Posez votre question Signaler

Pc bloqué

resbel - Dernière réponse le 11 juil. 2009 à 21:11
Bonjour,
Mon PC bloque.
Ccleaner fonctionne.
Malware bloque aprés 1 minute.
Antivir premium suite bloque après 17 % mais indique 8 positifs et 2 avetissements.Il indique PCK/execryptor et SPR/Tool.Hardoff.A.
ci joint le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:40:01, on 1/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\USBStorage\USBDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_19\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skynet.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.linksys.com/be/registration
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Lire la suite 
Réponse
+0
moins plus
slt
démarre en mode sans echec et passe malwarebyte (scan rapide) puis antivir et colle nous les rapports dans ton prochain message


http://www.commentcamarche.net/faq/sujet 5004 windows demarrage en mode sans echec




___________________


si cela marche pas

utilise Antivir Rescue System pour scanner ton ordi à partir d'un cd et éradiquer les infections (il faut démarrer l'ordi à partir du cd en modifiant dans le bios l'ordre de démarrage)

http://www.malekal.com/tutorial_Antivir_Rescue_System.php

ou DR WEB live cd (même principe que Antivir rescue system)

http://www.freedrweb.com/livecd/?lng=fr
jlpjlp 51598Messages postés vendredi 18 mai 2007Date d'inscription Contributeur sécuritéStatut 14 mars 2015Dernière intervention - 7 juil. 2009 à 17:37
oui je pense que tu dois faire un formatage pour tout remettre à plat
sauvegarde te donnée puis formate

si de plantages persistent c'est qui tu as un souci materiel : disque dur ....



pour sauvegarder le principal facilement utilise fab's autobackup

http://www.commentcamarche.net/telecharger/telecharger 34055063 fab s autobackup
Répondre
resbel- 10 juil. 2009 à 16:31
tout fonctionne si ce n'est un peu lent à démarrer.n'y a t il pas trop de raccourcis sur le bureau ?
Merci mille fois.
Répondre
resbel- 9 juil. 2009 à 22:45
Effectivement cela fonctionne.rappoert RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-07-09 22:40:07
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 137 GB (59%) free of 232 GB
Total RAM: 1022 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:40:45, on 9/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\RSIT.exe
C:\Program Files\trend micro\HP_Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe
Répondre
resbel- 9 juil. 2009 à 23:25
je n''ai pas formaté

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.30 (Activated)
Firewall : Outpost Firewall Pro 6.5.5 (Activated)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:133 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:17 Go)
E:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( jeu. 09/07/2009|23:14 )

-----------\\ SUPPRESSION

Supprime! - [Service] ASKUpgrade
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_Astroburn.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(HP_Administrateur) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe

(HP_Administrateur.BOON) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(HP_Administrateur.BOON) - {53c4d698-0a74-873e-7946-7d19bb035667} => boox
(HP_Administrateur.BOON) - {5546F97E-11A5-46b0-9082-32AD74AAA920} => informenter
(HP_Administrateur.BOON) - {cb84136f-9c44-433a-9048-c5cd9df1dc16} => bdtoolbar
(HP_Administrateur.BOON) - {D419DABB-C0EA-4168-BFD7-637C7BF90D0A} => password

(HP_Administrateur.HENRI) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe
(HP_Administrateur.HENRI) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(HP_Administrateur.HENRI) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.yoower.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://ie.redirect.hp.com/..."
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/..."


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - jeu. 09/07/2009|23:20 - Option : [2]

-----------\\ Fin du rapport a 23:20:37,40
Répondre
resbel- 11 juil. 2009 à 15:12
Bonjour,
Parfait : problèmes résolus.
Encore mille fois bien merci.
très sincères salutations.
Resbel
Répondre
Ajouter un commentaire
Annonces
 
moins plus
Réponse
+0
moins plus
après antivir rescue systeme tu peux passer malwarebyte ou antivir???
si oui colle un rapport avec pour voir
_______________

l'ordi se comporte bien?

_________________

puis

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
resbel- 20 juin 2009 à 18:44
bonjour,
J'ai refait superantispyware qui n'a rien trouvé.
Bitdefender stoppé après 467254 fichiers,pointeur de souris zigzazuant dans tous les sens et ensuite écran bleu avec avertissement kernel_inkpage_error.
CHKDSK/F/E = nombreux clusters endommagé et donc remplacés?
Finalement ne faut il pas remplacer le disque dur et si oui quel type?
Salutations
Répondre
Ajouter un commentaire
Annonces
 
moins plus
Réponse
+0
moins plus
cijoint info.txt
info.txt logfile of random's system information tool 1.06 2009-06-02 14:16:40

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x040c -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c32
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira Premium Security Suite-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Detective-->"C:\Program Files\InstallShield Installation Information\{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}\setup.exe" -runfromtemp -l0x0409 -removeonly
Driver Detective-->MsiExec.exe /X{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}
Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins001.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (fra)-->C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
IE PassView-->C:\WINDOWS\zipinst.exe /uninst "C:\Program Files\IE PassView\uninst1~.nsu"
Intel(R) Network Connections 14.0.40.0-->MsiExec.exe /i{888019C0-54D4-40C2-9274-27B9DAB17017} ARPREMOVE=1
Intel(R) Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
J2SE Development Kit 5.0 Update 19-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150190}
J2SE Runtime Environment 5.0 Update 19-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150190}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Le logiciel Intel® Viiv™-->MsiExec.exe /X{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x40c
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x40c
PC-Doctor 5 pour Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Services Off-line de Home'Bank 4.54-->"C:\Program Files\ING\Off-line\unins000.exe"
Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
ubCore-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoMate T , M , P Series Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E340F0-0BD6-4A87-AF29-E9E584471756}\Setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
xp-AntiSpy 3.97-3-->C:\Program Files\xp-AntiSpy\Uninstall.exe

======Security center information======

AV: AntiVir Desktop
FW: Avira Pare-feu

======System event log======

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1400
Source Name: NetBT
Time Written: 20090514230545.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 1002
Message: Le bail de l'adresse IP 192.168.1.100 pour la carte réseau dont l'adresse réseau est 0018F37B9453
a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK).

Record Number: 1357
Source Name: Dhcp
Time Written: 20090514170802.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection
. Le lien a été déconnecté.

Record Number: 1353
Source Name: e1express
Time Written: 20090514170732.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 2504
Message: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{4A6FB951-DCBB-4646-A52E-90BFBA3DA4C1}.

Record Number: 1249
Source Name: Server
Time Written: 20090514132536.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1215
Source Name: NetBT
Time Written: 20090514125103.000000+120
Event Type: error
User:

=====Application event log=====

Computer Name: HENRI
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\Program Files\IE PassView\iepv.exe
un code suspect avec la désignation 'SPR/PSW.NetPass.ET'!

Record Number: 1066
Source Name: Avira AntiVir
Time Written: 20090521184415.000000+120
Event Type: warning
User: AUTORITE NT\SYSTEM

Computer Name: HENRI
Event Code: 1004
Message: Application défaillante services.exe, version 5.1.2600.5755, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00d9fb05.

Record Number: 1065
Source Name: Application Error
Time Written: 20090521184401.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1057
Source Name: Avira Pare-feu
Time Written: 20090521184305.000000+120
Event Type:
User:

Computer Name: HENRI
Event Code: 2004
Message: Impossible d'ouvrir le Service serveur. Les données de performance du
serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.

Record Number: 1038
Source Name: PerfNet
Time Written: 20090519080927.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1037
Source Name: Avira Pare-feu
Time Written: 20090519080926.000000+120
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Intel\DMIX;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

-----------------EOF-----------------
Ajouter un commentaire
Réponse
+0
moins plus
le deuxième rapport?
Ajouter un commentaire
Réponse
+0
moins plus
Bonjour,
l'ordinateur est plus lentCi-joint les 2 rapports.
1.Infotext :
info.txt logfile of random's system information tool 1.06 2009-06-02 14:16:40

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x040c -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c32
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira Premium Security Suite-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Detective-->"C:\Program Files\InstallShield Installation Information\{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}\setup.exe" -runfromtemp -l0x0409 -removeonly
Driver Detective-->MsiExec.exe /X{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}
Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins001.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (fra)-->C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
IE PassView-->C:\WINDOWS\zipinst.exe /uninst "C:\Program Files\IE PassView\uninst1~.nsu"
Intel(R) Network Connections 14.0.40.0-->MsiExec.exe /i{888019C0-54D4-40C2-9274-27B9DAB17017} ARPREMOVE=1
Intel(R) Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
J2SE Development Kit 5.0 Update 19-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150190}
J2SE Runtime Environment 5.0 Update 19-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150190}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Le logiciel Intel® Viiv™-->MsiExec.exe /X{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x40c
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x40c
PC-Doctor 5 pour Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Services Off-line de Home'Bank 4.54-->"C:\Program Files\ING\Off-line\unins000.exe"
Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
ubCore-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoMate T , M , P Series Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E340F0-0BD6-4A87-AF29-E9E584471756}\Setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
xp-AntiSpy 3.97-3-->C:\Program Files\xp-AntiSpy\Uninstall.exe

======Security center information======

AV: AntiVir Desktop
FW: Avira Pare-feu

======System event log======

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1400
Source Name: NetBT
Time Written: 20090514230545.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 1002
Message: Le bail de l'adresse IP 192.168.1.100 pour la carte réseau dont l'adresse réseau est 0018F37B9453
a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK).

Record Number: 1357
Source Name: Dhcp
Time Written: 20090514170802.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection
. Le lien a été déconnecté.

Record Number: 1353
Source Name: e1express
Time Written: 20090514170732.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 2504
Message: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{4A6FB951-DCBB-4646-A52E-90BFBA3DA4C1}.

Record Number: 1249
Source Name: Server
Time Written: 20090514132536.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1215
Source Name: NetBT
Time Written: 20090514125103.000000+120
Event Type: error
User:

=====Application event log=====

Computer Name: HENRI
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\Program Files\IE PassView\iepv.exe
un code suspect avec la désignation 'SPR/PSW.NetPass.ET'!

Record Number: 1066
Source Name: Avira AntiVir
Time Written: 20090521184415.000000+120
Event Type: warning
User: AUTORITE NT\SYSTEM

Computer Name: HENRI
Event Code: 1004
Message: Application défaillante services.exe, version 5.1.2600.5755, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00d9fb05.

Record Number: 1065
Source Name: Application Error
Time Written: 20090521184401.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1057
Source Name: Avira Pare-feu
Time Written: 20090521184305.000000+120
Event Type:
User:

Computer Name: HENRI
Event Code: 2004
Message: Impossible d'ouvrir le Service serveur. Les données de performance du
serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.

Record Number: 1038
Source Name: PerfNet
Time Written: 20090519080927.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1037
Source Name: Avira Pare-feu
Time Written: 20090519080926.000000+120
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Intel\DMIX;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

-----------------EOF-----------------
2.log text

Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-06-02 14:25:52
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 150 GB (65%) free of 232 GB
Total RAM: 1022 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:25:53, on 2/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\USBStorage\USBDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_19\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Administrateur\Bureau\RSIT.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HP_Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skynet.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.linksys.com/be/registration
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Ajouter un commentaire
Réponse
+0
moins plus
colle un rapport malwarebyte et antivir pour voir

regarde la température du pc: avec speedfan:
http://www.commentcamarche.net/telecharger/telecharger 34055057 speedfan
Ajouter un commentaire
Réponse
+0
moins plus
Win9x:NO 64Bit:NO GiveIO:YES SpeedFan:YES
I/O properly initialized
Linked ISA BUS at $0290
Linked Intel 82801HB ICH8 SMBUS at $0500
Scanning ISA BUS at $0290...
SuperIO Chip=Asus F8000
Asus F8000 found on ISA at $290
Scanning Intel SMBus at $0500...
Found ST3250824AS (250,1GB)
Found ST3250824AS (250,1GB)
Found ACPI temperature (21,0C)
Found Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
End of detection
Temp1 47C
Temp2 128C
Temp3 29C
HDO 43C
HD1 41C
Temp1 21C
Core 0 44C
Core1 44C
Salutations,
Ajouter un commentaire
Réponse
+0
moins plus
ok colle antivir et malwarebyte
Ajouter un commentaire
Réponse
+0
moins plus
Bonjour,
Avira Premium Security Suite Updater

Heure de création : Thu Jun 04 23:17:38 2009


Système d'exploitation:
Windows XP (Service Pack 3) [5.1.2600]

Informations produit :
Version produit : 9.0.0.61
Updater : C:\Program Files\Avira\AntiVir Desktop\update.exe 9.0.0.46

Répertoire temporaire : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Répertoire de sauvegarde : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Répertoire dapos;installation : C:\Program Files\Avira\AntiVir Desktop\
Répertoire de l'Updater : C:\Program Files\Avira\AntiVir Desktop\
Répertoire AppData : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\


[UPD] [INFO] Contrôle en cours pour savoir si des fichiers plus récents sont disponibles.
[UPD] [INFO] Sélection en cours du serveur de mise à jour 'http://62.146.87.172/update'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/master.idx' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/wks_avira-win32-fr-isec.idx' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-fr-isec.idx'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/wks_avira-win32-fr-isec.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-fr-isec.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/webcat-common-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\webcat-common-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/vdf.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\vdf.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/ave2-win32-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\ave2-win32-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/antispam-win32-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\antispam-win32-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/specvir-win32-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\specvir-win32-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/wks_avira-win32-fr-isec-info.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-fr-isec-info.info.gz'.
[UPD] [INFO] Comparaison en cours des fichiers locaux avec la version disponible sur le serveur de mise à jour.
[UPD] [INFO] Contrôle en cours du module SELFUPDATE :
[UPD] [INFO] Contrôle en cours du module WEBCAT :
[UPD] [INFO] Fichier 'webcat/common/int/webcat1.dat' (local, serveur) : aed9a06d7faf674f1f0b61af27c5c6ee != 39db65f35863b12d20cde3b1bc3d2da5
[UPD] [INFO] Fichier 'webcat/common/int/webcat2.dat' (local, serveur) : 42e51833ec5226cbe085edc654f5cf78 != 4dec593ccf594dbbcfaeb4712b96a8e9
[UPD] [INFO] Fichier 'webcat/common/int/webcat3.dat' (local, serveur) : f54984dea6f05cabda2471140067ee09 != ce011d092eb17f4395cae63956ff03eb
[UPD] [INFO] Fichier 'webcat/common/int/webcat4.dat' (local, serveur) : 37eeadc18de607dcc66406afe53879e2 != d50516c88c452337078410ad0178f12e
[UPD] [INFO] Contrôle en cours du module VDF :
[UPD] [INFO] Fichier 'vdf/antivir3.vdf' (local, serveur) : 7.1.4.48 < 7.1.4.59
[UPD] [INFO] Contrôle en cours du module AVE2 :
[UPD] [INFO] Contrôle en cours du module ANTISPAM :
[UPD] [INFO] Contrôle en cours du module AVREP_NT :
[UPD] [INFO] Contrôle en cours du module MAIN :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/avupgsvc.exe' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/presetup.exe' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/vcredist_x86.exe' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/xp/avgntflt.inf' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/filelist.ini' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/product.ini' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Contrôle en cours du module COMMAPPDATA_AV :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/addr_file.html' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module COMMAPP :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/produpd.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/scanjob.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/startupd.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/updjob.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module COMMAPDATA_AV_PROFILES :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/folder.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/folder.avp' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/mydocs.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/mymusic.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/mypics.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/rootkit.avp' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module TEXT :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/eula.txt' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module DRV :
[UPD] [INFO] Contrôle en cours du module PRODINFO :
[UPD] [INFO] Fichier de licence : version d'évaluation
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\' requiert 1684132 octets d'espace mémoire libre.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\' requiert 1181725 octets d'espace mémoire libre.
[UPD] [INFO] 'C:\Program Files\Avira\AntiVir Desktop\' requiert 1002525 octets d'espace mémoire libre.
[UPD] [INFO] Espace mémoire OK.
[UPD] [INFO] Lecteur : C:\, capacité disponible : 2779222016 octets.
[UPD] [INFO] Téléchargement en cours de nouveaux fichiers...
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat1.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat1.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat2.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat2.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat3.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat3.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat4.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat4.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/vdf/antivir3.vdf.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\vdf\antivir3.vdf.gz'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat1.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat1.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat2.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat2.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat3.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat3.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat4.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat4.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\vdf\antivir3.vdf' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\antivir3.vdf'.
[UPD] [INFO] Réinitialisation du Avira AntiVir Guard réussie.

Résumé :
********
5 fichiers téléchargés
5 fichiers installés
Fichier(s) téléchargé(s) : webcat1.dat; webcat2.dat; webcat3.dat; webcat4.dat; antivir3.vdf 7.1.4.59;

23:18:21 La mise à jour a été effectuée avec succès !njour,

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2232
Executable location: C:\Program Files\Malwarebytes' Anti-Malware
Database location: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

Username: HP_Administrateur
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\system32
Root drive: C:
Program Files: C:\Program Files
Common Files: C:\Program Files\Fichiers communs

Desktop: c:\documents and settings\Administrateur\Bureau
Desktop: c:\documents and settings\All Users\Bureau
Desktop: c:\documents and settings\Default User\Bureau
Desktop: c:\documents and settings\HP_Administrateur\Bureau
Desktop: c:\documents and settings\HP_Administrateur.BOON\Bureau

Start Menu: c:\documents and settings\Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\All Users\Menu Démarrer
Start Menu: c:\documents and settings\Default User\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur.BOON\Menu Démarrer
Start Menu: c:\documents and settings\LocalService\Menu Démarrer
Start Menu: C:\Documents and Settings\All Users\Menu Démarrer

User Root: c:\documents and settings\Administrateur
User Root: c:\documents and settings\All Users
User Root: c:\documents and settings\Default User
User Root: c:\documents and settings\HP_Administrateur
User Root: c:\documents and settings\HP_Administrateur.BOON
User Root: c:\documents and settings\HP_ADM~1~BOO
User Root: c:\documents and settings\LocalService
User Root: c:\documents and settings\NetworkService

Favorite: c:\documents and settings\Administrateur\Favoris
Favorite: c:\documents and settings\All Users\Favoris
Favorite: c:\documents and settings\Default User\Favoris
Favorite: c:\documents and settings\HP_Administrateur\Favoris
Favorite: c:\documents and settings\HP_Administrateur.BOON\Favoris
Favorite: c:\documents and settings\LocalService\Favoris

Application Data: c:\documents and settings\Administrateur\Application Data
Application Data: c:\documents and settings\All Users\Application Data
Application Data: c:\documents and settings\Default User\Application Data
Application Data: c:\documents and settings\HP_Administrateur\Application Data
Application Data: c:\documents and settings\HP_Administrateur.BOON\Application Data
Application Data: c:\documents and settings\LocalService\Application Data
Application Data: c:\documents and settings\NetworkService\Application Data
Application Data: C:\Documents and Settings\All Users\Application Data

Quick Launch: c:\documents and settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur.BOON\Application Data\Microsoft\Internet Explorer\Quick Launch

Temporary Folder: c:\documents and settings\Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\Default User\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur.BOON\Local Settings\Temp
Temporary Folder: c:\documents and settings\LocalService\Local Settings\Temp
Temporary Folder: c:\documents and settings\NetworkService\Local Settings\Temp
Temporary Folder: C:\WINDOWS\Temp
Salutations
Ajouter un commentaire
Réponse
+0
moins plus
POUR ANTIVIR
SCAN IMPOSSIBLE UNIQUEMENT RAPPORT D4UPDATE
Avira Premium Security Suite Updater

Heure de création : Sat Jun 06 10:33:12 2009


Système d'exploitation:
Windows XP (Service Pack 3) [5.1.2600]

Informations produit :
Version produit : 9.0.0.61
Updater : C:\Program Files\Avira\AntiVir Desktop\update.exe 9.0.0.46

Répertoire temporaire : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Répertoire de sauvegarde : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Répertoire dapos;installation : C:\Program Files\Avira\AntiVir Desktop\
Répertoire de l'Updater : C:\Program Files\Avira\AntiVir Desktop\
Répertoire AppData : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\


[UPD] [INFO] Contrôle en cours pour savoir si des fichiers plus récents sont disponibles.
[UPD] [INFO] Sélection en cours du serveur de mise à jour 'http://80.190.154.73/update'.
[UPD] [INFO] Téléchargement de 'http://80.190.154.73/update/idx/master.idx' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
[UPD] [INFO] Pas de mise à jour disponible, l'installation est à jour.

Résumé :
********
0 fichiers téléchargés
0 fichiers installés

10:33:13 La mise à jour a été effectuée avec succès !enyw

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2232
Executable location: C:\Program Files\Malwarebytes' Anti-Malware
Database location: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

Username: HP_Administrateur
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\system32
Root drive: C:
Program Files: C:\Program Files
Common Files: C:\Program Files\Fichiers communs

Desktop: c:\documents and settings\Administrateur\Bureau
Desktop: c:\documents and settings\All Users\Bureau
Desktop: c:\documents and settings\Default User\Bureau
Desktop: c:\documents and settings\HP_Administrateur\Bureau
Desktop: c:\documents and settings\HP_Administrateur.BOON\Bureau

Start Menu: c:\documents and settings\Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\All Users\Menu Démarrer
Start Menu: c:\documents and settings\Default User\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur.BOON\Menu Démarrer
Start Menu: c:\documents and settings\LocalService\Menu Démarrer
Start Menu: C:\Documents and Settings\All Users\Menu Démarrer

User Root: c:\documents and settings\Administrateur
User Root: c:\documents and settings\All Users
User Root: c:\documents and settings\Default User
User Root: c:\documents and settings\HP_Administrateur
User Root: c:\documents and settings\HP_Administrateur.BOON
User Root: c:\documents and settings\HP_ADM~1~BOO
User Root: c:\documents and settings\LocalService
User Root: c:\documents and settings\NetworkService

Favorite: c:\documents and settings\Administrateur\Favoris
Favorite: c:\documents and settings\All Users\Favoris
Favorite: c:\documents and settings\Default User\Favoris
Favorite: c:\documents and settings\HP_Administrateur\Favoris
Favorite: c:\documents and settings\HP_Administrateur.BOON\Favoris
Favorite: c:\documents and settings\LocalService\Favoris

Application Data: c:\documents and settings\Administrateur\Application Data
Application Data: c:\documents and settings\All Users\Application Data
Application Data: c:\documents and settings\Default User\Application Data
Application Data: c:\documents and settings\HP_Administrateur\Application Data
Application Data: c:\documents and settings\HP_Administrateur.BOON\Application Data
Application Data: c:\documents and settings\LocalService\Application Data
Application Data: c:\documents and settings\NetworkService\Application Data
Application Data: C:\Documents and Settings\All Users\Application Data

Quick Launch: c:\documents and settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur.BOON\Application Data\Microsoft\Internet Explorer\Quick Launch

Temporary Folder: c:\documents and settings\Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\Default User\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur.BOON\Local Settings\Temp
Temporary Folder: c:\documents and settings\LocalService\Local Settings\Temp
Temporary Folder: c:\documents and settings\NetworkService\Local Settings\Temp
Temporary Folder: C:\WINDOWS\Temp
Ajouter un commentaire
Réponse
+0
moins plus
colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://www.pandasoftware.fr/Activescan/Activescan.html

Kaspersky en ligne
http://webscanner.kaspersky.fr/
resbel- 6 juin 2009 à 22:54
Scans imposibles.
écran bleu avec à nouveau Kernel_inpage_error etc.
salutations
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
Fais un teste de ta mémoire ram avec memtest pour etre sur que ce n'est pas la ram :

http://www.commentcamarche.net/faq/sujet 899 memoire tester ses barrettes de ram avec memtest

http://netah25.developpez.com/Tutoriels/TutoMemtest86/


Ensuite va dans panneau de configuration-->outils d'administration-->observateur d'evenement-->systeme et dis nous l'erreur qui apparait (noté d'une croix rouge) apres l'erreur fatale. Sinon est- ce que ceci arrive quand tu lance des jeux ou des logiciels d'animation 3D?


______________________

a plus
resbel- 6 juin 2009 à 23:24
Bonsoir,
je vais faire memtest.
Erreur system 6/6/2009 20.20
catégorie 102
événement 1003
utillisateur N/A
orddinateur HENRI
Répondre
resbel- 7 juin 2009 à 01:09
Memtest : Pass complete no errors
Je ne lance jamais de jeux ou logiciels d'animation.
Salutations
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
ok
repare windows comme ceci et dis si cela le fait encore:

http://www.microapp.com/astuce_234_windows_xp_reparer_un_fichier_corrompu.html
resbel- 8 juin 2009 à 16:02
bonjour,
premier message :
les fichiers nécessaires au fonctionnement de W doivent être copiés dans le dossier DLL cahe.Veuillez insérer votre CDdu service pack 3 pour Win.Le CD que vous avez n'est pas le bon.Effectivement je n'ai que le CD Win XP pro (pack1)en tout légalité d'un premier ordinateur remplacé par celui ci avec Win XP media center d'origine (sans disquette).
deuxième message :
les fichiers nécessaires au fonctionnement de W ont été remplacés par des fichiers d'une version non reconnu.Pour maintenir la stabilité du système W doit restaurer la version originale de ces fichiers.Insérez votre disquette WXP pro CD2.que je n'ai pas.....et pour caue ci-dessus.
P.S.impossibles d'enlever ( ctrl + del) le message de protection des fichiers qui me dit constamment de recommencer( Insérez votre disquette WXP pro CD2).

Salutations,
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
ok alors on peut pas reparer ...

sinon comme ceci: mais si ce n'est pas le bon cd c'est risqué
http://www.informatruc.com/reparer.php


ou avec zeb restore:
http://telechargement.zebulon.fr/zeb-restore.html
resbel- 8 juin 2009 à 16:29
Ne puis je pas installer comme nouvelle version Win à savoir WXPpro dont j'ai le CD ?Et perds t on les données?
J'ai fait restore Z qui me dit que les fichiers ont été restaurés?????
Salutations,
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
si tu réinstalle windows tu perds toutes les données sauf si tu installe windows sur une autre partition


si tu repare normalement tu garde toutes les données
resbel- 8 juin 2009 à 16:52
Et si je tape F10=system recovery ou au démarrage récupération ?Vais je retrouver WXPmedia center?ou comment?
Merci de toutes ces informations et salutations
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
tu retrouve le pc sorti d'usine , vide de ce que tu as mis
Ajouter un commentaire
Réponse
+0
moins plus
Bonjour
Et encore merci de toutes ces informations.Je vais réfléchir...et peut être reprendre la config d'usine en sauvegardant ce que je peux sur un disque externe.Est ce une bonne idée?
Salutations
Ajouter un commentaire
Réponse
+0
moins plus
oui c'est une bonne idée

pour sauvegarder facilement tu peux utiliser Fab's autobackup:
http://www.commentcamarche.net/telecharger/telecharger 34055063 fab s autobackup
resbel- 11 juin 2009 à 15:02
bonjour,
J'ai donc fait F10=system recovery.
Tout n'a pas été effacé mais l'ordi fonctionne plus vite.
Avec Malware l'écran devient noire et le PC redémarre normalement.
Ci-joint le rapport d'avira qui s'est arrété après 27 minutes :
Avira AntiVir Personal
Report file date: mercredi 10 juin 2009 18:21

Scanning for 1462412 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HENRI

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 3/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10/06/2009 16:11:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.4.38 2692096 Bytes 29/05/2009 16:11:39
ANTIVIR3.VDF : 7.1.4.82 321024 Bytes 10/06/2009 16:11:39
Engineversion : 8.2.0.183
AEVDF.DLL : 8.1.1.1 106868 Bytes 10/06/2009 16:11:39
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 10/06/2009 16:11:39
AESCN.DLL : 8.1.2.3 127347 Bytes 10/06/2009 16:11:39
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 10/06/2009 16:11:39
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 10/06/2009 16:11:39
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
AEGEN.DLL : 8.1.1.45 348532 Bytes 10/06/2009 16:11:39
AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 10/06/2009 16:11:39
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10/06/2009 16:11:39
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, M:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: mercredi 10 juin 2009 18:21

Starting search for hidden objects.
'156505' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'softinfo.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'TrasWord.exe' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'ccApp.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'navapsvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ccProxy.exe' - '1' Module(s) have been scanned
Scan process 'ccEvtMgr.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'ccSetMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Master boot sector HD6
[INFO] No virus was found!
Master boot sector HD7
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'M:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '71' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix.exe.XXX
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program

Beginning disinfection:
C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix.exe.XXX
[NOTE] The file was moved to '4a98e467.qua'!


End of the scan: mercredi 10 juin 2009 18:48
Used time: 27:35 Minute(s)

The scan has been canceled!

4625 Scanned directories
257594 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
257590 Files not concerned
4600 Archives were scanned
2 Warnings
3 Notes
156505 Objects were scanned with rootkit scan
0 Hidden objects were found
EN QUARANTAINE :
contains recognition patterns of the SPR/tools.Hardoff source C/doc....Smitfraudfix.exe
contains recognition patterns of the SPR/PSW.netpass source c/program files /IE...iepv.exe.....
contains recognition patterns of the SPR/tools.Hardoff source /doc.. restart

Salutations
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
fais malwarebyte et antivir en mode sans echec cela devrait passer

http://www.malekal.com/modesansechec.php
resbel- 13 juin 2009 à 20:10
bonjour,
scan avira stop après 5 minutes et disparition.
ci joint rapport malware :

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2261
Windows 5.1.2600 Service Pack 2

13/06/2009 20:02:29
mbam-log-2009-06-13 (20-02-19).txt

Type de recherche: Examen rapide
Eléments examinés: 106822
Temps écoulé: 5 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 127

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\Drivers\Aud32 (Adware.BHO) -> No action taken.
c:\documents and settings\HP_Administrateur.HENRI\Application Data\RegTool (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\QuarantineW (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210 (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results (Rogue.RegTool) -> No action taken.
c:\documents and settings\HP_Administrateur\Application Data\ErrorFix (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410 (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results (Rogue.ErrorFix) -> No action taken.

Fichier(s) infecté(s):
c:\downloads\setup.exe (Rogue.Installer) -> No action taken.
c:\documents and settings\administrateur\Bureau\setup.exe (Rogue.Installer) -> No action taken.
c:\documents and settings\default user\Bureau\setup.exe (Rogue.Installer) -> No action taken.
c:\WINDOWS\Drivers\Aud32\gan.exe (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\gside2.exe (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\iemsgmgr_2.dll (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\iephasst_2.dll (Adware.BHO) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\spy_ignore.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs\2009-06-11 16-24-220.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs\2009-06-11 17-05-120.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\filelist.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-0.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-1.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-10.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-11.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-12.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-13.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-14.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-15.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-16.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-17.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-18.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-19.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-2.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-20.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-21.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-22.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-23.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-24.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-25.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-26.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-27.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-28.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-29.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-3.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-30.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-31.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-32.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-33.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-34.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-35.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-36.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-37.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-38.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-39.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-4.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-40.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-41.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-42.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-43.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-44.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-45.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-46.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-47.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-48.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-49.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-5.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-50.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-51.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-52.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-53.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-54.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-55.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-56.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-57.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-6.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-7.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-8.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-9.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Evidence.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Junk.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Registry.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Update.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs\2009-05-11 08-38-170.log (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs\2009-05-11 13-46-200.log (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\filelist.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-0.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-1.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-10.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-11.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-12.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-13.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-14.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-15.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-16.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-17.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-18.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-19.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-2.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-20.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-21.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-22.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-23.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-24.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-25.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-26.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-27.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-28.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-29.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-3.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-30.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-31.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-32.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-33.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-34.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-35.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-36.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-37.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-38.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-39.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-4.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-40.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-41.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-42.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-43.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-5.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-6.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-7.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-8.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-9.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> No action taken.
C:\WINDOWS\Drivers\pub.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\Drivers\readme.html (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\PhishAgnt.dll (Adware.Deewoo) -> No action taken.
Répondre
resbel- 14 juin 2009 à 12:50
Bonjour,
superantispyware bloque
Kaspersy online bloque et pointeur de souris devient fou
bitdefender bloque et pointeur fou.Avira,kaspersky et bitdefender bloque toujours au même endroit = C:\documents and settings\HP adm........ccsetup.exe ????
salutations
Répondre
resbel- 16 juin 2009 à 17:38
Bonjour,
Superantispyware a mis en quarantaine et éliminé une soixantaine de fichiers.
Bitdefender a scanné 1130937 fichiers ( disques C;D;E) et trouvé 34 fichiers infectés puis s'est bloqué avec écran bleu et avertissement de danger.Idem avec avira.
Salutations
Répondre
resbel- 21 juin 2009 à 10:13
Avira =scan complet cijoint.
crystal disk info = 38 prudence disque C - cijoint.
AVIRA
Avira AntiVir Personal
Report file date: samedi 20 juin 2009 23:00

Scanning for 1478190 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HENRI

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 3/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10/06/2009 16:11:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 12/06/2009 17:02:21
ANTIVIR3.VDF : 7.1.4.117 212480 Bytes 19/06/2009 06:38:27
Engineversion : 8.2.0.193
AEVDF.DLL : 8.1.1.1 106868 Bytes 10/06/2009 16:11:39
AESCRIPT.DLL : 8.1.2.9 409978 Bytes 17/06/2009 18:22:32
AESCN.DLL : 8.1.2.3 127347 Bytes 10/06/2009 16:11:39
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 10/06/2009 16:11:39
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 18:22:28
AEHEUR.DLL : 8.1.0.133 1798520 Bytes 17/06/2009 18:22:26
AEHELP.DLL : 8.1.3.6 205174 Bytes 11/06/2009 16:08:40
AEGEN.DLL : 8.1.1.46 348533 Bytes 20/06/2009 06:38:29
AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 10/06/2009 16:11:39
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10/06/2009 16:11:39
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: samedi 20 juin 2009 23:00

Starting search for hidden objects.
'184200' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'searchfilterhost.exe' - '1' Module(s) have been scanned
Scan process 'searchprotocolhost.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'seccenter.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'TrasWord.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'softinfo.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'bdagent.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'HpqSRmon.exe' - '1' Module(s) have been scanned
Scan process 'op_mon.exe' - '0' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'acs.exe' - '0' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'USBDetector.exe' - '1' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'livesrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Master boot sector HD6
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '77' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\OLDOWNLOAD\Software\iepv_setup.exe.XXX

[0] Archive type: ZIP SFX (self extracting)
--> iepv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.NetPass.ET program
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.zip
[0] Archive type: ZIP
--> mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.zip
[0] Archive type: ZIP
--> pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\hp\bin\KillIt.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
C:\hp\bin\KillIt.exe.XXX
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
C:\Program Files\Free Download Manager\SmitfraudFix\Reboot.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
C:\Program Files\Free Download Manager\SmitfraudFix\restart.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP10\A0005123.exe
[0] Archive type: CAB SFX (self extracting)
--> \Source\ACE\1028.mst
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP17\A0007735.EXE
[0] Archive type: CAB SFX (self extracting)
--> \ubCore32_080405.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017516.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017517.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017518.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017519.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017520.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017521.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017523.dll
[DETECTION] Is the TR/Killav.28714 Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP28\A0027750.exe
[DETECTION] Contains recognition pattern of the APPL/KillApplicat.A application
Begin scan in 'D:\' <HP_USER>
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Desktop\SmitfraudFix.exe.XXX
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\documents\VIDEOS\Setup.zip.XXX
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Contains recognition pattern of the DR/Hupigon.frdu dropper
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034235.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034238.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034239.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
Begin scan in 'E:\' <HP_RECOVERY>

Beginning disinfection:
C:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\OLDOWNLOAD\Software\iepv_setup.exe.XXX
[NOTE] The file was moved to '4aad7ce2.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57ced.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807cc3.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '49da14c4.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
[NOTE] The file was moved to '4aad7cf1.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.zip
[NOTE] The file was moved to '4b0beae2.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
[NOTE] The file was moved to '4b09fa72.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.zip
[NOTE] The file was moved to '4aad7cf2.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57cef.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807cc7.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '4a807cc8.qua'!
C:\hp\bin\KillIt.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '4aa97cec.qua'!
C:\hp\bin\KillIt.exe.XXX
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '49f6dd45.qua'!
C:\Program Files\Free Download Manager\SmitfraudFix\Reboot.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
[NOTE] The file was moved to '4a9f7ce8.qua'!
C:\Program Files\Free Download Manager\SmitfraudFix\restart.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4ab07ce8.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017516.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a6d7cb4.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017517.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a6d7cb5.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017518.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '490e91de.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017519.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4bf2232e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017520.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4931fc86.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017521.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '490ca98e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017523.dll
[DETECTION] Is the TR/Killav.28714 Trojan
[NOTE] The file was moved to '4a6d7cb6.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP28\A0027750.exe
[DETECTION] Contains recognition pattern of the APPL/KillApplicat.A application
[NOTE] The file was moved to '490a7877.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Desktop\SmitfraudFix.exe.XXX
[NOTE] The file was moved to '4aa67cf3.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57cf6.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807ccc.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '49ee30b5.qua'!
D:\documents\VIDEOS\Setup.zip.XXX
[NOTE] The file was moved to '4ab17ceb.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034235.exe
[NOTE] The file was moved to '4a6d7cb7.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034238.exe
[NOTE] The file was moved to '49064998.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034239.exe
[NOTE] The file was moved to '49057030.qua'!


End of the scan: dimanche 21 juin 2009 02:19
Used time: 3:18:21 Hour(s)

The scan has been done completely.

41643 Scanned directories
1847938 Files were scanned
44 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
31 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
1847892 Files not concerned
62327 Archives were scanned
6 Warnings
33 Notes
184200 Objects were scanned with rootkit scan
0 Hidden objects were found

crystal disk info =
----------------------------------------------------------------------------
CrystalDiskInfo 2.7.4 (C) 2008-2009 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Media Center 2005 SP2 [5.1 Build 2600] (x86)
Date : 2009/06/21 10:01:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R/ICH10R/DO SATA RAID Controller [SCSI]
- ST3250824AS
- ST3250824AS
- HL-DT-ST DVDRRW GSA-H30L
- TSSTcorp DVD-ROM TS-H353A

-- Disk List ---------------------------------------------------------------
(1) ST3250824AS : 250.0 GB [0-0-0, pd1]
(2) ST3250824AS : 250.0 GB [1-0-1, pd1]

----------------------------------------------------------------------------
(1) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AHH
Serial Number : 9ND027KS
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Number of Sectors : 488397168
Rotation Rate : Inconnu
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12166 heures
Power On Count : 1492 x
Temparature : 39 C (102 F)
Health Status : Prudence
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 115 _99 __6 0000057ECBFA Taux Erreur en Lecture
03 _99 _98 __0 000000000000 Temps moyen mise en rotation
04 _98 _98 _20 00000000080D Décompte des cycles de mise en rotation
05 100 100 _36 000000000001 Nombre de secteurs réalloués
07 _72 _60 _30 000F0FF3CC50 Taux d'erreurs d'accès des têtes
09 _87 _87 __0 000000002F86 Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000005D4 Nombre total de cycles marche/arrêt du disque dur
BB __1 __1 __0 0000000000F5 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _61 _42 _45 000227140027 Température de l'air sur les disques Western Digital
C2 _39 _58 __0 000F00000027 Température
C3 _56 _46 __0 000000BD4762 Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 _71 _70 __0 000000000261 Nombre de secteurs "instables"
C6 _71 _70 __0 000000000261 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000011 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA _91 244 __0 000000000009 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 39 30 44 37 32 53 4B 00 00 00 40 04 00 2E 33
030: 48 41 20 48 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 48 00 40 00
0A0: FE 00 00 00 69 30 01 7C 23 40 69 30 01 3C 23 40
0B0: 3F 20 00 00 00 00 FE FE FE FF 00 00 00 D0 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 0A
110: 02 00 8A 00 7B 3C 04 03 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 B3

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 0F 00 73 63 FA CB 7E 05 00 00 00 03 02 00
010: 63 62 00 00 00 00 00 00 00 04 33 00 62 62 0D 08
020: 00 00 00 00 00 05 33 00 64 64 01 00 00 00 00 00
030: 00 07 0F 00 48 3C 50 CC F3 0F 0F 00 00 09 32 00
040: 57 57 86 2F 00 00 00 00 00 0A 13 00 64 64 00 00
050: 00 00 00 00 00 0C 33 00 63 63 D4 05 00 00 00 00
060: 00 BB 32 00 01 01 F5 00 00 00 00 00 00 BD 3A 00
070: 64 64 00 00 00 00 00 00 00 BE 22 00 3D 2A 27 00
080: 14 27 02 00 00 C2 22 00 27 3A 27 00 00 00 0F 00
090: 00 C3 1A 00 38 2E 62 47 BD 00 00 00 00 C5 12 00
0A0: 47 46 61 02 00 00 00 00 00 C6 10 00 47 46 61 02
0B0: 00 00 00 00 00 C7 3E 00 C8 C8 11 00 00 00 00 00
0C0: 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32 00
0D0: 5B F4 09 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 82 79 B1 01 00 5B 03
170: 00 01 2F 02 64 03 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 07 02 02 02 00 02 00 02 02 00 00
190: 00 00 00 01 00 00 01 B1 6A 46 1B 2F 00 00 00 01
1A0: 00 26 FB B8 F2 51 01 00 00 61 02 00 00 00 00 01
1B0: 00 00 00 B1 6A 46 1B 00 00 00 00 00 00 00 00 02
1C0: 00 01 00 00 00 11 00 00 00 E3 02 38 BA 01 00 00
1D0: 00 0B 8B 45 00 00 00 00 00 75 2F 00 00 00 00 C2
1E0: B3 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5F 00

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 00
010: 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 00
020: 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 00
030: 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 00
040: 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 00
050: 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 00
060: 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00 00
070: 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00 00
080: 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00 00
090: 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00 00
0A0: 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00
0B0: 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00 00
0C0: 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26 00

----------------------------------------------------------------------------
(2) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AHH
Serial Number : 4ND4ZKTT
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Number of Sectors : 488397168
Rotation Rate : Inconnu
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12203 heures
Power On Count : 1492 x
Temparature : 37 C (98 F)
Health Status : Correct
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 114 _95 __6 000003A1AB9D Taux Erreur en Lecture
03 _98 _98 __0 000000000000 Temps moyen mise en rotation
04 _99 _99 _20 000000000728 Décompte des cycles de mise en rotation
05 100 100 _36 000000000000 Nombre de secteurs réalloués
07 _87 _60 _30 000023A00A26 Taux d'erreurs d'accès des têtes
09 _87 _87 __0 000000002FAB Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000005D4 Nombre total de cycles marche/arrêt du disque dur
BB 100 100 __0 000000000000 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _63 _49 _45 000025140025 Température de l'air sur les disques Western Digital
C2 _37 _51 __0 000E00000025 Température
C3 _81 _49 __0 0000085284FE Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 100 100 __0 000000000000 Nombre de secteurs "instables"
C6 100 100 __0 000000000000 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000000 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA 100 253 __0 000000000000 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 34 34 44 4B 5A 54 54 00 00 00 40 04 00 2E 33
030: 48 41 20 48 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 48 00 40 00
0A0: FE 00 00 00 69 30 01 7C 23 40 69 30 01 3C 23 40
0B0: 3F 20 00 00 00 00 FE FE FE FF 00 00 00 D0 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 0A
110: 02 00 8A 00 7B 3C 04 03 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 6E

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 0F 00 72 5F 9D AB A1 03 00 00 00 03 02 00
010: 62 62 00 00 00 00 00 00 00 04 33 00 63 63 28 07
020: 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00 00
030: 00 07 0F 00 57 3C 26 0A A0 23 00 00 00 09 32 00
040: 57 57 AB 2F 00 00 00 00 00 0A 13 00 64 64 00 00
050: 00 00 00 00 00 0C 33 00 63 63 D4 05 00 00 00 00
060: 00 BB 32 00 64 64 00 00 00 00 00 00 00 BD 3A 00
070: 64 64 00 00 00 00 00 00 00 BE 22 00 3F 31 25 00
080: 14 25 00 00 00 C2 22 00 25 33 25 00 00 00 0E 00
090: 00 C3 1A 00 51 31 FE 84 52 08 00 00 00 C5 12 00
0A0: 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00 00
0B0: 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00
0C0: 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32 00
0D0: 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 82 00 B1 01 00 5B 03
170: 00 01 00 02 64 03 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 02 02 02 02 03 02 02 02 02 00 00
190: 00 00 00 01 00 00 01 F8 D8 83 13 00 00 00 00 01
1A0: 00 08 60 08 F9 52 01 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 F8 D8 83 13 00 00 00 00 00 00 00 00 02
1C0: 00 01 00 00 00 00 00 00 00 85 71 63 21 00 00 00
1D0: 00 B6 88 00 00 00 00 00 00 AA 2F 00 00 00 00 74
1E0: 10 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B 00

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 00
010: 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 00
020: 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 00
030: 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 00
040: 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 00
050: 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 00
060: 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00 00
070: 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00 00
080: 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00 00
090: 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00 00
0A0: 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00
0B0: 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00 00
0C0: 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26 00
Répondre
resbel- 9 juil. 2009 à 18:57
windows ne peut formater le DD C.Or je n'ai pas les disquettes car HP media center intégré.
faut il aussi ,si possible, formater le DD E: qui contient recovery ?
Je pense de plus en plus acheter un boitier(storm de cool master ) pour tout réinstaller avec un nouveau DD de 500 GO.Salutations
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Ajouter un commentaire
Ce document intitulé «  Pc bloqué  » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.

Vous n'êtes pas encore membre ?

inscrivez-vous, c'est gratuit et ça prend moins d'une minute !

Les membres obtiennent plus de réponses que les utilisateurs anonymes.

Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes.

Le fait d'être membre vous permet d'avoir des options supplémentaires.