Se connecter / S'enregistrer
Votre question

Virus cheval de troie, aidez moi !!!

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
Anonyme
27 Juillet 2010 00:30:41

Bonjour bonjour =)

Alors voila il y a pas si longtemps que sa j'ai découvert que mon pc avais quelques petit soucis louche ... c'est-à-dire..
Je pouvais ouvrir qu'une seule page firefox et que quand j'enlever la page j'étais obliger de redemarrer mon pc car firefox ne voulais pas se ré-ouvrir...

Du coup j'ai fait un scan et la, mon anti virus a découvert ce fameux cheval de troie TR/Horse.PCN et le fichier infecter est MSNcreative.46565.exe
Donc j'ai télécharger super anti spyware et la j'ai fait un scan compet et la.. il a découvert un nombre incalculable de fois les même cookies infecter a chaque fois que je refais un scan .. je l'est est tous mis en quarantaine

Et voila que hier j'ai refais un scan avais mon anti virus et il m'a découvert exactement le meme virus c'est-à-dire TR/Horse.PCN et le fichier infecter est aussi MSNcreative.46565.exe
J'ai bien vérifier c'est exactement le même...
Voila j'aimerais savoir comment faire pour virer tous ces fichier infecter et virus...
Merci d'avance :p  !

Autres pages sur : virus cheval troie aidez

28 Juillet 2010 01:30:58

Bonsoir,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+
Anonyme
28 Juillet 2010 20:31:48

C'est bien ça?

Logfile of random's system information tool 1.08 (written by random/random)
Run by ***** at 2010-07-28 20:28:19
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 27 GB (23%) free of 117 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:20, on 28/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Anais\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\Anais.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15506&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSof0.dll
O2 - BHO: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSof0.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files\Soft-Search\tbSof0.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar....
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 9015 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{62AA79D7-0F30-4360-A445-C2C2B280EC61}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09e55ba0-f9c6-4b81-82df-46853f6f7b3f}]
Soft-Search Toolbar - C:\Program Files\Soft-Search\tbSof0.dll [2010-07-01 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - Soft-Search Toolbar - C:\Program Files\Soft-Search\tbSof0.dll [2010-07-01 2515552]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll [2007-10-11 614400]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-06-05 33628160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-23 2403568]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Anais\Menu Démarrer\Programmes\Démarrage
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-07-23 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
antiwpa.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-07-28 20:23:53 ----D---- C:\Program Files\trend micro
2010-07-28 20:23:52 ----D---- C:\rsit
2010-07-27 00:02:34 ----D---- C:\WINDOWS\pss
2010-07-23 01:17:05 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-07-23 01:15:40 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-23 01:15:40 ----D---- C:\Documents and Settings\Anais\Application Data\SUPERAntiSpyware.com
2010-07-17 21:15:43 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2010-07-17 21:08:17 ----D---- C:\Documents and Settings\Anais\Application Data\HpUpdate
2010-07-17 21:07:27 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-15 01:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-11 20:52:53 ----D---- C:\Documents and Settings\Anais\Application Data\TS3Client
2010-07-11 20:48:55 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2010-07-04 12:58:37 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2010-07-04 12:58:36 ----D---- C:\Program Files\Avira
2010-07-04 12:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-07-04 10:38:59 ----D---- C:\Program Files\Perfect World France
2010-07-04 01:53:20 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-04 01:43:08 ----D---- C:\Program Files\MSXML 4.0
2010-07-04 00:22:26 ----A---- C:\WINDOWS\system32\muweb.dll
2010-07-04 00:22:26 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-03 23:05:23 ----D---- C:\Program Files\CCleaner
2010-07-03 22:42:54 ----D---- C:\Documents and Settings\Anais\Application Data\Malwarebytes
2010-07-03 22:42:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-03 01:35:25 ----D---- C:\Documents and Settings\Anais\Application Data\PhotoFiltre
2010-07-03 01:35:00 ----D---- C:\Program Files\Ask.com
2010-07-01 14:46:02 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-07-01 14:34:46 ----D---- C:\WINDOWS\Sun
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\java.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-06-29 14:39:03 ----D---- C:\WINDOWS\system32\appmgmt
2010-06-29 13:59:44 ----D---- C:\Program Files\TallStick
2010-06-29 13:41:53 ----D---- C:\Program Files\CASIO
2010-06-29 13:41:30 ----D---- C:\WINDOWS\Downloaded Installations

======List of files/folders modified in the last 1 months======

2010-07-28 20:27:32 ----D---- C:\WINDOWS\Prefetch
2010-07-28 20:23:53 ----RD---- C:\Program Files
2010-07-28 20:20:59 ----D---- C:\Documents and Settings\Anais\Application Data\Mumble
2010-07-28 20:17:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-28 20:16:22 ----D---- C:\Documents and Settings\Anais\Application Data\vlc
2010-07-28 20:16:18 ----D---- C:\WINDOWS\Temp
2010-07-28 20:16:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-28 20:15:45 ----D---- C:\WINDOWS
2010-07-27 15:40:06 ----D---- C:\WINDOWS\system32\drivers
2010-07-25 18:34:39 ----D---- C:\WINDOWS\Minidump
2010-07-25 13:01:50 ----SHD---- C:\WINDOWS\Installer
2010-07-25 13:01:46 ----SD---- C:\WINDOWS\Tasks
2010-07-25 13:01:42 ----D---- C:\Config.Msi
2010-07-24 12:16:47 ----D---- C:\Program Files\Mozilla Firefox
2010-07-23 15:02:43 ----HD---- C:\WINDOWS\inf
2010-07-23 01:16:15 ----SD---- C:\Documents and Settings\Anais\Application Data\Microsoft
2010-07-23 01:13:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2010-07-22 14:19:38 ----D---- C:\Program Files\World of Warcraft
2010-07-17 21:15:44 ----D---- C:\WINDOWS\WinSxS
2010-07-17 21:11:10 ----D---- C:\Program Files\HP
2010-07-15 11:30:54 ----D---- C:\WINDOWS\system32
2010-07-15 11:30:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-15 01:59:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-15 01:59:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-15 01:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-07-10 16:33:45 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2010-07-05 01:43:33 ----RSD---- C:\WINDOWS\assembly
2010-07-04 18:38:14 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-04 16:01:11 ----D---- C:\Program Files\Mumble
2010-07-04 02:12:31 ----A---- C:\WINDOWS\imsins.BAK
2010-07-04 02:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-04 02:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-04 02:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-04 02:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-04 02:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-04 02:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-04 02:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-07-04 02:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-04 02:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-04 02:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-04 02:08:16 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-04 02:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-07-04 02:04:39 ----D---- C:\Program Files\Movie Maker
2010-07-04 02:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-04 02:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-04 02:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-04 02:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-04 02:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-04 02:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-04 02:00:29 ----RSD---- C:\WINDOWS\Fonts
2010-07-04 02:00:04 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-07-04 01:59:16 ----D---- C:\Program Files\Microsoft Works
2010-07-04 01:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-04 01:56:12 ----D---- C:\Program Files\Internet Explorer
2010-07-04 01:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-04 01:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-04 01:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-04 01:52:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-04 01:52:15 ----D---- C:\Program Files\Outlook Express
2010-07-04 01:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-04 01:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-04 01:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-04 01:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-04 01:50:59 ----D---- C:\WINDOWS\Registration
2010-07-04 01:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-04 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-04 00:21:03 ----D---- C:\WINDOWS\ime
2010-07-03 01:34:48 ----D---- C:\Program Files\PhotoFiltre
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-01 15:16:19 ----D---- C:\Program Files\Soft-Search
2010-06-29 14:38:50 ----D---- C:\Program Files\InstallShield Installation Information
2010-06-29 14:00:38 ----A---- C:\WINDOWS\win.ini
2010-06-29 13:26:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-08-19 46080]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-05-25 142336]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-06-02 1374464]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-01 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Contenus similaires
28 Juillet 2010 22:15:30

Bonjour,

fais la manip' d' Ad-Remover (merci C_XX) et poste le rapport : Ici

A+
Anonyme
28 Juillet 2010 23:47:00

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 23:43:28 le 28/07/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Anais@LOL-12A2DCAE519 ( )

============== RECHERCHE ==============


0,Dossier trouvé: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
0,Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
0,Fichier trouvé: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
0,Dossier trouvé: C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\extensions\toolbar@ask.com
0,Fichier trouvé: C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\searchplugins\askcom.xml
0,Dossier trouvé: C:\DOCUME~1\Anais\LOCALS~1\Temp\AskSearch
0,Fichier trouvé: C:\DOCUME~1\Anais\LOCALS~1\Temp\ASKSUTBLOG
0,Fichier trouvé: C:\DOCUME~1\Anais\LOCALS~1\Temp\Del_AskHPRFF.VBS
0,Dossier trouvé: C:\Program Files\Ask.com
0,Dossier trouvé: C:\Documents and Settings\Anais\Local Settings\Application Data\AskToolbar
0,Dossier trouvé: C:\Documents and Settings\Anais\Local Settings\Application Data\Conduit
0,Dossier trouvé: C:\Program Files\Conduit
0,Dossier trouvé: C:\Documents and Settings\Anais\Local Settings\Application Data\Soft-Search
0,Dossier trouvé: C:\Program Files\Soft-Search
3,Fichier trouvé: C:\WINDOWS\Installer\d2884.msi

-- Fichier ouvert: C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.search.selectedEngine", "Ask.com");
Ligne trouvée: user_pref("extensions.asktb.cbid", "LH");
Ligne trouvée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne trouvée: user_pref("extensions.asktb.first-launch", true);
Ligne trouvée: user_pref("extensions.asktb.first-launch-url", "hxxp://divertissements.fr.msn.com/television/photo.a...
Ligne trouvée: user_pref("extensions.asktb.fresh-install", false);
Ligne trouvée: user_pref("extensions.asktb.l", "dis");
Ligne trouvée: user_pref("extensions.asktb.last-config-req", "1280082214545");
Ligne trouvée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne trouvée: user_pref("extensions.asktb.o", "15503");
Ligne trouvée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne trouvée: user_pref("extensions.asktb.qsrc", "2871");
Ligne trouvée: user_pref("extensions.asktb.r", "4");
Ligne trouvée: user_pref("extensions.asktb.search-suggestions-enabled", false);
Ligne trouvée: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{635abd67-4fe9-1...
Ligne trouvée: user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTF&o=15503&locale=f...
-- Fichier Fermé --


1,Clé trouvée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé trouvée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
1,Clé trouvée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
1,Clé trouvée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
1,Clé trouvée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
0,Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
0,Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2442941
0,Clé trouvée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
1,Clé trouvée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
0,Clé trouvée: HKLM\Software\Conduit
0,Clé trouvée: HKCU\Software\Ask.com
0,Clé trouvée: HKCU\Software\AskToolbar
0,Clé trouvée: HKCU\Software\Conduit
0,Clé trouvée: HKCU\Software\AppDataLow\AskBarDis
0,Clé trouvée: HKCU\Software\AppDataLow\AskHomePage
0,Clé trouvée: HKCU\Software\AppDataLow\AskToolbarInfo
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.8 (fr)] **

-- C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\Anais\\Bureau
browser.search.defaultenginename, Ask.com
browser.search.defaulturl, hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=
browser.search.selectedEngine, Ask.com
browser.startup.homepage_override.mstone, rv:1.9.2.8
keyword.URL, hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTF&o=15503&locale=fr_FR&apn_uid=05F3BB67-DF6B-45E1-B...

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Show_ToolBar: yes
Start Page: hxxp://fr.ask.com?o=15506&l=dis
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 28/07/2010 (6394 Octet(s))

Fin à: 23:45:22, 28/07/2010

============== E.O.F ==============
28 Juillet 2010 23:51:01

Bonsoir,

ensuite fais celle-ci : Ici

A+

Anonyme
29 Juillet 2010 00:02:25

======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 26/07/10 à 12:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:52:38 le 28/07/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Anais@LOL-12A2DCAE519 ( )

============== ACTION(S) ==============


0,Dossier supprimé: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
0,Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
0,Fichier supprimé: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
0,Dossier supprimé: C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\extensions\toolbar@ask.com
0,Fichier supprimé: C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\searchplugins\askcom.xml
0,Dossier supprimé: C:\DOCUME~1\Anais\LOCALS~1\Temp\AskSearch
0,Fichier supprimé: C:\DOCUME~1\Anais\LOCALS~1\Temp\ASKSUTBLOG
0,Fichier supprimé: C:\DOCUME~1\Anais\LOCALS~1\Temp\Del_AskHPRFF.VBS
0,Dossier supprimé: C:\Program Files\Ask.com
0,Dossier supprimé: C:\Documents and Settings\Anais\Local Settings\Application Data\AskToolbar
0,Dossier supprimé: C:\Documents and Settings\Anais\Local Settings\Application Data\Conduit
0,Dossier supprimé: C:\Program Files\Conduit
0,Dossier supprimé: C:\Documents and Settings\Anais\Local Settings\Application Data\Soft-Search
0,Dossier supprimé: C:\Program Files\Soft-Search
3,Fichier supprimé: C:\WINDOWS\Installer\d2884.msi

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
Ligne supprimée: user_pref("browser.search.selectedEngine", "Ask.com");
Ligne supprimée: user_pref("extensions.asktb.cbid", "LH");
Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
Ligne supprimée: user_pref("extensions.asktb.first-launch", true);
Ligne supprimée: user_pref("extensions.asktb.first-launch-url", "hxxp://divertissements.fr.msn.com/television/photo.a...
Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
Ligne supprimée: user_pref("extensions.asktb.l", "dis");
Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1280082214545");
Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
Ligne supprimée: user_pref("extensions.asktb.o", "15503");
Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
Ligne supprimée: user_pref("extensions.asktb.r", "4");
Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", false);
Ligne supprimée: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{635abd67-4fe9-1...
Ligne supprimée: user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTF&o=15503&locale=f...
-- Fichier Fermé --


1,Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
1,Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
1,Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
1,Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
1,Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
0,Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
0,Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2442941
0,Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
1,Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
0,Clé supprimée: HKLM\Software\Conduit
0,Clé supprimée: HKCU\Software\Ask.com
0,Clé supprimée: HKCU\Software\AskToolbar
0,Clé supprimée: HKCU\Software\Conduit
0,Clé supprimée: HKCU\Software\AppDataLow\AskBarDis
0,Clé supprimée: HKCU\Software\AppDataLow\AskHomePage
0,Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
3,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.8 (fr)] **

-- C:\Documents and Settings\Anais\Application Data\Mozilla\FireFox\Profiles\qjbaxgr3.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\Anais\\Bureau
browser.search.defaulturl, hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=
browser.startup.homepage_override.mstone, rv:1.9.2.8

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 339 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 28/07/2010 (3381 Octet(s))
C:\Ad-Report-SCAN[1].txt - 28/07/2010 (8316 Octet(s))

Fin à: 23:54:26, 28/07/2010

============== E.O.F ==============
Anonyme
29 Juillet 2010 01:04:47

Voila le scan est entrain de s'effectuer. Et j'ai une question, je peut suprimer les deux virus que j'ai sur mon anti virus?

Anonyme
29 Juillet 2010 01:27:11

Re ! Le scan est terminer je n'ai aucun virus ou autres, cependant j'ai trouver dans la liste de quarantaine 5 virus...

Trojan.Agent
Trojan.l.Stole.Wi...
Disabled.securit..
Disabled.securit..
Disabled.securit..

Il date depuis le moi d'avril, que dois-je faire?

Sinon voici le rapport !

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4364

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

29/07/2010 01:22:26
mbam-log-2010-07-29 (01-22-26).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 200103
Temps écoulé: 59 minute(s), 46 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Anonyme
29 Juillet 2010 02:35:05

Voici le rapport


Avira AntiVir Personal
Date de création du fichier de rapport : jeudi 29 juillet 2010 01:38

La recherche porte sur 2579813 souches de virus.

Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 3) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur : LOL-12A2DCAE519

Informations de version :
BUILD.DAT : 9.0.0.77 21698 Bytes 09/06/2010 12:01:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 13/10/2009 10:25:46
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 06:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19/11/2009 11:09:37
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20/01/2010 11:09:40
VBASE003.VDF : 7.10.3.75 996864 Bytes 26/01/2010 11:09:41
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05/03/2010 11:09:43
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15/04/2010 11:09:46
VBASE006.VDF : 7.10.7.218 2294784 Bytes 02/06/2010 11:09:49
VBASE007.VDF : 7.10.9.165 4840960 Bytes 23/07/2010 22:26:07
VBASE008.VDF : 7.10.9.166 2048 Bytes 23/07/2010 22:26:07
VBASE009.VDF : 7.10.9.167 2048 Bytes 23/07/2010 22:26:07
VBASE010.VDF : 7.10.9.168 2048 Bytes 23/07/2010 22:26:08
VBASE011.VDF : 7.10.9.169 2048 Bytes 23/07/2010 22:26:08
VBASE012.VDF : 7.10.9.170 2048 Bytes 23/07/2010 22:26:08
VBASE013.VDF : 7.10.9.198 157696 Bytes 26/07/2010 11:32:11
VBASE014.VDF : 7.10.9.199 2048 Bytes 26/07/2010 11:32:11
VBASE015.VDF : 7.10.9.200 2048 Bytes 26/07/2010 11:32:11
VBASE016.VDF : 7.10.9.201 2048 Bytes 26/07/2010 11:32:11
VBASE017.VDF : 7.10.9.202 2048 Bytes 26/07/2010 11:32:11
VBASE018.VDF : 7.10.9.203 2048 Bytes 26/07/2010 11:32:11
VBASE019.VDF : 7.10.9.204 2048 Bytes 26/07/2010 11:32:12
VBASE020.VDF : 7.10.9.205 2048 Bytes 26/07/2010 11:32:12
VBASE021.VDF : 7.10.9.206 2048 Bytes 26/07/2010 11:32:12
VBASE022.VDF : 7.10.9.207 2048 Bytes 26/07/2010 11:32:12
VBASE023.VDF : 7.10.9.208 2048 Bytes 26/07/2010 11:32:12
VBASE024.VDF : 7.10.9.209 2048 Bytes 26/07/2010 11:32:12
VBASE025.VDF : 7.10.9.210 2048 Bytes 26/07/2010 11:32:12
VBASE026.VDF : 7.10.9.211 2048 Bytes 26/07/2010 11:32:12
VBASE027.VDF : 7.10.9.212 2048 Bytes 26/07/2010 11:32:12
VBASE028.VDF : 7.10.9.213 2048 Bytes 26/07/2010 11:32:12
VBASE029.VDF : 7.10.9.214 2048 Bytes 26/07/2010 11:32:12
VBASE030.VDF : 7.10.9.215 2048 Bytes 26/07/2010 11:32:13
VBASE031.VDF : 7.10.9.228 118272 Bytes 28/07/2010 11:32:14
Version du moteur : 8.2.4.26
AEVDF.DLL : 8.1.2.0 106868 Bytes 04/07/2010 11:09:56
AESCRIPT.DLL : 8.1.3.41 1364346 Bytes 21/07/2010 11:32:56
AESCN.DLL : 8.1.6.1 127347 Bytes 04/07/2010 11:09:56
AESBX.DLL : 8.1.3.1 254324 Bytes 04/07/2010 11:09:56
AERDL.DLL : 8.1.8.2 614772 Bytes 21/07/2010 11:32:51
AEPACK.DLL : 8.2.3.2 471414 Bytes 21/07/2010 11:32:47
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 22/07/2010 11:31:37
AEHEUR.DLL : 8.1.2.6 2793846 Bytes 21/07/2010 11:32:39
AEHELP.DLL : 8.1.13.2 242039 Bytes 21/07/2010 11:32:11
AEGEN.DLL : 8.1.3.17 385396 Bytes 22/07/2010 11:31:36
AEEMU.DLL : 8.1.2.0 393588 Bytes 04/07/2010 11:09:53
AECORE.DLL : 8.1.16.2 192887 Bytes 21/07/2010 11:32:05
AEBB.DLL : 8.1.1.0 53618 Bytes 04/07/2010 11:09:52
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30
AVPREF.DLL : 9.0.3.0 44289 Bytes 26/08/2009 14:13:31
AVREP.DLL : 8.0.0.7 159784 Bytes 04/07/2010 11:09:57
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26
RCTEXT.DLL : 9.0.73.0 88321 Bytes 02/11/2009 15:58:32

Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Début de la recherche : jeudi 29 juillet 2010 01:38

La recherche d'objets cachés commence.
'40330' objets ont été contrôlés, '0' objets cachés ont été trouvés.

La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mbam.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés
Processus de recherche 'mumble.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'wmiapsrv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqste08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqimzone.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpqtra08.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SUPERANTISPYWARE.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'hpwuschd2.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HDeck.exe' - '1' module(s) sont contrôlés
Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'37' processus ont été contrôlés avec '37' modules

La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !

La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '57' fichiers).


La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\'
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.


Fin de la recherche : jeudi 29 juillet 2010 02:32
Temps nécessaire: 54:10 Minute(s)

La recherche a été effectuée intégralement

7860 Les répertoires ont été contrôlés
264939 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
1 Impossible de contrôler des fichiers
264938 Fichiers non infectés
2108 Les archives ont été contrôlées
1 Avertissements
1 Consignes
40330 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés
29 Juillet 2010 03:47:03

Supprime le contenu de la quarantaine d' Antivir.
Et poste un nouveau rapport RSIT...

:sleep: 
Anonyme
29 Juillet 2010 07:15:17

Télécharge " Navilog1 " c'est un logiciel gratuit, simple et rapide, il détecte et détruit le virus en a peine 3 a 4 minutes.
Télécharge également " Glary Utilities " il est gratuit, complet et trés efficace pour entretenir ton PC.
Anonyme
29 Juillet 2010 07:16:29

Télécharge " Navilog1 " c'est un logiciel gratuit, simple et rapide, il détecte et détruit le virus en a peine 3 a 4 minutes.
Télécharge également " Glary Utilities " il est gratuit, complet et trés efficace pour entretenir ton PC.
Anonyme
29 Juillet 2010 11:19:48

Voici le rapport... et merci Airport pour tes conseille^^

Logfile of random's system information tool 1.08 (written by random/random)
Run by Anais at 2010-07-29 11:18:07
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 29 GB (24%) free of 117 GB
Total RAM: 1023 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:18:13, on 29/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Anais\Mes documents\Téléchargements\RSIT(2).exe
C:\Program Files\trend micro\Anais.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15506&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar....
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 8347 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{62AA79D7-0F30-4360-A445-C2C2B280EC61}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll [2007-10-11 614400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-06-05 33628160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-23 2403568]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Anais\Menu Démarrer\Programmes\Démarrage
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-07-23 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
antiwpa.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-07-29 00:18:11 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-29 00:18:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-29 00:18:09 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-28 23:52:54 ----A---- C:\Ad-Report-CLEAN[1].txt
2010-07-28 23:44:01 ----A---- C:\Ad-Report-SCAN[1].txt
2010-07-28 23:43:08 ----D---- C:\Program Files\Ad-Remover
2010-07-28 20:23:53 ----D---- C:\Program Files\trend micro
2010-07-28 20:23:52 ----D---- C:\rsit
2010-07-27 00:02:34 ----D---- C:\WINDOWS\pss
2010-07-23 01:17:05 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-07-23 01:15:40 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-23 01:15:40 ----D---- C:\Documents and Settings\Anais\Application Data\SUPERAntiSpyware.com
2010-07-17 21:15:43 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2010-07-17 21:08:17 ----D---- C:\Documents and Settings\Anais\Application Data\HpUpdate
2010-07-17 21:07:27 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-15 01:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-11 20:52:53 ----D---- C:\Documents and Settings\Anais\Application Data\TS3Client
2010-07-11 20:48:55 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2010-07-04 12:58:37 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2010-07-04 12:58:36 ----D---- C:\Program Files\Avira
2010-07-04 12:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-07-04 10:38:59 ----D---- C:\Program Files\Perfect World France
2010-07-04 01:53:20 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-04 01:43:08 ----D---- C:\Program Files\MSXML 4.0
2010-07-04 00:22:26 ----A---- C:\WINDOWS\system32\muweb.dll
2010-07-04 00:22:26 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-03 23:05:23 ----D---- C:\Program Files\CCleaner
2010-07-03 22:42:54 ----D---- C:\Documents and Settings\Anais\Application Data\Malwarebytes
2010-07-03 22:42:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-03 01:35:25 ----D---- C:\Documents and Settings\Anais\Application Data\PhotoFiltre
2010-07-01 14:46:02 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-07-01 14:34:46 ----D---- C:\WINDOWS\Sun
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\java.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of files/folders modified in the last 1 months======

2010-07-29 11:18:12 ----D---- C:\WINDOWS\Prefetch
2010-07-29 11:13:13 ----D---- C:\Documents and Settings\Anais\Application Data\Mumble
2010-07-29 11:11:43 ----D---- C:\WINDOWS\Temp
2010-07-29 11:11:32 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-29 11:11:28 ----D---- C:\Documents and Settings\Anais\Application Data\vlc
2010-07-29 11:11:11 ----D---- C:\WINDOWS
2010-07-29 02:39:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-29 00:18:11 ----D---- C:\WINDOWS\system32\drivers
2010-07-29 00:18:09 ----RD---- C:\Program Files
2010-07-28 23:54:04 ----SHD---- C:\WINDOWS\Installer
2010-07-28 23:53:52 ----SD---- C:\WINDOWS\Tasks
2010-07-28 15:16:10 ----D---- C:\WINDOWS\Minidump
2010-07-25 13:01:42 ----D---- C:\Config.Msi
2010-07-24 12:16:47 ----D---- C:\Program Files\Mozilla Firefox
2010-07-23 15:02:43 ----HD---- C:\WINDOWS\inf
2010-07-23 01:16:15 ----SD---- C:\Documents and Settings\Anais\Application Data\Microsoft
2010-07-23 01:13:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2010-07-22 14:19:38 ----D---- C:\Program Files\World of Warcraft
2010-07-17 21:15:44 ----D---- C:\WINDOWS\WinSxS
2010-07-17 21:11:10 ----D---- C:\Program Files\HP
2010-07-15 11:30:54 ----D---- C:\WINDOWS\system32
2010-07-15 11:30:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-15 01:59:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-15 01:59:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-15 01:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-07-10 16:33:45 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2010-07-05 01:43:33 ----RSD---- C:\WINDOWS\assembly
2010-07-04 18:38:14 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-04 16:01:11 ----D---- C:\Program Files\Mumble
2010-07-04 02:12:31 ----A---- C:\WINDOWS\imsins.BAK
2010-07-04 02:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-04 02:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-04 02:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-04 02:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-04 02:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-04 02:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-04 02:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-07-04 02:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-04 02:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-04 02:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-04 02:08:16 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-04 02:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-07-04 02:04:39 ----D---- C:\Program Files\Movie Maker
2010-07-04 02:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-04 02:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-04 02:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-04 02:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-04 02:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-04 02:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-04 02:00:29 ----RSD---- C:\WINDOWS\Fonts
2010-07-04 02:00:04 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-07-04 01:59:16 ----D---- C:\Program Files\Microsoft Works
2010-07-04 01:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-04 01:56:12 ----D---- C:\Program Files\Internet Explorer
2010-07-04 01:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-04 01:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-04 01:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-04 01:52:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-04 01:52:15 ----D---- C:\Program Files\Outlook Express
2010-07-04 01:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-04 01:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-04 01:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-04 01:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-04 01:50:59 ----D---- C:\WINDOWS\Registration
2010-07-04 01:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-04 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-04 00:21:03 ----D---- C:\WINDOWS\ime
2010-07-03 01:34:48 ----D---- C:\Program Files\PhotoFiltre
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-08-19 46080]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-05-25 142336]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-06-02 1374464]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-01 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
29 Juillet 2010 12:14:12

Bonjour,

Airport_MC : Tu as sur le forum Sécurité, tout plein de sujets sans réponse dans lesquels tu pourrais étaler ton savoir.

MamSel : Fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

A+



Anonyme
29 Juillet 2010 12:30:16

Voici le rapprot...

ComboFix 10-07-28.01 - Anais 29/07/2010 12:23:22.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.517 [GMT 2:00]
Lancé depuis: c:\documents and settings\Anais\Mes documents\Téléchargements\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
* Un nouveau point de restauration a été créé

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-06-28 au 2010-07-29 ))))))))))))))))))))))))))))))))))))
.

2010-07-29 09:28 . 2010-07-29 09:28 -------- d-----w- c:\documents and settings\Anais\Application Data\GlarySoft
2010-07-29 09:25 . 2010-07-29 09:26 -------- d-----w- c:\program files\Glary Utilities
2010-07-29 09:23 . 2010-07-29 09:23 -------- d-----w- c:\program files\Navilog1
2010-07-29 09:21 . 2010-07-29 09:23 -------- d---a-w- C:\Navilog1
2010-07-28 22:18 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-28 22:18 . 2010-07-28 22:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-28 22:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-28 21:43 . 2010-07-29 09:34 -------- d-----w- c:\program files\Ad-Remover
2010-07-28 18:23 . 2010-07-29 09:30 -------- d-----w- c:\program files\trend micro
2010-07-28 18:23 . 2010-07-28 18:24 -------- d-----w- C:\rsit
2010-07-23 10:55 . 2010-07-23 10:55 63488 ----a-w- c:\documents and settings\Anais\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-23 10:55 . 2010-07-23 10:55 52224 ----a-w- c:\documents and settings\Anais\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-07-23 10:55 . 2010-07-23 10:55 117760 ----a-w- c:\documents and settings\Anais\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-22 23:17 . 2010-07-22 23:17 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-07-22 23:16 . 2010-07-22 23:16 65024 ----a-r- c:\documents and settings\Anais\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2010-07-22 23:16 . 2010-07-22 23:16 18944 ----a-r- c:\documents and settings\Anais\Application Data\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2010-07-22 23:15 . 2010-07-23 10:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-07-22 23:15 . 2010-07-22 23:15 -------- d-----w- c:\documents and settings\Anais\Application Data\SUPERAntiSpyware.com
2010-07-17 19:15 . 2010-07-17 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-07-17 19:08 . 2010-07-24 19:16 -------- d-----w- c:\documents and settings\Anais\Application Data\HpUpdate
2010-07-17 19:07 . 2010-07-17 19:07 -------- d-----w- c:\windows\Hewlett-Packard
2010-07-11 18:52 . 2010-07-11 18:53 -------- d-----w- c:\documents and settings\Anais\Application Data\TS3Client
2010-07-11 18:48 . 2010-07-11 18:49 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-07-04 12:49 . 2010-07-04 12:49 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2010-07-04 12:35 . 2010-07-04 12:35 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-07-04 12:34 . 2010-07-04 13:35 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\AskToolbar
2010-07-04 12:34 . 2010-07-04 12:34 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Conduit
2010-07-04 12:34 . 2010-07-04 12:37 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Soft-Search
2010-07-04 10:58 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-07-04 10:58 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-07-04 10:58 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-07-04 10:58 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-07-04 10:58 . 2010-07-04 10:58 -------- d-----w- c:\program files\Avira
2010-07-04 10:58 . 2010-07-04 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-07-04 08:38 . 2010-07-04 08:48 -------- d-----w- c:\program files\Perfect World France
2010-07-03 23:43 . 2010-07-03 23:43 -------- d-----w- c:\program files\MSXML 4.0
2010-07-03 22:22 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-03 22:22 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-03 21:05 . 2010-07-03 21:05 -------- d-----w- c:\program files\CCleaner
2010-07-03 20:42 . 2010-07-03 20:42 -------- d-----w- c:\documents and settings\Anais\Application Data\Malwarebytes
2010-07-03 20:42 . 2010-07-03 20:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-02 23:35 . 2010-07-02 23:38 -------- d-----w- c:\documents and settings\Anais\Application Data\PhotoFiltre
2010-07-01 12:46 . 2010-07-01 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-07-01 12:34 . 2010-07-01 12:34 -------- d-----w- c:\windows\Sun
2010-07-01 12:32 . 2010-07-01 12:32 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 17:32 . 2010-06-30 17:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Soft-Search
2010-06-30 17:32 . 2010-06-30 17:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2010-06-29 11:59 . 2010-06-29 12:04 -------- d-----w- c:\program files\TallStick
2010-06-29 11:41 . 2010-06-29 11:47 -------- d-----w- c:\program files\CASIO
2010-06-29 11:41 . 2010-06-29 11:41 -------- d-----w- c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-29 10:23 . 2010-01-22 13:37 -------- d-----w- c:\documents and settings\Anais\Application Data\Mumble
2010-07-29 09:39 . 2010-01-21 17:21 -------- d-----w- c:\documents and settings\Anais\Application Data\vlc
2010-07-22 23:13 . 2010-01-21 15:05 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2010-07-22 12:19 . 2010-01-22 11:36 -------- d-----w- c:\program files\World of Warcraft
2010-07-17 19:11 . 2010-03-09 11:30 -------- d-----w- c:\program files\HP
2010-07-15 09:30 . 2008-04-14 12:00 555514 ----a-w- c:\windows\system32\perfh00C.dat
2010-07-15 09:30 . 2008-04-14 12:00 105140 ----a-w- c:\windows\system32\perfc00C.dat
2010-07-14 23:58 . 2010-01-21 16:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-07-10 14:33 . 2010-01-22 13:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2010-07-04 14:01 . 2010-01-22 13:37 -------- d-----w- c:\program files\Mumble
2010-07-04 13:57 . 2010-02-19 17:30 -------- d-----w- c:\documents and settings\LocalService\Application Data\Mumble
2010-07-04 05:48 . 2010-01-21 14:13 73168 ----a-w- c:\documents and settings\Anais\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-03 23:59 . 2010-01-21 16:52 -------- d-----w- c:\program files\Microsoft Works
2010-07-02 23:34 . 2010-05-05 14:36 -------- d-----w- c:\program files\PhotoFiltre
2010-06-29 12:38 . 2010-01-21 15:34 -------- d-----w- c:\program files\InstallShield Installation Information
2010-06-26 17:53 . 2010-04-03 10:59 -------- d-----w- c:\program files\QuickTime
2010-06-26 17:52 . 2010-06-26 17:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-06-26 17:50 . 2010-04-03 10:58 -------- d-----w- c:\program files\Apple Software Update
2010-06-26 17:50 . 2010-06-26 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-06-25 13:05 . 2010-01-23 23:26 -------- d-----w- c:\documents and settings\Anais\Application Data\dvdcss
2010-06-25 13:05 . 2010-03-30 19:48 -------- d-----w- c:\program files\mIRC(2)
2010-06-25 13:00 . 2010-06-12 14:46 -------- d-----w- c:\documents and settings\Anais\Application Data\SPORE
2010-06-25 13:00 . 2010-06-12 14:38 -------- d-----w- c:\documents and settings\Anais\Application Data\SecuROM(2)
2010-06-25 12:59 . 2010-06-21 15:13 -------- d-----w- c:\documents and settings\Anais\Application Data\teamspeak2
2010-06-25 12:59 . 2010-06-21 15:13 -------- d-----w- c:\program files\Teamspeak2_RC2
2010-06-25 12:58 . 2010-06-25 12:58 -------- d-----w- c:\program files\WowCartographe
2010-06-14 14:31 . 2010-01-21 14:06 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-13 08:39 . 2010-06-13 08:37 -------- d-----w- c:\program files\Fichiers communs\Adobe AIR
2010-06-12 14:37 . 2010-06-12 14:22 -------- d-----w- c:\program files\Electronic Arts
2010-06-11 16:50 . 2010-06-11 16:50 -------- d-----w- c:\program files\Foxit Software
2010-06-10 16:38 . 2010-01-21 15:01 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-09 10:59 . 2010-06-09 09:40 -------- d-----w- c:\program files\EA GAMES
2010-05-06 10:33 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:08 . 2008-04-14 12:00 1851392 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-07-23 2403568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-06-05 33628160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Anais\Menu D‚marrer\Programmes\D‚marrage\
CurseClientStartup.ccip [2010-4-29 0]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-07-23 10:54 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-frFR-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [13/05/2008 12:43 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13/05/2008 12:43 67656]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [04/07/2010 12:58 108289]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [21/01/2010 17:31 1374464]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [13/05/2008 12:44 12872]
.
Contenu du dossier 'Tâches planifiées'

2010-07-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-07-29 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-07-29 09:14]

2010-07-29 c:\windows\Tasks\User_Feed_Synchronization-{62AA79D7-0F30-4360-A445-C2C2B280EC61}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.ask.com?o=15506&l=dis
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Post Image to Blog - c:\windows\ImageShackToolbar\ImageShackToolbar.dll/5003
IE: Tag This Image - c:\windows\ImageShackToolbar\ImageShackToolbar.dll/5002
IE: Transload Image to ImageShack - c:\windows\ImageShackToolbar\ImageShackToolbar.dll/5004
IE: Upload All Images to ImageShack - c:\windows\ImageShackToolbar\ImageShackToolbar.dll/5000
IE: Upload Image to ImageShack - c:\windows\ImageShackToolbar\ImageShackToolbar.dll/5001
FF - ProfilePath - c:\documents and settings\Anais\Application Data\Mozilla\Firefox\Profiles\qjbaxgr3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-29 12:27
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(672)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Heure de fin: 2010-07-29 12:28:53
ComboFix-quarantined-files.txt 2010-07-29 10:28

Avant-CF: 31 140 868 096 octets libres
Après-CF: 32 117 346 304 octets libres

- - End Of File - - B740E8B73A14B9DEA5E00E26FAA657BE
Anonyme
29 Juillet 2010 18:25:28

Re...
Alors voila mon ordi a redemarrer tout seul comme d'hab'
Et quand je me suis reco une petit fenetre et apparu disant
"Vous êtes peut-être victime d'une contrefaçon logiciel" Et en dessous sa dit
"Cette copie Windows n'as pu être validée"
Qu'es que c'est? Comment je fais pour régler se problème?
Merci d'avance^^
( PS : j'ai poster le rapport de ComboFix en haut comme tu me l'as demander^^ )
29 Juillet 2010 21:10:11

Re,

poste un nouveau rapport RSIT...
Anonyme
29 Juillet 2010 21:20:41

Logfile of random's system information tool 1.08 (written by random/random)
Run by Anais at 2010-07-29 21:18:48
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 31 GB (26%) free of 117 GB
Total RAM: 1023 MB (13% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:19:30, on 29/07/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\World of Warcraft\WoW.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mumble\mumble.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Anais\Mes documents\Téléchargements\RSIT(4).exe
C:\Program Files\trend micro\Anais.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15506&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: CurseClientStartup.ccip
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar....
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 8170 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{62AA79D7-0F30-4360-A445-C2C2B280EC61}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll [2007-10-11 614400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-06-05 33628160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-23 2403568]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Anais\Menu Démarrer\Programmes\Démarrage
CurseClientStartup.ccip

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-07-23 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-07-29 18:34:37 ----D---- C:\WINDOWS\LastGood
2010-07-29 12:28:53 ----A---- C:\ComboFix.txt
2010-07-29 12:21:29 ----A---- C:\WINDOWS\zip.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\SWSC.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\SWREG.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\sed.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\PEV.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\NIRCMD.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\MBR.exe
2010-07-29 12:21:29 ----A---- C:\WINDOWS\grep.exe
2010-07-29 12:21:23 ----D---- C:\WINDOWS\ERDNT
2010-07-29 12:20:00 ----D---- C:\Qoobox
2010-07-29 11:33:51 ----A---- C:\Ad-Report-CLEAN[2].txt
2010-07-29 11:28:47 ----D---- C:\Documents and Settings\Anais\Application Data\GlarySoft
2010-07-29 11:25:56 ----D---- C:\Program Files\Glary Utilities
2010-07-29 11:23:18 ----D---- C:\Program Files\Navilog1
2010-07-29 11:21:50 ----A---- C:\cleannavi.txt
2010-07-29 11:21:19 ----AD---- C:\Navilog1
2010-07-29 00:18:11 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-29 00:18:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-29 00:18:09 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-28 23:52:54 ----A---- C:\Ad-Report-CLEAN[1].txt
2010-07-28 23:44:01 ----A---- C:\Ad-Report-SCAN[1].txt
2010-07-28 23:43:08 ----D---- C:\Program Files\Ad-Remover
2010-07-28 20:23:53 ----D---- C:\Program Files\trend micro
2010-07-28 20:23:52 ----D---- C:\rsit
2010-07-27 00:02:34 ----D---- C:\WINDOWS\pss
2010-07-23 01:17:05 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-07-23 01:15:40 ----D---- C:\Program Files\SUPERAntiSpyware
2010-07-23 01:15:40 ----D---- C:\Documents and Settings\Anais\Application Data\SUPERAntiSpyware.com
2010-07-17 21:15:43 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2010-07-17 21:08:17 ----D---- C:\Documents and Settings\Anais\Application Data\HpUpdate
2010-07-17 21:07:27 ----D---- C:\WINDOWS\Hewlett-Packard
2010-07-15 01:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-11 20:52:53 ----D---- C:\Documents and Settings\Anais\Application Data\TS3Client
2010-07-11 20:48:55 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2010-07-04 12:58:38 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2010-07-04 12:58:37 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2010-07-04 12:58:36 ----D---- C:\Program Files\Avira
2010-07-04 12:58:36 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2010-07-04 10:38:59 ----D---- C:\Program Files\Perfect World France
2010-07-04 01:53:20 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-04 01:43:08 ----D---- C:\Program Files\MSXML 4.0
2010-07-04 00:22:26 ----A---- C:\WINDOWS\system32\muweb.dll
2010-07-04 00:22:26 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-03 23:05:23 ----D---- C:\Program Files\CCleaner
2010-07-03 22:42:54 ----D---- C:\Documents and Settings\Anais\Application Data\Malwarebytes
2010-07-03 22:42:39 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-03 01:35:25 ----D---- C:\Documents and Settings\Anais\Application Data\PhotoFiltre
2010-07-01 14:46:02 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-07-01 14:34:46 ----D---- C:\WINDOWS\Sun
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\javaws.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\java.exe
2010-07-01 14:32:22 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of files/folders modified in the last 1 months======

2010-07-29 21:19:37 ----D---- C:\Documents and Settings\Anais\Application Data\Mumble
2010-07-29 21:19:01 ----D---- C:\WINDOWS\Temp
2010-07-29 21:18:56 ----D---- C:\WINDOWS\Prefetch
2010-07-29 18:34:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-29 18:34:38 ----D---- C:\WINDOWS\system32
2010-07-29 18:34:37 ----D---- C:\WINDOWS
2010-07-29 18:30:25 ----D---- C:\Program Files\World of Warcraft
2010-07-29 18:21:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-29 18:21:03 ----D---- C:\Documents and Settings\Anais\Application Data\vlc
2010-07-29 12:27:01 ----A---- C:\WINDOWS\system.ini
2010-07-29 12:26:54 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-29 12:25:33 ----D---- C:\WINDOWS\system32\drivers
2010-07-29 12:25:33 ----D---- C:\WINDOWS\AppPatch
2010-07-29 12:25:27 ----D---- C:\Program Files\Fichiers communs
2010-07-29 12:21:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-29 11:26:04 ----SD---- C:\WINDOWS\Tasks
2010-07-29 11:25:56 ----RD---- C:\Program Files
2010-07-28 23:54:04 ----SHD---- C:\WINDOWS\Installer
2010-07-28 15:16:10 ----D---- C:\WINDOWS\Minidump
2010-07-25 13:01:42 ----D---- C:\Config.Msi
2010-07-24 12:16:47 ----D---- C:\Program Files\Mozilla Firefox
2010-07-23 15:02:43 ----HD---- C:\WINDOWS\inf
2010-07-23 01:16:15 ----SD---- C:\Documents and Settings\Anais\Application Data\Microsoft
2010-07-23 01:13:33 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2010-07-17 21:15:44 ----D---- C:\WINDOWS\WinSxS
2010-07-17 21:11:10 ----D---- C:\Program Files\HP
2010-07-15 11:30:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-15 01:59:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-15 01:59:29 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-15 01:58:09 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-07-10 16:33:45 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2010-07-05 01:43:33 ----RSD---- C:\WINDOWS\assembly
2010-07-04 18:38:14 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-04 16:01:11 ----D---- C:\Program Files\Mumble
2010-07-04 02:12:31 ----A---- C:\WINDOWS\imsins.BAK
2010-07-04 02:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-04 02:09:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-04 02:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-04 02:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-04 02:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-04 02:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-04 02:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-07-04 02:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-04 02:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-04 02:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-04 02:08:16 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-04 02:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-07-04 02:04:39 ----D---- C:\Program Files\Movie Maker
2010-07-04 02:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-04 02:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-04 02:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-04 02:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-04 02:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-04 02:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-04 02:00:29 ----RSD---- C:\WINDOWS\Fonts
2010-07-04 02:00:04 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-07-04 01:59:16 ----D---- C:\Program Files\Microsoft Works
2010-07-04 01:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-04 01:56:12 ----D---- C:\Program Files\Internet Explorer
2010-07-04 01:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-04 01:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-04 01:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-04 01:52:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-04 01:52:15 ----D---- C:\Program Files\Outlook Express
2010-07-04 01:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-04 01:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-04 01:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-04 01:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-04 01:50:59 ----D---- C:\WINDOWS\Registration
2010-07-04 01:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-04 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-04 00:21:03 ----D---- C:\WINDOWS\ime
2010-07-03 01:34:48 ----D---- C:\Program Files\PhotoFiltre
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-08-19 46080]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-05-25 142336]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-06-02 1374464]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; \??\C:\DOCUME~1\Anais\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-01 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
30 Juillet 2010 00:25:12

Citation :
> "Cette copie Windows n'as pu être validée"
Qu'es que c'est?


Bonsoir,

> Ton Xp est illégal...

Lance HijackThis et ferme toutes les fenêtres de programme.

Vérifie qu' il fera des sauvegardes : Dans Config, coche Make backups before fixing items (protéger les objets avant de fixer) puis clique sur les boutons Back (retour)+Do a system scan only (scanner seulement) et coche les cases situées devant les lignes ci-dessous :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ask.com?o=15506&l=dis

Enfin clique sur Fix checked (fixer objet).

Fais un scan antivirus en ligne avec BitDefender.
Tuto : http://forum.pcastuces.com/bitdefender_online_scanner__...
Poste le rapport.

A+
Anonyme
30 Juillet 2010 01:26:37

Re,
Voici le rapport



QuickScan Beta 32-bit v0.9.9.23
-------------------------------
Scan date: Fri Jul 30 04:05:13 2010
Machine ID: 74610598

C:\Program Files\Mozilla Firefox - could not be accessed


No infection found.
-------------------



Processes
---------
<unsigned> AntiVir Desktop 192 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> AntiVir Desktop 1528 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
<unsigned> AntiVir Desktop 1536 C:\Program Files\Avira\AntiVir Desktop\sched.exe
<unsigned> HDeck Application 156 C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
<unsigned> hp digital imaging 436 C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe

<verified> hpwuSchd Application 152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
<verified> Firefox 2020 C:\Program Files\Mozilla Firefox\firefox.exe
<verified> Firefox 2484 C:\Program Files\Mozilla Firefox\plugin-container.exe
<verified> hp digital imaging 2140 C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
<verified> hp digital imaging 1384 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
<verified> Java(TM) Platform SE 6 U20 768 C:\Program Files\Java\jre6\bin\jqs.exe
<verified> Java(TM) Platform SE Auto Updater 2 0 184 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
<verified> Microsoft Genuine Advantage 1848 C:\WINDOWS\system32\WgaTray.exe
<verified> Microsoft® Windows® Operating System 2932 C:\WINDOWS\System32\alg.exe
<verified> Microsoft® Windows® Operating System 644 C:\WINDOWS\system32\csrss.exe
<verified> Microsoft® Windows® Operating System 248 C:\WINDOWS\system32\ctfmon.exe
<verified> Microsoft® Windows® Operating System 724 C:\WINDOWS\system32\lsass.exe
<verified> Microsoft® Windows® Operating System 1500 C:\WINDOWS\system32\spoolsv.exe
<verified> Microsoft® Windows® Operating System 1204 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1308 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1632 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1888 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 948 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1016 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1112 C:\WINDOWS\System32\svchost.exe
<verified> Mumble 2128 C:\Program Files\Mumble\mumble.exe
<verified> NVIDIA Driver Helper Service, Version 1 916 C:\WINDOWS\system32\nvsvc32.exe
<verified> SUPERAntiSpyware 232 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
<verified> Système d'exploitation Microsoft® Windo 1892 C:\WINDOWS\Explorer.EXE
<verified> Système d'exploitation Microsoft® Windo 2044 C:\WINDOWS\system32\RUNDLL32.EXE
<verified> Système d'exploitation Microsoft® Windo 712 C:\WINDOWS\system32\services.exe
<verified> Système d'exploitation Microsoft® Windo 592 C:\WINDOWS\System32\smss.exe
<verified> Système d'exploitation Microsoft® Windo 2740 C:\WINDOWS\system32\wbem\wmiapsrv.exe
<verified> Système d'exploitation Microsoft® Windo 668 C:\WINDOWS\system32\winlogon.exe
<verified> Windows Live Communications Platform 3340 C:\Program Files\Windows Live\Contacts\wlcomm.exe
<verified> Windows Live Messenger 208 C:\Program Files\Windows Live\Messenger\msnmsgr.exe


Network activity
----------------
Process msnmsgr.exe (208) connected on port 1863 (MSN) --> sn1msg3010814.sn1.gateway.edge.messenger.live.com
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.246.42.71
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.57
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.246.42.71
Process firefox.exe (2020) connected on port 80 (HTTP) --> 207.171.14.112
Process firefox.exe (2020) connected on port 80 (HTTP) --> 66.249.92.148
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.246.42.71
Process firefox.exe (2020) connected on port 80 (HTTP) --> 66.249.92.154
Process firefox.exe (2020) connected on port 80 (HTTP) --> 194.209.253.33
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.17
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.246.42.71
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.17
Process firefox.exe (2020) connected on port 80 (HTTP) --> 66.249.92.96
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.17
Process firefox.exe (2020) connected on port 80 (HTTP) --> 192.116.242.20
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.17
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.246.42.71
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.17
Process firefox.exe (2020) connected on port 80 (HTTP) --> 193.159.160.144
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.246.42.71
Process firefox.exe (2020) connected on port 80 (HTTP) --> 213.248.125.17
Process mumble.exe (2128) connected on port 50865 --> 193.107.56.97

Process svchost.exe (1016) listens on ports: 135 (RPC)


Autoruns and critical files
---------------------------
<unsigned> AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> HDeck Application C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
<unsigned> hp digital imaging C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
<unsigned> QuickTime C:\Program Files\QuickTime\QTTask.exe
<unsigned> SuperAntiSpyware C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
<unsigned> SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

<verified> hpwuSchd Application C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
<verified> Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
<verified> Glary Utilities C:\Program Files\Glary Utilities\initialize.exe
<verified> hp digital imaging C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
<verified> Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
<verified> NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\NvCpl.dll
<verified> NVIDIA Media Center Library C:\WINDOWS\system32\nvmctray.dll
<verified> Spore Launcher D:\autorun.exe
<verified> SUPERAntiSpyware C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\browseui.dll
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\crypt32.dll
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\cscdll.dll
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\logonui.exe
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\sclgntfy.dll
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\stobject.dll
<verified> Système d'exploitation Microsoft® Windo c:\windows\system32\userinit.exe
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\wlnotify.dll
<verified> Windows Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll
<verified> Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<verified> Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe
<verified> Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll


Browser plugins
---------------
<unsigned> ImageShack Toolbar for Internet Explore c:\windows\imageshacktoolbar\imageshacktoolbar.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
<unsigned> QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

<verified> BitDefender QuickScan C:\Documents and Settings\Anais\Application Data\Mozilla\Firefox\Profiles\qjbaxgr3.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
<verified> BitDefender QuickScan C:\Documents and Settings\Anais\Application Data\Mozilla\Firefox\Profiles\qjbaxgr3.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verified> Java Deployment Toolkit 6.0.200.2 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
<verified> Java(TM) Platform SE 6 U20 c:\program files\java\jre6\bin\jp2ssv.dll
<verified> Java(TM) Platform SE 6 U20 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
<verified> Microsoft® Windows Live Login Helper c:\program files\fichiers communs\microsoft shared\windows live\windowslivelogin.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
<verified> Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verified> System Requirements Lab C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll
<verified> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\mswsock.dll
<verified> Windows Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
<verified> Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
<verified> Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll


Scan
----
<unsigned> MD5: 031ccdff85a57172f3402cb99b3e9d46 C:\Documents and Settings\Anais\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
<unsigned> MD5: 2786afc6ab1f04d7600228e39df2e186 C:\Documents and Settings\Anais\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
<unsigned> MD5: 11ab72d5d603db401c190b454fb935a7 C:\Documents and Settings\Anais\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
<unsigned> MD5: 7e3d9e781e7d2e099bd424b188fbc9aa C:\Program Files\Avira\AntiVir Desktop\aebb.dll
<unsigned> MD5: abbcb1867ad6c83615ef99220b25a3ad C:\Program Files\Avira\AntiVir Desktop\aecore.dll
<unsigned> MD5: 2364e3d43e8839ae6f47d4ca9ae05762 C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
<unsigned> MD5: 699ed273e38fc99c76b8d0af335919ab C:\Program Files\Avira\AntiVir Desktop\aegen.dll
<unsigned> MD5: 282ff189aa970391cf1b7544a1a8a383 C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
<unsigned> MD5: 948cb2f7b069d13dbaa4be2ee15c411e C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
<unsigned> MD5: 76ae96973eecfa76a88264fd873e5b26 C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
<unsigned> MD5: 24d418e29e98694727f9829720195d1b C:\Program Files\Avira\AntiVir Desktop\aepack.dll
<unsigned> MD5: c56e00c5335383893257c5b1c1334d9c C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
<unsigned> MD5: f3a07c983a0ee71d150bcff15f6b40ec C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
<unsigned> MD5: 2ee40bd646ae9e2aea3282f2c86a05ad C:\Program Files\Avira\AntiVir Desktop\aescn.dll
<unsigned> MD5: 44814f9a618e8af08c084b80fcd0bd7d C:\Program Files\Avira\AntiVir Desktop\aescript.dll
<unsigned> MD5: 4ce4611f7003ada2198b9e9646a00d09 C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
<unsigned> MD5: 8c3372e134e788ccb190913075619948 C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
<unsigned> MD5: e6279db37754828a2f5016fdeea25a0f C:\Program Files\Avira\AntiVir Desktop\avgio.dll
<unsigned> MD5: 29680a793f690eef4aaa68479d2a6df8 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> MD5: b8720a787c1223492e6f319465e996ce C:\Program Files\Avira\AntiVir Desktop\avguard.exe
<unsigned> MD5: 2013fba8166c3ef321f15917a4957b9f C:\Program Files\Avira\AntiVir Desktop\avipc.dll
<unsigned> MD5: fb8e5afbd9f99446888ed1df354ad28b C:\Program Files\Avira\AntiVir Desktop\avpref.dll
<unsigned> MD5: 6773f1370b793da385eb8b476595c103 C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
<unsigned> MD5: 883d20e31060ee30bdf1e8a273dcd15f C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
<unsigned> MD5: 91f9e50660fd1bc880bc2617e418992b C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
<unsigned> MD5: ce1fccfc91c0a14de738d03d252f87b1 C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
<unsigned> MD5: 580d9dc5effbfef0b2a2186f947bf3ea C:\Program Files\Avira\AntiVir Desktop\cclib.dll
<unsigned> MD5: e77b57b521e5212f341338cc7c4adcdc C:\Program Files\Avira\AntiVir Desktop\cclic.dll
<unsigned> MD5: 6411b30061071b27ef8f927c0adc9433 C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
<unsigned> MD5: 1d03cc5a2ee7204e7222405f71841fc2 C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
<unsigned> MD5: 2a13898f9aac250ead07c7267b16c49d C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
<unsigned> MD5: f451ca76f06c392ede8203d4579f3b2c C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
<unsigned> MD5: cd5e8ffc97742ae2e6dd89cdc1a3eee5 C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
<unsigned> MD5: 9015bc03f62940527ec92d45ee89e46f C:\Program Files\Avira\AntiVir Desktop\sched.exe
<unsigned> MD5: a857232f09a60578e239ea714aa03de1 C:\Program Files\Avira\AntiVir Desktop\schedr.dll
<unsigned> MD5: 4dad5d05d96d57da36f61c40d3fb7241 C:\Program Files\Avira\AntiVir Desktop\smtplib.dll
<unsigned> MD5: 22064f0107f144acaa6bf444ebaca212 C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
<unsigned> MD5: 4534b919b89b56655d3a2c22e34f933b C:\Program Files\HP\Digital Imaging\bin\crm\hpqcrmcm.dll
<unsigned> MD5: a7a0371c6c7f0a02b5668a0f504a23cb C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
<unsigned> MD5: 6906658f82de4c3f9538b189d93597c2 C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
<unsigned> MD5: 3b5f0bf4125688a531fa21c823ea6193 C:\Program Files\HP\Digital Imaging\bin\dbghelp.dll
<unsigned> MD5: d4b4d40165ff073e1d18c5e2a27c35f0 C:\Program Files\HP\Digital Imaging\bin\fr\hpqimzone.resources.dll
<unsigned> MD5: dff2b9247a50535ca764fe0f4c4f053d C:\Program Files\HP\Digital Imaging\bin\fr\hpqmirsc.resources.dll
<unsigned> MD5: 8c10a6fe63f5216bb32bee4ea97020e9 C:\Program Files\HP\Digital Imaging\bin\fr\hpqvideo.resources.dll
<unsigned> MD5: 9d37e5b9ed97eb0aea7a270d972917bd C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll
<unsigned> MD5: df8afd370a9937e82109a95ae5be5b3a C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll
<unsigned> MD5: 6729b7a0721464ee5cd6da22c5b36c0f C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll
<unsigned> MD5: e866bf8b66384c65af0c4e63da40b386 C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll
<unsigned> MD5: 133601a55d03031bd16dc6732d8ef1d1 C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
<unsigned> MD5: f2d66dfb0c74047993de0ac80859608c C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
<unsigned> MD5: cca3df71751fc1526660791cebdd4628 C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
<unsigned> MD5: e3dbbb00c9ceacbdd374efa2e9684e1f C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll
<unsigned> MD5: c4a2e21e829766ffba11b854502e81dd C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
<unsigned> MD5: db2e083814b065d83f623e9c394d0f3e C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll
<unsigned> MD5: 87bcf7a6a70060a48f9f5e6f80228a3f C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
<unsigned> MD5: 98aa5432be43cf02e6f3332adbda1dcc C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll
<unsigned> MD5: 3172c615b91816013493169b3062e252 C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
<unsigned> MD5: ffe7d9939f4139ef33125fdbaa929ff6 C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll
<unsigned> MD5: 6d05606c17fba2dcc559816a2cb0ff0b C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll
<unsigned> MD5: 86ae256871b8f18de9e3c49ae3798905 C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc
<unsigned> MD5: 09ecaf4e40372a014d1a5446983c2148 C:\Program Files\HP\Digital Imaging\bin\hpqste08.rsc
<unsigned> MD5: 2207e5283450a56911239172665515b2 C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll
<unsigned> MD5: 63418eb433d986c728982446c6aa3cba C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll
<unsigned> MD5: 814e84685db4e9b6971d6247bf33209e C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
<unsigned> MD5: de4517a364540ac9850c23d6d26866e3 C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll
<unsigned> MD5: 630f185a7a3cbabe2cf591bbb36985e1 C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
<unsigned> MD5: c424694dfde8016ee0f7450c18788406 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
<unsigned> MD5: 64d6e922964d2f8f7665dcce6d13dd51 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
<unsigned> MD5: a6d7da27d1da6337a2c7c97a65adc460 C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll
<unsigned> MD5: b3087ea2aaacfa5e74e128c5ff65b9ad C:\Program Files\HP\Digital Imaging\bin\hpqvdcom.dll
<unsigned> MD5: 791166f60a6db32c079e813d7de43f47 C:\Program Files\HP\Digital Imaging\bin\ltfil13n.DLL
<unsigned> MD5: e2cd12a09aab75b19123e4ab807b2d25 C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll
<unsigned> MD5: 8e89b72cb355ea260936b3a59b5071a9 C:\Program Files\HP\Digital Imaging\Unload\hpnkhTA.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
<unsigned> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\Program Files\Java\jre6\bin\msvcr71.dll
<unsigned> MD5: 10bed437023f93dd1ad8efa80e71280f C:\Program Files\Mozilla Firefox\freebl3.dll
<unsigned> MD5: dce543b6b3ff516bd65c1030e4b933ff C:\Program Files\Mozilla Firefox\nssdbm3.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
<unsigned> MD5: 2de3979d7b2312a679ff48d215a100f7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
<unsigned> MD5: 222afed911cbf5f9a454adee53d31b30 C:\Program Files\Mozilla Firefox\softokn3.dll
<unsigned> MD5: 31f5f420b0c13a89a11d03cba5e0499a C:\Program Files\Mumble\libmysql.dll
<unsigned> MD5: c9ed3a910a4341f869aebbffaaa0d7f1 C:\Program Files\Mumble\libsndfile-1.dll
<unsigned> MD5: c7d4d685a0af2a09cbc21cb474358595 C:\Program Files\Mumble\zlib1.dll
<unsigned> MD5: ed7a6d40b20dc34be06f4ae196ae7d50 C:\Program Files\QuickTime\QTTask.exe
<unsigned> MD5: 31a7aa2dedefbd3927b0cade051aac2c C:\Program Files\SUPERAntiSpyware\deupx.dll
<unsigned> MD5: ecd5517a6633826057d4f050927ddf56 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
<unsigned> MD5: 482e8f6fd557d5a0df7363f72df145fe C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
<unsigned> MD5: 290d597f0b5315f704f8cb9f296613a1 C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
<unsigned> MD5: a1b44c0a1ad71f86579a4521d5b1c024 C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
<unsigned> MD5: 10aae1d5e87e38fe12ef48353d95d824 C:\WINDOWS\assembly\GAC\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
<unsigned> MD5: e716a3d2e9a0a31dad142b80f9bc06d2 C:\WINDOWS\assembly\GAC\hpqbakup.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqbakup.resources.dll
<unsigned> MD5: 493c3e542983b8118727efee42905b34 C:\WINDOWS\assembly\GAC\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
<unsigned> MD5: 9239278b495691378d9709aa03866c97 C:\WINDOWS\assembly\GAC\hpqcc2.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcc2.resources.dll
<unsigned> MD5: 51d35b6c3383b4aa8d68ca26ded1d125 C:\WINDOWS\assembly\GAC\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
<unsigned> MD5: 03a0d2a2376bd5d16977d4e71ef0f557 C:\WINDOWS\assembly\GAC\hpqcprsc.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqcprsc.resources.dll
<unsigned> MD5: 0f76696e3cc15c961f91b6965b843890 C:\WINDOWS\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
<unsigned> MD5: b1144bb613247130ffca448920ad9586 C:\WINDOWS\assembly\GAC\hpqedit.resources\3.0.0.0_fr_a53cf5803f4c3827\hpqedit.resources.dll
<unsigned> MD5: 92c82e1de8f4e0a2457596abb032799d C:\WINDOWS\assembly\GAC\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
<unsigned> MD5: cd6e1224f6990daaa21663b0df74e889 C:\WINDOWS\assembly\GAC\hpqfmrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqfmrsc.resources.dll
<unsigned> MD5: ccb8943dabefd22cf9fc93934d1ee06f C:\WINDOWS\assembly\GAC\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
<unsigned> MD5: faba5f0bafba0d6268d32a9f277ac600 C:\WINDOWS\assembly\GAC\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
<unsigned> MD5: 44fe769f516a0140207b773a15d1c661 C:\WINDOWS\assembly\GAC\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
<unsigned> MD5: 988492049768322f4968c9c0fe1a44c3 C:\WINDOWS\assembly\GAC\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
<unsigned> MD5: b43cfc68cee189e96dbb1f6c9de2a64a C:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
<unsigned> MD5: c40cabc022e2183d6bb81fe984a68982 C:\WINDOWS\assembly\GAC\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
<unsigned> MD5: b1500af9df09488fc15be6e6398fc848 C:\WINDOWS\assembly\GAC\hpqisrtb.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqisrtb.resources.dll
<unsigned> MD5: 93e315d3ae8f7d64a33807d84e1ff477 C:\WINDOWS\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
<unsigned> MD5: 6b224468cd4697bdb06d0b1b4d03cbdd C:\WINDOWS\assembly\GAC\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
<unsigned> MD5: 86fd7adc29741b1d6bf376b6703da765 C:\WINDOWS\assembly\GAC\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
<unsigned> MD5: f919c0c70c768ff6e9db66d1c33bf7be C:\WINDOWS\assembly\GAC\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
<unsigned> MD5: 49a7f300426b038387ac1f1a0b346391 C:\WINDOWS\assembly\GAC\hpqprrsc.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqprrsc.resources.dll
<unsigned> MD5: 7649f0178cf1762f09f803bc4565d45f C:\WINDOWS\assembly\GAC\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
<unsigned> MD5: 95638a6b405f1132499c8555382709a8 C:\WINDOWS\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
<unsigned> MD5: 80a71db3bd2d889579769cf26baa2555 C:\WINDOWS\assembly\GAC\hpqtray.resources\4.0.0.0_fr_a53cf5803f4c3827\hpqtray.resources.dll
<unsigned> MD5: ef1905eb64ae8fa60adf221ebb5ced0d C:\WINDOWS\assembly\GAC\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
<unsigned> MD5: db58f7609f096f62a7f6a5ba12162da1 C:\WINDOWS\assembly\GAC\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
<unsigned> MD5: 86b33fed643591940e922d2664099ea6 C:\WINDOWS\assembly\GAC\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
<unsigned> MD5: a374b8064daf91b2a1cac1fdb1b919d0 C:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll
<unsigned> MD5: 76e55b5e1eb8fd93c9684f16036785d4 C:\WINDOWS\assembly\GAC\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
<unsigned> MD5: 1229c236b3856aef4ee37ce4b0a4d67e C:\WINDOWS\assembly\GAC\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\Interop.hpqvideo.dll
<unsigned> MD5: f89bdd4110a8f493ab2e4637f52eb1f4 C:\WINDOWS\assembly\GAC\Interop.hprblog\3.0.0.0__a53cf5803f4c3827\Interop.hprblog.dll
<unsigned> MD5: c2808d9ec312e38a30b432daaa91ea62 C:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Codecs\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.Imaging.Codecs.dll
<unsigned> MD5: f5a621c69b659258e5164306a15c9caa C:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.Imaging.ImageProcessing.dll
<unsigned> MD5: b8549829aabd31329cb20367f05630ea C:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.dll
<unsigned> MD5: d086d14ae3e163dd38230cbc804c6747 C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\LEAD.Windows.Forms.DrawingContainer.dll
<unsigned> MD5: 4bbf2f7e4f0f21fdcf30f540e7331bd7 C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\LEAD.Windows.Forms.dll
<unsigned> MD5: 335270904fed5f3629fe0d2fcab7bd4f C:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\LEAD.Wrapper.dll
<unsigned> MD5: 648fe0d27734bb73ef04bc6789b20935 C:\WINDOWS\assembly\GAC\LEAD\13.0.0.113__9cf889f53ea9b907\LEAD.dll
<unsigned> MD5: 3c4c7b62f626f5aa6f79a1e2004c4b62 C:\WINDOWS\assembly\GAC\mscorlib.resources\1.0.5000.0_fr_b77a5c561934e089\Mscorlib.Resources.dll
<unsigned> MD5: bcf15390de7368639c593735bf938d7a C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
<unsigned> MD5: ac23e76a1648b9f85bfe96c0ba8e7257 C:\WINDOWS\assembly\GAC\System.resources\1.0.5000.0_fr_b77a5c561934e089\System.Resources.dll
<unsigned> MD5: 2814e9bdb75088c0b4cf6c1123f6ec8e C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
<unsigned> MD5: a5205b3af85b1477ab2c2a1e12201598 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
<unsigned> MD5: 83928671ccc704d32c363461ca6dec83 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
<unsigned> MD5: d4f83bb2862fa4927db55afe16369af9 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_6d4240db\mscorlib.dll
<unsigned> MD5: 5964428d222ee57320048e781de274fe C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2dfae1f8\System.Drawing.dll
<unsigned> MD5: eb0ae81ac9bb7a23a596c8a4cbed5b6b C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_7e53f614\System.Windows.Forms.dll
<unsigned> MD5: 45341654699004e8a50b2b383193ac57 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_98f9e0a8\System.Xml.dll
<unsigned> MD5: bc91191de9c6f588871da1b01aa66f4e C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_bf25f23d\System.dll
<unsigned> MD5: ba49ae9dbbefe9534b292c76919cf477 c:\windows\imageshacktoolbar\imageshacktoolbar.dll
<unsigned> MD5: 1bf5adcdc841b69ab00187abd53253a1 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
<unsigned> MD5: 6a26d0db2af2c3d6008800f1e998c65d C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fr\mscorrc.dll
<unsigned> MD5: 7c87a5fb95777e4132b11fc3d92caaf5 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
<unsigned> MD5: f34d92fba77df7e0b5fdf17f9cd2ab9a C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
<unsigned> MD5: 5170eba2334e0533ed4cdaa27f1d930b C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
<unsigned> MD5: 82a90e50aeba92cf47f341066c5efefc C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
<unsigned> MD5: ac1a02176f7c608e0cd971acf4bb91aa C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
<unsigned> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
<unsigned> MD5: 8f2097e8b174f38178570c611464935f C:\WINDOWS\system32\atl71.dll
<unsigned> MD5: 0457e25bb122b854e267cf552dcdc370 C:\WINDOWS\System32\Drivers\PxHelp20.sys
<unsigned> MD5: adbb61bf0b9c97de818090738ec71e57 C:\WINDOWS\system32\HPTcpMib.dll
<unsigned> MD5: 4e460240cb29778f5f8c1feb38806679 C:\WINDOWS\system32\HPTcpMon.dll
<unsigned> MD5: bb3506acb0b6927f9672316d2061a9b1 C:\WINDOWS\system32\HPTcpMUI.dll
<unsigned> MD5: 2d091a99624fb9e7eef0a86d872ec0c3 C:\WINDOWS\system32\HPZipm12.exe
<unsigned> MD5: ee142789631138c42112b5b757dde6a9 C:\WINDOWS\system32\hpzjrd01.dll
<unsigned> MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\system32\mfc71.dll
<unsigned> MD5: e1f8293b0cdd3febd80a4879ca53b771 C:\WINDOWS\system32\MFC71FRA.DLL
<unsigned> MD5: 561fa2abb31dfa8fab762145f81667c2 C:\WINDOWS\system32\msvcp71.dll
<unsigned> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\WINDOWS\system32\msvcr71.dll
<unsigned> MD5: 29c5770f9ba6ef8ffb6dc5753b420b08 C:\WINDOWS\system32\nvrsfr.dll

The following file(s) must be uploaded for server-side scanning:
C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2dfae1f8\System.Drawing.dll

Upload started - 1 file(s)
System.Drawing.dll (835584)
Upload speed - 53 KB/s
Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 17 sec
Total traffic - 0.89 MB sent, 3.23 KB recvd
Scanned 1435 files and modules - 152 seconds

==============================================================================



30 Juillet 2010 12:22:16

Bonjour,

poste le rapport info.txt de RSIT : démarrer>Poste de travail>Disque local C:>Program Files

;) 

A+
Anonyme
30 Juillet 2010 12:54:11

Re, vu que je reçois jamais les mail de confirmation. ( et va savoir pourquoi --' ) je me suis ré-inscrite sous un autre pseudo
Bref...


Euh, je l'ai pas trouver...
C'est dans quel dossier?
30 Juillet 2010 13:47:49

Citation :
> C'est dans quel dossier?


Re,

> Celui de RSIT.
Anonyme
30 Juillet 2010 16:12:06

Re, merci ^^ Voici le rapport

info.txt logfile of random's system information tool 1.08 2010-07-28 20:24:00

======Uninstall list======

-->MsiExec /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
4Story 1.5-->"C:\Program Files\Gameforge4D\4Story\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
ImageShack Toolbar for Internet Explorer-->MsiExec.exe /I{8C98EAE9-D93F-4BCE-BBFF-5DE70413F2BE}
ImageShack Uploader 2.2.0-->MsiExec.exe /X{8BCD7AE7-F713-4D50-BAB9-7839B9386870}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Le journal de votre naissance-->"C:\Program Files\AXEL\Le journal de votre naissance\unins000.exe"
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Mise à jour pour Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de base Microsoft de service de chiffrement pour cartes à puce-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Perfect World France-->"C:\Program Files\Perfect World France\unins000.exe"
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB982135)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0112C750-A06F-4F92-9C40-E5C1EA9A70EB}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Soft-Search Toolbar-->C:\PROGRA~1\SOFT-S~1\UNWISE.EXE /U C:\PROGRA~1\SOFT-S~1\INSTALL.LOG
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Outlook 2007 Junk Email Filter (kb2202131)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A67392E8-282B-4BEF-8020-EF3DD664DE7B}
VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Wow Cartographe 1.10-->C:\Program Files\WowCartographe\uninst.exe

======Hosts File======

127.0.0.1 mpa.one.microsoft.com

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: LOL-12A2DCAE519
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

Record Number: 47121
Source Name: Service Control Manager
Time Written: 20100722211931.000000+120
Event Type: Informations
User:

Computer Name: LOL-12A2DCAE519
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : arrêté.

Record Number: 47120
Source Name: Service Control Manager
Time Written: 20100722211926.000000+120
Event Type: Informations
User:

Computer Name: LOL-12A2DCAE519
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

Record Number: 47119
Source Name: Service Control Manager
Time Written: 20100722211926.000000+120
Event Type: Informations
User: LOL-12A2DCAE519\Anais

Computer Name: LOL-12A2DCAE519
Event Code: 7036
Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution.

Record Number: 47118
Source Name: Service Control Manager
Time Written: 20100722211926.000000+120
Event Type: Informations
User:

Computer Name: LOL-12A2DCAE519
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12.

Record Number: 47117
Source Name: Service Control Manager
Time Written: 20100722211921.000000+120
Event Type: Informations
User: LOL-12A2DCAE519\Anais

=====Application event log=====

Computer Name: LOL-12A2DCAE519
Event Code: 4122
Message: Impossible de charger le fichier AVPREF.DLL.
Code d'erreur : 0x45a

Record Number: 1454
Source Name: Avira AntiVir
Time Written: 20100703111555.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: LOL-12A2DCAE519
Event Code: 11707
Message: Product: Ask Toolbar -- Installation operation completed successfully.

Record Number: 1453
Source Name: MsiInstaller
Time Written: 20100703013508.000000+120
Event Type: Informations
User: LOL-12A2DCAE519\Anais

Computer Name: LOL-12A2DCAE519
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 1452
Source Name: SecurityCenter
Time Written: 20100702210627.000000+120
Event Type: Informations
User:

Computer Name: LOL-12A2DCAE519
Event Code: 4097
Message: Le service AntiVir a été arrêté!

Record Number: 1451
Source Name: Avira AntiVir
Time Written: 20100702210621.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: LOL-12A2DCAE519
Event Code: 4122
Message: Impossible de charger le fichier AVPREF.DLL.
Code d'erreur : 0x45a

Record Number: 1450
Source Name: Avira AntiVir
Time Written: 20100702210619.000000+120
Event Type: erreur
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
30 Juillet 2010 16:19:49

Il faut mettre à jour Java (faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u21 et dans la page suivante, coche I agree... puis télécharge Multi-language/Windows Offline Installation/jre-6u21-windows-i586.exe
Anonyme
30 Juillet 2010 16:38:56

Voila j'ai mis à jour java
30 Juillet 2010 19:39:45

Comment va ton Pc?
Anonyme
30 Juillet 2010 20:34:09

Sa va un peut mieux.. mais deux cheval de troie sont parti, il me reste le probleme de firefox a réglé,
Et j'ai toujours des cookies en quarantaine sur superAntispyware et 5 virus qui traine sur malwarebyte's...
31 Juillet 2010 00:20:41

Citation :
> Et j'ai toujours des cookies en quarantaine sur superAntispyware et 5 virus qui traine sur malwarebyte's...


Bonsoir,

> Supprime-les...

Ton Pc n' est+ infecté, tu devrais poser tes questions au forum Accès Internet et Réseaux : http://www.infos-du-net.com/forum/forum-8.html

* Je te conseille de défragmenter ton PC : http://www.6ma.fr/tuto/defragmenter+disque+sous+windows...
* Il est fortement recommandé d' avoir tous ses logiciels à jour.
* Tu peux supprimer ceux que nous avons utilisés (fais démarrer>Exécuter puis tape ComboFix /uninstall>Ok, RSIT, Ad-Remover...) traitant d' infections spécifiques.
* Garde Malwarebytes' Anti-Malware.

-----------------------------------------------------------------------------------------------------------------------------------

Maintenant que ta machine n' est plus infectée, désactive la Restauration du système : http://forum.pcastuces.com/desactiver_la_restauration_s...

-----------------------------------------------------------------------------------------------------------------------------------

Pour la sécurité de ton PC, prends quelques minutes pour lire :
http://www.infos-du-net.com/forum/275481-11-dossier-pre...

-----------------------------------------------------------------------------------------------------------------------------------

Dénonce stv ton infection en postant sur Malware-Complaints :

- Règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
- Enregistre-toi à l' aide du bouton Register
- Choisis I Agree to these terms and am over or exactly 13 years of age

Indique aussi le nom du forum qui t' a aidé, Idn.

-----------------------------------------------------------------------------------------------------------------------------------

Marque ton sujet en (Résolu).

A+
Ps : Bon courage



Anonyme
31 Juillet 2010 00:57:31

Merci beaucoup de ton aide ! Je vais faire tout ça.
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS