire Connexion (ServiceSFRABCD) - SFR & Celliance - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    0
  16. yohanaldo Messages postés 63 Statut Membre 3
     
    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
    IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-04-26 193968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]
    &Google Web Accelerator Helper - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2009-08-17 564624]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]
    "HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-11 98304]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-06 1041704]
    "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
    "toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
    "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-08-17 85888]
    "Luxand Blink!"=C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe [2010-02-10 6844728]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2010-03-03 323392]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-01-14 1688872]
    "ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2009-12-19 1824040]
    "IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-04-29 3220912]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll [2008-03-29 103848]
    StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [2008-05-05 591128]
    Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD}

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2009-08-21 4139912]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=0
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=255
    "NoDriveTypeAutoRun"=255
    "HonorAutoRunSetting"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-05-05 17:01:47 ----D---- C:\Program Files\DAEMON Tools Lite
    2010-05-04 14:59:25 ----A---- C:\Windows\system32\ntoskrnl.exe
    2010-05-04 14:59:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2010-05-04 14:59:20 ----A---- C:\Windows\system32\vbscript.dll
    2010-05-04 14:59:05 ----A---- C:\Windows\system32\iphlpsvc.dll
    2010-05-04 14:52:26 ----A---- C:\Windows\system32\wintrust.dll
    2010-05-04 14:52:24 ----A---- C:\Windows\system32\cabview.dll
    2010-05-03 14:10:08 ----D---- C:\Users\yohan\AppData\Roaming\IDM
    2010-05-03 14:10:08 ----D---- C:\Users\yohan\AppData\Roaming\DMCache
    2010-05-03 14:09:45 ----D---- C:\Program Files\Internet Download Manager
    2010-05-03 14:04:41 ----D---- C:\Users\yohan\AppData\Roaming\Luxand
    2010-05-03 14:03:02 ----A---- C:\Windows\system32\LuxandCredentialProvider.dll
    2010-05-03 14:03:01 ----A---- C:\Windows\system32\LuxandBlinkLib12.dll
    2010-05-03 14:03:00 ----A---- C:\Windows\system32\LuxandBlinkLib11.dll
    2010-05-03 14:02:55 ----D---- C:\Program Files\Luxand
    2010-05-03 14:02:55 ----A---- C:\Windows\system32\LuxandBlinkLib1.dll
    2010-05-03 14:02:55 ----A---- C:\Windows\system32\LuxandBlink.dll
    2010-05-03 13:34:37 ----D---- C:\Program Files\Yamicsoft
    2010-04-29 16:22:23 ----A---- C:\Windows\system32\idmmbc.dll
    2010-04-26 18:55:46 ----D---- C:\ProgramData\Astar Games
    2010-04-21 15:08:03 ----A---- C:\Windows\ntbtlog.txt
    2010-04-21 14:50:51 ----D---- C:\Users\yohan\AppData\Roaming\Malwarebytes
    2010-04-21 14:49:50 ----D---- C:\ProgramData\Malwarebytes
    2010-04-21 14:49:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2010-04-21 14:20:54 ----RASHDC---- C:\autorun.inf
    2010-04-21 14:16:29 ----AC---- C:\UsbFix.txt
    2010-04-21 02:13:11 ----DC---- C:\UsbFix
    2010-04-19 20:25:04 ----DC---- C:\rsit
    2010-04-19 01:10:51 ----A---- C:\Windows\system32\lsdelete.exe
    2010-04-18 15:46:44 ----D---- C:\Program Files\Power IE
    2010-04-12 02:39:09 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}
    2010-04-12 02:38:32 ----D---- C:\ProgramData\Lavasoft
    2010-04-12 02:38:32 ----D---- C:\Program Files\Lavasoft
    2010-04-12 02:30:18 ----D---- C:\Program Files\CCleaner
    2010-04-12 01:50:41 ----A---- C:\Windows\msnfix.txt
    2010-04-11 16:53:24 ----D---- C:\Program Files\AxBx
    2010-04-11 02:53:32 ----D---- C:\Program Files\webserver
    2010-04-09 19:19:29 ----D---- C:\Program Files\Microsoft Visual Studio
    0
  17. yohanaldo Messages postés 63 Statut Membre 3
     
    ======List of files/folders modified in the last 1 months======

    2010-05-05 18:35:57 ----D---- C:\Program Files\Trend Micro
    2010-05-05 18:27:51 ----D---- C:\Users\yohan\AppData\Roaming\DNA
    2010-05-05 17:22:57 ----D---- C:\Windows\winsxs
    2010-05-05 17:08:16 ----D---- C:\Windows
    2010-05-05 17:07:38 ----D---- C:\Program Files\DNA
    2010-05-05 17:07:16 ----D---- C:\Windows\Temp
    2010-05-05 17:07:05 ----D---- C:\Windows\Tasks
    2010-05-05 17:01:47 ----RD---- C:\Program Files
    2010-05-05 17:00:54 ----D---- C:\Program Files\SpeedBit Video Accelerator
    2010-05-05 17:00:52 ----AD---- C:\Windows\System32
    2010-05-05 17:00:26 ----D---- C:\Windows\prefetch
    2010-05-05 16:56:48 ----D---- C:\Windows\system32\catroot
    2010-05-05 16:50:46 ----AD---- C:\Windows\system32\drivers
    2010-05-05 16:50:45 ----D---- C:\Program Files\Windows Mail
    2010-05-05 16:50:43 ----RSD---- C:\Windows\Fonts
    2010-05-04 22:17:26 ----SHD---- C:\Windows\Installer
    2010-05-04 22:17:20 ----D---- C:\ProgramData\Microsoft Help
    2010-05-04 22:14:33 ----D---- C:\Windows\Debug
    2010-05-04 22:13:37 ----RSD---- C:\Windows\assembly
    2010-05-04 22:08:42 ----SHD---- C:\System Volume Information
    2010-05-04 15:00:23 ----D---- C:\Windows\system32\catroot2
    2010-05-04 08:12:54 ----D---- C:\Windows\PolicyDefinitions
    2010-05-03 19:57:39 ----D---- C:\Windows\system32\config
    2010-05-03 14:36:01 ----D---- C:\Users\yohan\AppData\Roaming\BitTorrent
    2010-05-03 14:32:32 ----D---- C:\Program Files\WinRAR
    2010-05-03 13:34:44 ----SD---- C:\Users\yohan\AppData\Roaming\Microsoft
    2010-05-01 19:15:29 ----D---- C:\Windows\inf
    2010-05-01 19:15:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2010-05-01 04:13:43 ----A---- C:\Windows\NeroDigital.ini
    2010-04-26 18:55:46 ----HD---- C:\ProgramData
    2010-04-25 16:35:56 ----D---- C:\Users\yohan\AppData\Roaming\Samsung
    2010-04-25 16:27:57 ----HD---- C:\Program Files\InstallShield Installation Information
    2010-04-24 17:48:34 ----RD---- C:\Users
    2010-04-21 14:19:53 ----SHD---- C:\$RECYCLE.BIN
    2010-04-19 01:49:03 ----D---- C:\Program Files\Google
    2010-04-18 15:53:07 ----D---- C:\ProgramData\Google
    2010-04-18 15:50:04 ----D---- C:\Windows\Web
    2010-04-12 03:27:00 ----D---- C:\Program Files\Common Files\microsoft shared
    2010-04-12 03:13:37 ----A---- C:\Windows\win.ini
    2010-04-12 02:51:13 ----D---- C:\Windows\system32\Tasks
    2010-04-12 02:40:13 ----DC---- C:\Windows\system32\DRVSTORE
    2010-04-12 02:32:49 ----D---- C:\Windows\Minidump
    2010-04-11 20:21:11 ----D---- C:\Program Files\Steam
    2010-04-11 20:20:11 ----D---- C:\Windows\system32\WDI
    2010-04-11 20:17:37 ----D---- C:\Windows\system32\Msdtc
    2010-04-11 20:17:31 ----D---- C:\Windows\system32\wbem
    2010-04-11 20:15:20 ----D---- C:\Windows\system32\spool
    2010-04-11 20:15:20 ----D---- C:\Windows\system32\CodeIntegrity
    2010-04-11 20:15:08 ----D---- C:\ProgramData\HP Product Assistant
    2010-04-11 20:15:08 ----D---- C:\Program Files\Microsoft Works
    2010-04-11 20:15:05 ----D---- C:\Windows\registration
    2010-04-09 19:19:49 ----D---- C:\Program Files\MSBuild
    2010-04-09 19:19:31 ----D---- C:\Program Files\Microsoft Office
    2010-04-09 19:15:04 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2010-04-09 19:14:55 ----D---- C:\Windows\ShellNew
    2010-04-09 18:53:51 ----D---- C:\Program Files\Common Files\InstallShield
    2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
    R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
    R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
    R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-31 279712]
    R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-31 25888]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
    R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-10 3839488]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
    R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-06-26 3662848]
    R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-05-29 146848]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-06 198960]
    R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
    S3 ayw8zk3z;ayw8zk3z; C:\Windows\system32\drivers\ayw8zk3z.sys []
    S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-07-28 23040]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
    S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-07-28 507904]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-07-28 30208]
    S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
    S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
    S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
    S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
    S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2008-10-29 7680]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-07-28 149504]
    S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
    S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
    S3 usbanyka;USB Web Camera; C:\Windows\system32\DRIVERS\UsbAnyka.sys [2007-11-13 17536]
    S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
    S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2008-10-15 104960]
    S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\Windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
    S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2008-10-29 105344]
    S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2008-10-15 104960]
    S3 ZTEusbvoice;ZTE VoUSB Port; C:\Windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
    R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-10 692224]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
    R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1229232]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion; C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [2009-09-01 657024]
    R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
    R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
    S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664]
    S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-28 647680]
    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-24 30192]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-08-21 30510960]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-08-21 149352]
    S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-08-21 4639136]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-12-22 104944]
    S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]

    -----------------EOF-----------------
    0
  18. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    Supprime ce dossier en gras :
    C:\Program Files\webserver

    As-tu encore des redirections Google?

    @++ :)
    0
  19. yohanaldo Messages postés 63 Statut Membre 3
     
    Re dédétraqué, je n'ai plus de redirection Google et j'ai retrouvé une vitesse de navigation excellente

    Je te remercie encore beaucoup
    0
  20. dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
     
    Salut yohanaldo

    OK super alors, on va vérifier si rien de caché :
    Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :

    https://www.eset.com/int/home/online-scanner/

    (coche toutes les cases à chaque fois, sauf les deux dernières a la fin du scan, sinon le rapport est supprimer)
    A la fin, colle le rapport : C:\Program Files\EsetOnlineScanner\log.txt

    @++ :)
    0
  21. yohanaldo Messages postés 63 Statut Membre 3
     
    Bonjour dédétraqué voici le rapport du scan :

    A noter qu'il a detecté 3 fichiers qu'il a mis en quarentaine, cependant je ne peux pas les mettre en ligne sinon CCM n'enregistre pas le message, j'ai essayé plusieurs fois et je me suis rendu compte que le probleme venait des liens des 3 fichiers

    Tout le reste du rapport y est

    merci ;)
    0
  • 1
  • 2
  • 3