Se connecter / S'enregistrer
Votre question

Avira ne fonctionne pas

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
28 Mars 2010 15:50:12

Bonjour,

Ce matin je découvre que mon antivirus Avira ne veut pas s'ouvrir, le parapluie est fermé. Si j'essaie de la démarrer, rien n'y fait.

Quelqu'un peut m'aider SVP ?

Merci à l'avance à la gentille personne...

Autres pages sur : avira fonctionne

28 Mars 2010 15:55:13

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:54:32, on 2010-03-28
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira-AntiVir-Personal-Edition-9.0.0.74.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\dwwin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Outil de détection de support PMB.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O17 - HKLM\System\CCS\Services\Tcpip\..\{93114667-1BBE-4791-A5E2-05E23B7DD7EB}: NameServer = 192.168.1.1
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9075 bytes
28 Mars 2010 20:41:00

Bonsoir vanalexe,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches
Tuto : http://forum.pcastuces.com/randoms_system_information_t...

NB : Ces rapports sont enregistrés dans le dossier C:\rsit


A+
Contenus similaires
28 Mars 2010 22:51:08

Les voici:


Logfile of random's system information tool 1.06 (written by random/random)
Run by Windows at 2010-03-28 16:49:51
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 362 GB (76%) free of 477 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:59, on 2010-03-28
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
c:\program files\avira\antivir desktop\avgnt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\Documents and Settings\Windows\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Windows.exe
C:\WINDOWS\system32\dwwin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyberpresse.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Outil de détection de support PMB.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O17 - HKLM\System\CCS\Services\Tcpip\..\{93114667-1BBE-4791-A5E2-05E23B7DD7EB}: NameServer = 192.168.1.1
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9369 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A3F159E1-E2B9-4F26-8EF6-FDDDFF80E833}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL [2008-12-24 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-27 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-03-27 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-07 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-03-27 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-01-15 13680640]
"nwiz"=nwiz.exe /install []
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2008-06-10 1442888]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-07 149280]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-02 16859648]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-03-02 69632]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-01-15 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-25 68856]
"PopUpStopperFreeEdition"=C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe [2005-03-17 536576]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-11-11 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2006-01-07 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
C:\PROGRA~1\SONYCO~1\PICTUR~1\PICTUR~3\SonyTray.exe [2003-11-21 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
C:\PROGRA~1\SONYCO~1\PICTUR~1\PICTUR~1\RESIDE~1.EXE [2003-12-17 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirService"=2
"AntiVirSchedulerService"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Windows\Menu Démarrer\Programmes\Démarrage
Outil de détection de support PMB.lnk.disabled - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe"="C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"C:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe"="C:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\EA GAMES\MOHAA\moh_Breakthrough.exe"="C:\Program Files\EA GAMES\MOHAA\moh_Breakthrough.exe:*:Enabled:Medal of Honor Allied Assault(tm) Breakthrough"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe"="C:\Program Files\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

======List of files/folders created in the last 1 months======

2010-03-28 16:49:51 ----D---- C:\rsit
2010-03-28 13:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-03-28 13:24:05 ----A---- C:\WINDOWS\imsins.BAK
2010-03-28 13:24:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-03-28 09:57:32 ----SHD---- C:\Config.Msi
2010-03-28 09:54:22 ----D---- C:\Program Files\Trend Micro
2010-03-28 09:28:55 ----D---- C:\WINDOWS\LastGood
2010-03-28 09:28:33 ----D---- C:\Program Files\Panda Security
2010-03-27 21:41:54 ----D---- C:\Program Files\a-squared Anti-Malware
2010-03-24 18:32:16 ----D---- C:\Documents and Settings\Windows\Application Data\vlc
2010-03-24 18:31:44 ----D---- C:\Program Files\vlc-1.0.5-win32
2010-03-21 20:34:16 ----D---- C:\Documents and Settings\Windows\Application Data\Desktopicon
2010-03-20 12:35:10 ----D---- C:\WINDOWS\Prefetch
2010-03-20 11:58:15 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-03-20 11:49:38 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-03-20 11:49:38 ----A---- C:\WINDOWS\system32\irclass.dll
2010-03-20 11:49:25 ----RA---- C:\WINDOWS\SETB7.tmp
2010-03-20 11:49:21 ----RA---- C:\WINDOWS\SETAB.tmp
2010-03-20 11:49:20 ----RA---- C:\WINDOWS\SETA8.tmp
2010-03-13 17:27:37 ----A---- C:\WINDOWS\IsUn0c0c.exe
2010-03-04 12:22:16 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 months======

2010-03-28 16:47:52 ----D---- C:\Program Files\Mozilla Firefox
2010-03-28 15:56:36 ----D---- C:\WINDOWS\Internet Logs
2010-03-28 13:24:18 ----HD---- C:\WINDOWS\inf
2010-03-28 13:24:18 ----D---- C:\WINDOWS
2010-03-28 13:24:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-28 13:24:16 ----D---- C:\WINDOWS\system32
2010-03-28 13:24:15 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-28 13:23:36 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-28 13:23:00 ----D---- C:\Documents and Settings\Windows\Application Data\BitTorrent
2010-03-28 13:04:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-28 12:58:10 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-03-28 12:58:08 ----D---- C:\WINDOWS\temp
2010-03-28 12:21:00 ----D---- C:\WINDOWS\system32\wbem
2010-03-28 11:48:10 ----SD---- C:\WINDOWS\Tasks
2010-03-28 11:27:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 11:09:37 ----D---- C:\WINDOWS\Help
2010-03-28 09:57:35 ----SHD---- C:\WINDOWS\Installer
2010-03-28 09:57:34 ----D---- C:\WINDOWS\WinSxS
2010-03-28 09:54:22 ----RD---- C:\Program Files
2010-03-28 09:31:03 ----D---- C:\WINDOWS\system32\drivers
2010-03-27 22:31:02 ----D---- C:\Documents and Settings\Windows\Application Data\DNA
2010-03-27 22:23:32 ----SH---- C:\boot.ini
2010-03-27 22:23:32 ----A---- C:\WINDOWS\win.ini
2010-03-27 22:23:32 ----A---- C:\WINDOWS\system.ini
2010-03-27 21:58:08 ----D---- C:\Program Files\Google
2010-03-27 21:39:50 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-27 21:13:05 ----D---- C:\WINDOWS\Debug
2010-03-27 20:59:58 ----D---- C:\Program Files\DNA
2010-03-27 19:33:46 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-03-26 16:04:40 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-25 18:45:29 ----D---- C:\Program Files\Runes of Magic
2010-03-21 09:13:48 ----D---- C:\WINDOWS\SoftwareDistribution
2010-03-20 12:36:18 ----D---- C:\WINDOWS\Registration
2010-03-20 12:35:20 ----SHD---- C:\System Volume Information
2010-03-20 12:35:20 ----D---- C:\WINDOWS\system32\Restore
2010-03-20 12:03:32 ----D---- C:\WINDOWS\system32\config
2010-03-20 12:03:31 ----D---- C:\WINDOWS\nview
2010-03-20 12:01:59 ----D---- C:\WINDOWS\repair
2010-03-20 11:59:06 ----A---- C:\WINDOWS\ODBCINST.INI
2010-03-20 11:58:45 ----D---- C:\WINDOWS\system32\ias
2010-03-20 11:58:18 ----RD---- C:\WINDOWS\Web
2010-03-20 11:58:10 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-03-20 11:57:53 ----D---- C:\Program Files\Windows Media Player
2010-03-20 11:57:51 ----D---- C:\WINDOWS\system32\oobe
2010-03-20 11:57:50 ----D---- C:\Program Files\Outlook Express
2010-03-20 11:57:47 ----D---- C:\Program Files\Internet Explorer
2010-03-20 11:57:40 ----D---- C:\WINDOWS\system32\Com
2010-03-20 11:51:03 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-20 11:49:50 ----D---- C:\WINDOWS\security
2010-03-20 11:49:47 ----D---- C:\WINDOWS\system
2010-03-20 11:49:47 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2010-03-20 11:49:31 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-03-20 11:38:52 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-03-20 07:47:01 ----D---- C:\WINDOWS\system32\Setup
2010-03-20 07:46:54 ----D---- C:\WINDOWS\l2schemas
2010-03-20 07:46:53 ----D---- C:\WINDOWS\system32\usmt
2010-03-20 07:46:45 ----D---- C:\WINDOWS\AppPatch
2010-03-20 07:46:44 ----D---- C:\WINDOWS\ime
2010-03-20 07:46:42 ----RSD---- C:\WINDOWS\Fonts
2010-03-20 07:46:42 ----D---- C:\WINDOWS\Media
2010-03-20 07:46:41 ----D---- C:\WINDOWS\network diagnostic
2010-03-20 07:46:39 ----D---- C:\WINDOWS\system32\fr-fr
2010-03-20 07:46:31 ----D---- C:\WINDOWS\PeerNet
2010-03-20 07:46:19 ----D---- C:\WINDOWS\system32\npp
2010-03-20 07:46:13 ----D---- C:\WINDOWS\msagent
2010-03-20 07:46:09 ----D---- C:\WINDOWS\system32\fr
2010-03-20 07:43:40 ----D---- C:\WINDOWS\system32\1036
2010-03-20 07:43:28 ----D---- C:\WINDOWS\twain_32
2010-03-20 07:42:53 ----D---- C:\WINDOWS\system32\icsxml
2010-03-20 07:42:21 ----D---- C:\WINDOWS\system32\1033
2010-03-20 07:41:22 ----D---- C:\WINDOWS\Driver Cache
2010-03-16 16:33:33 ----D---- C:\Documents and Settings\Windows\Application Data\gtk-2.0

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-16 353672]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-01-22 20747]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-09-17 254872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-02 4652544]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-01-15 6301248]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-29 47360]
R3 RT73;ASUS USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 catchme;catchme; \??\C:\DOCUME~1\Windows\LOCALS~1\Temp\catchme.sys []
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]
S3 MS1000;MS1000; C:\WINDOWS\System32\DRIVERS\MS1000.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2005-01-28 18944]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-29 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-07 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-01-15 163908]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-13 272024]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-27 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 183280]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------





info.txt logfile of random's system information tool 1.06 2010-03-28 16:50:01

======Uninstall list======

-->C:\Program Files\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->Dummy
-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{107254A0-0ADF-11D4-9397-00D0B7020B38}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x40c UNINSTALL
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Age of Mythology-->"C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS Wireless Router WL-520GU Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B835DEF8-26A7-4E9B-B9F8-8D56F385DEAA}\Setup.exe" -l0x40c
ASUS WLAN Card Utilities/Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}\Setup.exe" -l0x40c
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield 1942: Secret Weapons of WWII-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}\setup.exe" -l0x40c
Battlefield 1942: The Road To Rome-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}\setup.exe" -l0x40c
Battlefield 1942-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x40c
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
ConvertXtoDVD 4.0.9.322-->"C:\Program Files\VSO\ConvertX\4\unins000.exe"
Diablo II-->C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe
eBay Icon-->C:\Documents and Settings\Windows\Application Data\Desktopicon\uninst.exe
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
GIMP 2.6.5-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
GoGear VIBE Device Manager-->C:\Program Files\InstallShield Installation Information\{CC8E0363-B20C-4792-8A1C-8DF5E01B68A6}\setup.exe -runfromtemp -l0x040c -removeonly
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Management Engine Interface-->C:\WINDOWS\system32\heciudlg.exe -uninstall
Intel(R) PRO Network Connections 12.1.12.0-->MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Medal of Honor Allied Assault(tm) Breakthrough-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}\Setup.exe" -l0x9
Medal of Honor Allied Assault(tm) Spearhead-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x9
Medal of Honor Allied Assault-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x9
Medal of Honor Pacific Assault(tm)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}\Setup.exe" -l0x9 -removeonly
Media Converter for Philips-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}\Setup.exe" -l0x40c
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA-->MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Mozilla Firefox (3.5.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Music Transfer-->C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe -runfromtemp -l0x040c -removeonly
Nero 7 Essentials-->MsiExec.exe /X{EF3E420F-2DCF-4C24-8E37-896801901033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OpenMG Limited Patch 4.4-06-13-19-01-->C:\Program Files\Fichiers communs\Sony Shared\OpenMG\HotFixes\HotFix4.4-06-13-19-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.4.00-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CFB17307-B244-4EAD-AE8E-CDAF440477C2} UNINSTALL
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Picture Package-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x40c UNINSTALL
Pivot Stickfigure Animator-->MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
Pop-Up Stopper Free Edition-->C:\PROGRA~1\PANICW~1\POP-UP~1\UNWISE.EXE C:\PROGRA~1\PANICW~1\POP-UP~1\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
PunkBuster pour Battlefield 1942-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{127B684B-A002-44C8-99A7-6CF8F1E26873}\setup.exe" -l0x40c
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Runes of Magic-->"C:\Program Files\Runes of Magic\unins000.exe"
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Seven Kingdoms Conquest-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D0822EC-391F-4D67-A59A-F6EC1087C732}\setup.exe" -l0x40c -uninst -removeonly
SonicStage 3.4-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x40c UNINSTALL -removeonly
Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x040c uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StarCraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\StarCraft\Uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB Joystick-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB322BA7-761F-476F-ABA1-227331CDEF29}\setup.exe" -l0x9 -removeonly
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinISO 5.3-->"C:\Program Files\WinISO\unins000.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XP TCP/IP Repair-->"C:\Program Files\XP TCPIP Repair\unins000.exe"
Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: INTEL1201
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

Record Number: 5770
Source Name: Service Control Manager
Time Written: 20100305084601.000000-300
Event Type: Informations
User:

Computer Name: INTEL1201
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Google Software Updater.

Record Number: 5769
Source Name: Service Control Manager
Time Written: 20100305084601.000000-300
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: INTEL1201
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 5768
Source Name: Tcpip
Time Written: 20100305075250.000000-300
Event Type: Avertissement
User:

Computer Name: INTEL1201
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : arrêté.

Record Number: 5767
Source Name: Service Control Manager
Time Written: 20100305074410.000000-300
Event Type: Informations
User:

Computer Name: INTEL1201
Event Code: 7036
Message: Le service Google Software Updater est entré dans l'état : en cours d'exécution.

Record Number: 5766
Source Name: Service Control Manager
Time Written: 20100305074310.000000-300
Event Type: Informations
User:

=====Application event log=====

Computer Name: INTEL1201
Event Code: 0
Message:
Record Number: 4919
Source Name: gusvc
Time Written: 20100108191611.000000-300
Event Type: Informations
User:

Computer Name: INTEL1201
Event Code: 0
Message:
Record Number: 4918
Source Name: gusvc
Time Written: 20100108191500.000000-300
Event Type: Informations
User:

Computer Name: INTEL1201
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18702, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x03080188.

Record Number: 4917
Source Name: Application Error
Time Written: 20100108183454.000000-300
Event Type: erreur
User:

Computer Name: INTEL1201
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18702, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x03080188.

Record Number: 4916
Source Name: Application Error
Time Written: 20100108183212.000000-300
Event Type: erreur
User:

Computer Name: INTEL1201
Event Code: 1000
Message: Application défaillante iexplore.exe, version 8.0.6001.18702, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x03080188.

Record Number: 4915
Source Name: Application Error
Time Written: 20100108181328.000000-300
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Intel\DMIX;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"tvdumpflags"=8

-----------------EOF-----------------
29 Mars 2010 12:57:53

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3925
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

2010-03-29 06:57:15
mbam-log-2010-03-29 (06-57-15).txt

Type de recherche: Examen rapide
Eléments examinés: 128846
Temps écoulé: 3 minute(s), 42 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
30 Mars 2010 03:27:24

Le voici


QuickScan Beta 32-bit v0.9.9.13
-------------------------------

Date de l'analyse : Mon Mar 29 21:25:49 2010
ID de la machine : 1CCC3D08



Aucune infection détectée.
----------------------------



Processus
---------
<non signé> Pop-Up Stopper Free Edition 2692 C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

<verifié> AntiVir Desktop 3572 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<verifié> AntiVir Desktop 2320 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
<verifié> AntiVir Desktop 2764 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
<verifié> AntiVir Desktop 2436 C:\Program Files\Avira\AntiVir Desktop\sched.exe
<verifié> AntiVir Workstation 3164 C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
<verifié> Apple Mobile Device Service 272 C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
<verifié> ArcSoft Connect 252 C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
<verifié> Bonjour 308 C:\Program Files\Bonjour\mDNSResponder.exe
<verifié> Firefox 1628 C:\Program Files\Mozilla Firefox\firefox.exe
<verifié> GoogleToolbarNotifier 2548 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verifié> Java(TM) Platform SE 6 U17 508 C:\Program Files\Java\jre6\bin\jqs.exe
<verifié> Java(TM) Platform SE 6 U17 3584 C:\Program Files\Java\jre6\bin\jusched.exe
<verifié> Microsoft Distributed Transaction Coord 2460 C:\WINDOWS\system32\msdtc.exe
<verifié> Microsoft IntelliType Pro 3576 C:\Program Files\Microsoft IntelliType Pro\itype.exe
<verifié> Microsoft Search Enhancement Pack 836 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
<verifié> Microsoft® Windows® Operating System 3140 C:\WINDOWS\System32\alg.exe
<verifié> Microsoft® Windows® Operating System 956 C:\WINDOWS\system32\csrss.exe
<verifié> Microsoft® Windows® Operating System 2700 C:\WINDOWS\system32\ctfmon.exe
<verifié> Microsoft® Windows® Operating System 3132 C:\WINDOWS\system32\dllhost.exe
<verifié> Microsoft® Windows® Operating System 1040 C:\WINDOWS\system32\lsass.exe
<verifié> Microsoft® Windows® Operating System 1972 C:\WINDOWS\system32\spoolsv.exe
<verifié> Microsoft® Windows® Operating System 416 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1240 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1328 C:\WINDOWS\System32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1368 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1512 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1544 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 1288 C:\WINDOWS\system32\svchost.exe
<verifié> Microsoft® Windows® Operating System 3480 C:\WINDOWS\system32\wuauclt.exe
<verifié> NMSAccessU.exe 584 C:\Program Files\CDBurnerXP\NMSAccessU.exe
<verifié> NVIDIA Driver Helper Service, Version 1 624 C:\WINDOWS\system32\nvsvc32.exe
<verifié> Realtek HD Audio Sound Effect Manager 3676 C:\WINDOWS\RTHDCPL.EXE
<verifié> RichVideo Module 696 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
<verifié> Système d'exploitation Microsoft® Windo 780 C:\WINDOWS\Explorer.EXE
<verifié> Système d'exploitation Microsoft® Windo 1816 C:\WINDOWS\system32\RUNDLL32.EXE
<verifié> Système d'exploitation Microsoft® Windo 1028 C:\WINDOWS\system32\services.exe
<verifié> Système d'exploitation Microsoft® Windo 660 C:\WINDOWS\System32\smss.exe
<verifié> Système d'exploitation Microsoft® Windo 980 C:\WINDOWS\system32\winlogon.exe
<verifié> TrueVector Service 1584 C:\WINDOWS\system32\ZoneLabs\vsmon.exe
<verifié> Windows Live Communications Platform 3432 C:\Program Files\Windows Live\Contacts\wlcomm.exe
<verifié> Windows Live Messenger 2804 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<verifié> ZoneAlarm Client 3644 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe


Activité du réseau
------------------
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 74.125.93.138
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 199.7.48.190
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 199.7.48.190
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 96.17.104.35
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 96.6.120.34
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 72.14.204.148
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 194.126.217.78
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 62.160.52.73
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.111.181.253
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 66.249.80.148
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 207.171.14.112
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 72.14.204.154
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 66.235.143.121
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 96.6.69.115
Processus firefox.exe (1628) connecté sur le port 80 (HTTP) - 208.48.161.102

Processus svchost.exe (1288) écoute sur les ports: 135 (RPC)


Fichiers critiques et Autorun
-----------------------------
<non signé> Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll
<non signé> Pop-Up Stopper Free Edition C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
<non signé> Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe

<verifié> AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<verifié> Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
<verifié> Google Updater C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
<verifié> GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
<verifié> Java(TM) Platform SE 6 U17 C:\Program Files\Java\jre6\bin\jusched.exe
<verifié> Microsoft IntelliType Pro C:\Program Files\Microsoft IntelliType Pro\itype.exe
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
<verifié> NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\nvcpl.dll
<verifié> NVIDIA Media Center Library C:\WINDOWS\system32\nvmctray.dll
<verifié> nwiz.exe C:\WINDOWS\system32\nwiz.exe
<verifié> Realtek AC97 Audio - Event Monitor C:\WINDOWS\ALCMTR.EXE
<verifié> Realtek HD Audio Sound Effect Manager C:\WINDOWS\RTHDCPL.EXE
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\browseui.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\crypt32.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\cscdll.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\logonui.exe
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\sclgntfy.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\shell32.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\stobject.dll
<verifié> Système d'exploitation Microsoft® Windo c:\windows\system32\userinit.exe
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\webcheck.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\wlnotify.dll
<verifié> ZoneAlarm Client C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe


Plugins du navigateur
---------------------
<non signé> Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
<non signé> Installer Control C:\WINDOWS\Downloaded Program Files\InstallerControl.dll
<non signé> Java(TM) Platform SE 6 U17 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
<non signé> nppdf32.FRA C:\Program Files\Internet Explorer\plugins\nppdf32.FRA
<non signé> nppdf32.FRA C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> Outil MSN Téléchargement de photos C:\WINDOWS\Downloaded Program Files\PURfr-ca.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
<non signé> QuickTime Plug-in 7.6.5 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
<non signé> Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<non signé> Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

<verifié> AcroIEHelperShim Library c:\program files\fichiers communs\adobe\acrobat\activex\acroiehelpershim.dll
<verifié> Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
<verifié> Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
<verifié> ArcSoft Video Downloader c:\program files\arcsoft\media converter for philips\internet video downloader\arcurlrecord.dll
<verifié> BitDefender QuickScan C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\8035q61z.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
<verifié> BitDefender QuickScan C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\8035q61z.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verifié> DNA Plug-in C:\Program Files\DNA\plugins\npbtdna.dll
<verifié> Family Safety Browser Helper Object Lib c:\program files\windows live\family safety\fssbho.dll
<verifié> Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll
<verifié> Google Update C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
<verifié> Google Updater C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
<verifié> GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
<verifié> Java Deployment Toolkit 6.0.170.4 C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
<verifié> Java(TM) Platform SE 6 U17 c:\program files\java\jre6\bin\jp2ssv.dll
<verifié> Messenger C:\Program Files\Messenger\msmsgs.exe
<verifié> Microsoft Search Enhancement Pack c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
<verifié> Microsoft® Windows Live Login Helper c:\program files\fichiers communs\microsoft shared\windows live\windowslivelogin.dll
<verifié> Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verifié> Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
<verifié> Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verifié> MSN Photo Upload Control C:\WINDOWS\Downloaded Program Files\PURen-us.dll
<verifié> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll
<verifié> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\MineSweeper.dll
<verifié> MSN® Games by Zone.com C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
<verifié> npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
<verifié> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verifié> Panda ActiveScan 2.0 C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll
<verifié> sdhelper.dll c:\program files\spybot - search & destroy\sdhelper.dll
<verifié> Silverlight Plug-In c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll
<verifié> Système d'exploitation Microsoft® Windo C:\WINDOWS\system32\mswsock.dll
<verifié> UNO Messenger C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll
<verifié> Windows Live Toolbar c:\program files\windows live\toolbar\wltcore.dll
<verifié> Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
<verifié> Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll


Fichiers manquants
------------------
Fichier non trouvé : C:\DOCUME~1\Windows\LOCALS~1\Temp\catchme.sys
référencé dans : HKLM\System\ControlSet001\services\catchme\"ImagePath"

Fichier non trouvé : C:\WINDOWS\System32\appmgmts.dll
référencé dans : HKLM\System\ControlSet001\services\AppMgmt\Parameters\"ServiceDll"

Fichier non trouvé : System32\DRIVERS\MS1000.sys
référencé dans : HKLM\System\ControlSet001\services\MS1000\"ImagePath"


Analyse
-------
<non signé> MD5: 0c82754d7ff191e55525f7d2679657ba C:\Program Files\Avira\AntiVir Desktop\aebb.dll
<non signé> MD5: 96501856ee4cc86ac9cff8fdf98f67de C:\Program Files\Avira\AntiVir Desktop\aecore.dll
<non signé> MD5: 05c1fb890143704eb526c3044c6cd506 C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
<non signé> MD5: 6c40287a7997a31b33925752ef5bde34 C:\Program Files\Avira\AntiVir Desktop\aegen.dll
<non signé> MD5: bd22753223107a77c8d98055198d7f8f C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
<non signé> MD5: 606dae3eb0300108d4ecf7effa9e32d2 C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
<non signé> MD5: a34040c3cc4ff232df2d88bb596a3e6f C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
<non signé> MD5: 68b89e18be8c02f8ee6410fef17143b1 C:\Program Files\Avira\AntiVir Desktop\aepack.dll
<non signé> MD5: ff857ba7f18320e982dd9bba790396de C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
<non signé> MD5: d1efc8020eadaa19c39c974e2af354d8 C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
<non signé> MD5: 79fb5a728af28f6f6b4536cf5be20da8 C:\Program Files\Avira\AntiVir Desktop\aescn.dll
<non signé> MD5: f0cd6a118290667925cd73fffaed4b7f C:\Program Files\Avira\AntiVir Desktop\aescript.dll
<non signé> MD5: 35b320ae9ea62857e4f2b972dcf8a768 C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
<non signé> MD5: ddf0d660e994d0bb912f37dca7afe8f7 C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
<non signé> MD5: e1ac63748ef4d24e04060c5c61160643 C:\Program Files\Avira\AntiVir Desktop\avgio.dll
<non signé> MD5: 06990855177b4ab5366864738c43d459 C:\Program Files\Avira\AntiVir Desktop\avipc.dll
<non signé> MD5: b9be6bbd5a5d067999bb43de297f589a C:\Program Files\Avira\AntiVir Desktop\avnotify.dll
<non signé> MD5: 92ea86876dfde3b9f6b4b6443c8b11fb C:\Program Files\Avira\AntiVir Desktop\avpref.dll
<non signé> MD5: dfca644502dfa491384a53f87ae03fb6 C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll
<non signé> MD5: e297d7ede615bc39f6a3708e2f9a924c C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
<non signé> MD5: a48457fa81661ff73b549e42ca2488a2 C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
<non signé> MD5: 298b49e02025add1d12aaf27937a3549 C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
<non signé> MD5: 41303e032613d2c4e29be8b8eb5f027b C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll
<non signé> MD5: 80803bf24c42c1b7130f8ad69e05b744 C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
<non signé> MD5: 81ba09327b20a9bf88e47091d9d0d3c7 C:\Program Files\Avira\AntiVir Desktop\cclic.dll
<non signé> MD5: 939286b2d5177e88d1fa804413ac8862 C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
<non signé> MD5: dcd62c40142df3b41f64ac837feb5716 C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll
<non signé> MD5: 2a21fbfd0a0c14173ea4c06adb9bb6cd C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
<non signé> MD5: 76d19b395001f884eeed44d582fd5658 C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll
<non signé> MD5: 33655c5b9c71199f8786cc5e3a4b356e C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
<non signé> MD5: 3fef6e15b2f4596a58854e4ef4f1d9eb C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
<non signé> MD5: 96bcd91d7f84ec265ceb2f4d47838a51 C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
<non signé> MD5: 01936b92434b6ab994d9bb2139729cfb C:\Program Files\Avira\AntiVir Desktop\cfglib.dll
<non signé> MD5: 92d9eb35797530fedc07b1d75533f68e C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
<non signé> MD5: 020e9a91b8da0927e8a60868d90f515a C:\Program Files\Avira\AntiVir Desktop\libdb44.dll
<non signé> MD5: 7464c6694036b42ba237eb723a34d0f4 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
<non signé> MD5: 13a86ff71b5e57da8c9a6e2316ce1eaa C:\Program Files\Avira\AntiVir Desktop\schedr.dll
<non signé> MD5: 0815aff09e50a3cf1349396f5b2ebc6a C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
<non signé> MD5: 292f92469efb2fd402e00742c06d539d C:\Program Files\Bonjour\mdnsNSP.dll
<non signé> MD5: 2caaef5ab410a5d69d57e3be0870e589 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
<non signé> MD5: b490bd0678cb6a4890a86020ed106c75 C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
<non signé> MD5: dcacc2fc7dc0a3d7a60beb81fa233822 C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
<non signé> MD5: 1b7447278005e38e464b34a7e841d628 C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
<non signé> MD5: f05b8d10bd6ad4cbb561e29d5be2c674 C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
<non signé> MD5: f81ca5091c26a92e6b464381b8694e5a C:\Program Files\Internet Explorer\plugins\nppdf32.FRA
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
<non signé> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\Program Files\Java\jre6\bin\msvcr71.dll
<non signé> MD5: dee8f03d1eace0c8f914a2c76568ea32 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
<non signé> MD5: 1aab00ae4ffb5c72a0a06a254f80510e C:\Program Files\Mozilla Firefox\freebl3.dll
<non signé> MD5: 39dfd2c92728fca093d5bdefe5f6e801 C:\Program Files\Mozilla Firefox\nssdbm3.dll
<non signé> MD5: f81ca5091c26a92e6b464381b8694e5a C:\Program Files\Mozilla Firefox\plugins\nppdf32.FRA
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
<non signé> MD5: f3c81a83d2332cbe12f519e53a7e413c C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
<non signé> MD5: 89e6d66ec90b4e8e41b55248eb7c84cb C:\Program Files\Mozilla Firefox\softokn3.dll
<non signé> MD5: 7b93c623333f121dc9e689ccb1b7a733 C:\Program Files\Nero\Nero 7\Nero BackItUp\mfc71u.dll
<non signé> MD5: 561fa2abb31dfa8fab762145f81667c2 C:\Program Files\Nero\Nero 7\Nero BackItUp\msvcp71.dll
<non signé> MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\Program Files\Nero\Nero 7\Nero BackItUp\msvcr71.dll
<non signé> MD5: fd8aa90a78160e4374ee44d892e0de3a C:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
<non signé> MD5: 26f17f8fd3a420b864c45ed2d31abcbf C:\Program Files\Windows Live\Messenger\msidcrl40.dll
<non signé> MD5: c9bea742ce225cc993c9465fddae4656 C:\Program Files\Windows Media Player\WMPNetwk.exe
<non signé> MD5: f11fe030158f8ef14a56a3ea9e9bd47d C:\Program Files\WinRAR\RarExt.dll
<non signé> MD5: fd8aa90a78160e4374ee44d892e0de3a C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
<non signé> MD5: 4faa49ec49d9dd5d1aed49ad15154355 C:\PROGRA~1\PANICW~1\POP-UP~1\XA\psgain3.dll
<non signé> MD5: 3a8fbcf0aa83a49c4a0c222d6fb53d91 C:\PROGRA~1\PANICW~1\POP-UP~1\XA\psie6.dll
<non signé> MD5: 2b1ebdf48539125e64667d6ee4ad951f C:\PROGRA~1\PANICW~1\POP-UP~1\XA\psns4.dll
<non signé> MD5: 1fa901b5134db22daaff08ff34d6ee56 C:\PROGRA~1\PANICW~1\POP-UP~1\XA\psns7.dll
<non signé> MD5: dc2397c6c5cf3c6f3a3abeca3054e31f C:\PROGRA~1\PANICW~1\POP-UP~1\XA\pswmsg.dll
<non signé> MD5: 3e6298139c065bc82859c72d17c02a01 C:\PROGRA~1\PANICW~1\POP-UP~1\XAHook.dll
<non signé> MD5: badd66f7d8ea1c181398cb868cf1ff83 C:\PROGRA~1\WinZip\WZSHLSTB.DLL
<non signé> MD5: 46e2d72a986dcef5b2827311e3b5c2ec C:\WINDOWS\Downloaded Program Files\InstallerControl.dll
<non signé> MD5: 732caca8e848f6e721b093e51fc50b1d C:\WINDOWS\Downloaded Program Files\PURfr-ca.dll
<non signé> MD5: 4b423ddb78ab25bcd2ef9bb2f264cbd7 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
<non signé> MD5: bca175a4d68910b97c9391f2b5f02a4d C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
<non signé> MD5: 05a56c3156e1b6cc7bbd8e1d54d491f2 C:\WINDOWS\system32\ASNDIS5.SYS
<non signé> MD5: 2f7f3e8da380325866e566f5d5ec23d5 C:\WINDOWS\system32\DRIVERS\AegisP.sys
<non signé> MD5: 5b6c11de7e839c05248ced8825470fef C:\WINDOWS\System32\Drivers\pcouffin.sys
<non signé> MD5: 3cf9a6f04a2708646fb2def4db92688b C:\WINDOWS\system32\ieframe.dll
<non signé> MD5: e143f6a1c023c5bf2cfa9924f1a11f96 C:\WINDOWS\system32\iertutil.dll
<non signé> MD5: fee2ba1ad38f457f418e82ea30724053 C:\WINDOWS\system32\msfeedssync.exe
<non signé> MD5: 31fb4b337dd09bdf99429d7dbb5fdd48 C:\WINDOWS\system32\netfxperf.dll
<non signé> MD5: ec6d61b41efd7857b437800d1d715682 C:\WINDOWS\system32\nvrsfr.dll
<non signé> MD5: 159c3bdbc118ffecba5076b837981445 C:\WINDOWS\system32\nvshell.dll
<non signé> MD5: 9d45b2201d0ecf9f42136c7b99deb8b2 C:\WINDOWS\system32\PortableDeviceApi.dll
<non signé> MD5: 22358578cb321f3325496a3723029409 C:\WINDOWS\system32\PortableDeviceTypes.dll
<non signé> MD5: eee7f12d9ff46f68fbc0da059a359e9e C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
<non signé> MD5: 045e228f71c31901084b64be59093499 C:\WINDOWS\system32\WPDShServiceObj.dll
<non signé> MD5: 3b5f0bf4125688a531fa21c823ea6193 C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
<non signé> MD5: 0b80e86a50d350cd31316eb4cd702db5 C:\WINDOWS\system32\ZoneLabs\icslta.dll
<non signé> MD5: e7a9c1713a88464e26ac4225f6e7be3f C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll


Aucun fichier téléchargé vers le serveur.

Analyse terminée - la communication a duré 4 secondes
Trafic total - 0.08 Mo envoyés, 3.09 Ko reçus
1238 fichiers et modules analysés - 63 seconds
30 Mars 2010 12:19:09

Bonjour vanalexe,

il faut mettre à jour Java (faille de sécurité) :
http://java.sun.com/javase/downloads/index.jsp
Clique sur Download Java Runtime Environment (JRE) 6u18 et dans la page suivante, coche I agree puis télécharge Windows Offline Installation, Multi-language/jre-6u18-windows-i586-p.exe/
Adobe (idem) :
http://www.adobe.com/fr/products/acrobat/readstep2.html
Acrobat Reader 9.3.1
Décoche McAfee Security Scan gratuit

De+ mets à jour Internet Explorer (8) : http://www.microsoft.com/france/windows/products/winfam...

:) 

A+

30 Mars 2010 13:11:17

D'accord c'est fait.

Vois-tu quelque chose d'autre qui cloche ?
31 Mars 2010 11:15:34

vanalexe a dit :
> Vois-tu quelque chose d'autre qui cloche ?


Bonjour vanalexe,

> Ben non, comment va ton Pc?

A+
31 Mars 2010 12:52:56

Avira fonctionne à nouveau et l'ordi le reconnaît...enfin !

J'ai plusieurs mises à jour windows qui me sont apparues, dois-je les faire ?
1 Avril 2010 11:05:50

vanalexe a dit :
> J'ai plusieurs mises à jour windows qui me sont apparues, dois-je les faire ?


Bonjour vanalexe,

> Evidemment.

Si tu penses ne+ avoir de souci :

* Je te conseille de défragmenter ton PC : http://www.6ma.fr/tuto/defragmenter+disque+sous+windows...
* Il est fortement recommandé d' avoir tous ses logiciels à jour.
* Tu peux supprimer ceux que nous avons utilisés (RSIT...) traitant d' infections spécifiques.
* Garde Malwarebytes' Anti-Malware.

-----------------------------------------------------------------------------------------------------------------------------------

Maintenant que ta machine n' est plus infectée, désactive la Restauration du système : http://forum.pcastuces.com/desactiver_la_restauration_s...

-----------------------------------------------------------------------------------------------------------------------------------

Pour la sécurité de ton PC, prends quelques minutes pour lire :
http://www.infos-du-net.com/forum/275481-11-dossier-pre...

-----------------------------------------------------------------------------------------------------------------------------------

Marque ton sujet en (Résolu).

A+
Edit : Manip' :ange: 
1 Avril 2010 13:00:06

D'accord je ferai toutes ces actions.

Pourquoi désactiver la restauration système ? Est-ce que je dois la réactiver ensuite ?

Merci beaucoup pour ton temps et tous tes conseils.
2 Avril 2010 08:02:14

vanalexe a dit :
> Pourquoi désactiver la restauration système ?


Bonjour vanalexe,

> Afin de créer un point de Restauration sain.

A+


Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS