High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

Pc bloqué

Dernière réponse le 11 jui 2009 à 21:11:30 resbel, le 1 jun 2009 à 09:54:43 
 Signaler ce message aux modérateurs

Bonjour,
Mon PC bloque.
Ccleaner fonctionne.
Malware bloque aprés 1 minute.
Antivir premium suite bloque après 17 % mais indique 8 positifs et 2 avetissements.Il indique PCK/execryptor et SPR/Tool.Hardoff.A.
ci joint le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:40:01, on 1/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\USBStorage\USBDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_19\bin\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skynet.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.linksys.com/be/registration
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
End of file - 14525 bytes
Merci de votre aide et à votre disposition pour tout renseignement utile.

Configuration: Windows XP
Firefox 3.0.10

Meilleures réponses pour « Pc bloqué » dans :
Blocage du PC / Ordinateur se bloque / Système gelé (freezes) VoirPour régler ce problème, il faut d’abord connaitre les raisons qui font qu'une machine peut se bloquer. Le terme "freeze" est parfois utilisé pour indiquer que le système est "gelé". Si les solutions ci-dessous ne sont pas suffisantes, une...
Posez votre question Répondre

1

jlpjlp, le 1 jun 2009 à 10:25:40

Slt
démarre en mode sans echec et passe malwarebyte (scan rapide) puis antivir et colle nous les rapports dans ton prochain message


http://www.commentcamarche.net/faq/sujet 5004 windows demarrage en mode sans echec




___________________


si cela marche pas

utilise Antivir Rescue System pour scanner ton ordi à partir d'un cd et éradiquer les infections (il faut démarrer l'ordi à partir du cd en modifiant dans le bios l'ordre de démarrage)

http://www.malekal.com/tutorial_Antivir_Rescue_System.php

ou DR WEB live cd (même principe que Antivir rescue system)

http://www.freedrweb.com/livecd/?lng=fr

   
Répondre à jlpjlp

2

resbel, le 1 jun 2009 à 20:52:41

Bonjour,
En mode sans échec malware et avira bloqués.
Dr web bloque.
Avira rescue cd effectué mais je ne parviens pas à copier le rapport.
Salutations

   
Répondre à resbel

41

resbel, le 7 jui 2009 à 17:19:37

Bonjour,
defragmentation OK
avira OK tous les virus ou programmes indésirables (40) détruits
cristal disk info = disque C = prudence 46°
nombre de secteurs instables 70
nombre total d'erreurs incorrigibles d'un secteur 70
HP pavillon m7000 = impossible de changer de DD car totalement inaccessible.Il faudrait tout démonter y compris la cage ........
Formatage???
Salutations

   
Répondre à resbel

42

jlpjlp, le 7 jui 2009 à 17:37:36

Oui je pense que tu dois faire un formatage pour tout remettre à plat
sauvegarde te donnée puis formate

si de plantages persistent c'est qui tu as un souci materiel : disque dur ....



pour sauvegarder le principal facilement utilise fab's autobackup

http://www.commentcamarche.net/telecharger/telecharger 34055063 fab s autobackup

   
Répondre à jlpjlp

49

resbel, le 10 jui 2009 à 16:31:38

Tout fonctionne si ce n'est un peu lent à démarrer.n'y a t il pas trop de raccourcis sur le bureau ?
Merci mille fois.

   
Répondre à resbel

45

resbel, le 9 jui 2009 à 22:45:48

Effectivement cela fonctionne.rappoert RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-07-09 22:40:07
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 137 GB (59%) free of 232 GB
Total RAM: 1022 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:40:45, on 9/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\USBStorage\USBDetector.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\RSIT.exe
C:\Program Files\trend micro\HP_Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://ma-config.com/activex/MaConfig_3_5_1_0.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe
End of file - 16923 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{727F1EF3-5804-4A79-8B06-CBB12362EF5D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-07-09 5956424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-09-15 1204224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-09-15 1204224]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-07-09 5956424]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"ftutil2"=ftutil2.dll,SetWriteCacheMode []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-03 45056]
"DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe [2009-06-08 433480]
"Belgacom"=C:\Program Files\Belgacom\bin\sprtcmd.exe [2008-05-29 202016]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-12-19 76304]
"USBDetector"=C:\USBStorage\USBDetector.exe [2003-04-01 53248]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-07-05 198160]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-06-09 1227080]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-05-19 4390928]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2009-05-19 961648]
"Service Scheduler2 Acronis"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2009-05-19 377720]
"MsgCenterExe"=C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe [2009-07-05 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-06-01 1851461]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-06-24 1830128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-07-09 160592]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Assistant de traduction IdiomaX.lnk - C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\HP_Administrateur.HENRI\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-19 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
"NoRun"=
"NoFolderOptions"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Free Download Manager\fdmwi.exe"="C:\Program Files\Free Download Manager\fdmwi.exe:*:Enabled:fdmwi"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Downloads\utorrent.exe"="C:\Downloads\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-07-09 19:03:14 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\vlc
2009-07-08 22:47:27 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\GoodSync
2009-07-07 23:03:42 ----HD---- C:\WINDOWS\msdownld.tmp
2009-07-07 22:55:37 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-07 22:26:33 ----A---- C:\WINDOWS\OEWABLog.txt
2009-07-07 22:22:43 ----D---- C:\WINDOWS\Prefetch
2009-07-07 22:20:04 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-07-07 22:19:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-07-07 22:16:26 ----A---- C:\WINDOWS\setuplog.txt
2009-07-07 22:15:05 ----D---- C:\WINDOWS\system32\fr
2009-07-07 22:15:05 ----D---- C:\WINDOWS\system32\bits
2009-07-07 22:11:14 ----A---- C:\WINDOWS\imsins.BAK
2009-07-07 22:02:04 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-07-07 22:02:02 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-07-07 22:02:00 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-07-07 22:02:00 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-07-07 22:01:52 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-07-07 22:01:52 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-07-07 22:01:46 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2009-07-07 22:01:42 ----N---- C:\WINDOWS\system32\slserv.exe
2009-07-07 22:01:42 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2009-07-07 22:01:41 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-07-07 22:01:41 ----N---- C:\WINDOWS\system32\slgen.dll
2009-07-07 22:01:41 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-07-07 22:01:41 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-07-07 22:01:38 ----N---- C:\WINDOWS\system32\setupn.exe
2009-07-07 22:01:35 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-07-07 22:01:34 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-07-07 22:01:32 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-07-07 22:01:31 ----N---- C:\WINDOWS\system32\qutil.dll
2009-07-07 22:01:30 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-07-07 22:01:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-07-07 22:01:29 ----N---- C:\WINDOWS\system32\qagent.dll
2009-07-07 22:01:29 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-07-07 22:01:26 ----N---- C:\WINDOWS\system32\onex.dll
2009-07-07 22:01:22 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-07-07 22:01:15 ----N---- C:\WINDOWS\system32\napstat.exe
2009-07-07 22:01:15 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-07-07 22:01:15 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-07-07 22:01:14 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-07-07 22:01:13 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-07-07 22:01:11 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-07-07 22:01:11 ----N---- C:\WINDOWS\system32\mssha.dll
2009-07-07 22:00:59 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-07-07 22:00:58 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-07-07 22:00:58 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-07-07 22:00:58 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-07-07 22:00:57 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-07-07 22:00:52 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-07-07 22:00:52 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-07-07 22:00:52 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-07-07 22:00:52 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-07-07 22:00:52 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-07-07 22:00:52 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-07-07 22:00:49 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-07-07 22:00:49 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-07-07 22:00:47 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-07-07 22:00:45 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-07-07 22:00:41 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-07-07 22:00:41 ----A---- C:\WINDOWS\005849_.tmp
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-07-07 22:00:40 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-07-07 22:00:37 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-07-07 22:00:36 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-07-07 22:00:36 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-07-07 22:00:36 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-07-07 22:00:35 ----N---- C:\WINDOWS\system32\credssp.dll
2009-07-07 22:00:30 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-07-07 22:00:29 ----N---- C:\WINDOWS\system32\azroles.dll
2009-07-07 22:00:29 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-07-07 22:00:28 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-07-07 22:00:28 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-07-07 22:00:28 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-07-07 20:33:01 ----D---- C:\Program Files\Runtime Software
2009-07-07 18:55:41 ----D---- C:\Program Files\Mareew Company
2009-07-05 20:32:49 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-07-05 20:08:21 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-07-04 13:14:13 ----D---- C:\Program Files\Defraggler
2009-07-04 07:01:23 ----A---- C:\WINDOWS\system32\c_is2022.dll
2009-07-04 07:01:21 ----A---- C:\WINDOWS\system32\uniime.dll
2009-07-04 07:01:15 ----A---- C:\WINDOWS\system32\imjp81k.dll
2009-07-04 07:01:11 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-07-04 07:01:11 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-07-04 07:01:11 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-07-04 07:01:11 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-07-04 07:01:11 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-07-04 07:01:08 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-07-03 19:16:04 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Sonic
2009-07-03 18:24:50 ----A---- C:\WINDOWS\system32\AutoPartNt.exe
2009-07-03 17:52:26 ----A---- C:\$r-backup$.tmp
2009-07-03 17:48:21 ----D---- C:\Program Files\R-Drive Image
2009-07-03 15:56:02 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Acronis
2009-07-03 15:47:35 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis
2009-07-03 15:46:16 ----D---- C:\Program Files\Acronis
2009-07-03 15:46:15 ----D---- C:\Program Files\Fichiers communs\Acronis
2009-07-03 15:22:20 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2009-07-03 15:21:43 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\HP
2009-07-03 14:39:18 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\WinBatch
2009-07-02 22:39:24 ----D---- C:\Program Files\ma-config.com
2009-06-27 08:39:15 ----D---- C:\Program Files\HD Tune Pro
2009-06-27 08:10:23 ----D---- C:\WINDOWS\system32\NtmsData
2009-06-21 09:52:53 ----D---- C:\Program Files\CrystalDiskInfo
2009-06-21 09:41:17 ----D---- C:\Program Files\BitDefender
2009-06-20 10:55:27 ----D---- C:\Driver Backup 6-20-2009-105519
2009-06-20 09:13:34 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\OpenOffice.org
2009-06-20 09:09:59 ----D---- C:\Program Files\JRE
2009-06-20 09:09:41 ----D---- C:\Program Files\OpenOffice.org 3
2009-06-19 16:26:53 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-06-19 16:25:07 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2009-06-19 16:22:02 ----D---- C:\Program Files\AskSearch
2009-06-19 16:22:02 ----D---- C:\Program Files\AskBarDis
2009-06-19 16:14:03 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-06-19 16:13:31 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\InstallShield
2009-06-17 18:22:36 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Leadertech
2009-06-17 18:21:29 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-06-17 18:21:18 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-06-17 17:48:38 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Help
2009-06-16 20:51:56 ----D---- C:\Program Files\iPod
2009-06-16 20:51:52 ----D---- C:\Program Files\iTunes
2009-06-16 20:46:33 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-06-14 10:17:06 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Sun
2009-06-14 09:51:54 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-06-14 09:51:45 ----D---- C:\Program Files\SUPERAntiSpyware
2009-06-14 09:51:45 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\SUPERAntiSpyware.com
2009-06-14 09:50:42 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-06-13 09:23:50 ----D---- C:\RaccourcisduBureau
2009-06-13 09:22:30 ----SHD---- C:\RECYCLER
2009-06-13 08:45:56 ----D---- C:\WINDOWS\temp
2009-06-13 08:45:49 ----A---- C:\ComboFix.txt
2009-06-13 07:55:42 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2009-06-13 07:55:37 ----A---- C:\WINDOWS\system32\hpz3l4pi.dll
2009-06-13 07:14:22 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Image Zone Express
2009-06-13 00:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-06-12 16:54:09 ----A---- C:\WINDOWS\zip.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\SWSC.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\SWREG.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\sed.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\PEV.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\NIRCMD.exe
2009-06-12 16:54:09 ----A---- C:\WINDOWS\grep.exe
2009-06-12 16:53:51 ----D---- C:\WINDOWS\ERDNT
2009-06-12 16:53:46 ----D---- C:\Qoobox
2009-06-11 20:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-11 20:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-11 20:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-11 20:39:21 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-11 20:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-11 20:17:54 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-06-11 20:14:13 ----D---- C:\WINDOWS\system32\LogFiles
2009-06-11 18:48:15 ----A---- C:\WINDOWS\Language_trs.ini
2009-06-11 18:38:00 ----D---- C:\Program Files\ATI
2009-06-11 17:53:55 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Windows Desktop Search
2009-06-11 17:53:17 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-06-11 17:53:17 ----D---- C:\WINDOWS\system32\fr-FR
2009-06-11 17:52:07 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-06-11 17:17:03 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-06-11 17:15:25 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-06-11 14:22:00 ----D---- C:\Wallpaper
2009-06-11 13:22:45 ----D---- C:\WINDOWS\system32\PreInstall
2009-06-11 00:27:01 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\HPQ
2009-06-11 00:23:54 ----D---- C:\Program Files\7-Zip
2009-06-11 00:21:53 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\uTorrent
2009-06-11 00:21:11 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Logitech
2009-06-11 00:19:05 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2009-06-11 00:19:01 ----A---- C:\WINDOWS\system32\KemXML.dll
2009-06-11 00:19:01 ----A---- C:\WINDOWS\system32\KemWnd.dll
2009-06-11 00:19:01 ----A---- C:\WINDOWS\system32\KemUtil.dll
2009-06-11 00:19:01 ----A---- C:\WINDOWS\system32\kemutb.dll
2009-06-11 00:01:54 ----D---- C:\WINDOWS\system32\Filt
2009-06-11 00:00:01 ----D---- C:\Belgacom.msi.2.1
2009-06-10 23:57:27 ----A---- C:\WINDOWS\system32\XceedZip.dll
2009-06-10 23:53:14 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Apple Computer
2009-06-10 23:53:07 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-06-10 23:51:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Wint351.exe
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\VBAR332.DLL
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\MSREPL35.DLL
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Dzip32.dll
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Dunzip32.dll
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Dtcutil.dll
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Dtctrace.dll
2009-06-10 23:49:36 ----A---- C:\WINDOWS\system32\Dtccm.dll
2009-06-10 23:49:35 ----A---- C:\WINDOWS\system32\MSXBSE35.DLL
2009-06-10 23:49:35 ----A---- C:\WINDOWS\system32\Msstkprp.dll
2009-06-10 23:49:35 ----A---- C:\WINDOWS\system32\MSRD2X35.DLL
2009-06-10 23:49:35 ----A---- C:\WINDOWS\system32\MSJET35.DLL
2009-06-10 23:49:35 ----A---- C:\WINDOWS\system32\Axdist.exe
2009-06-10 23:49:34 ----A---- C:\WINDOWS\system32\Dzactx.dll
2009-06-10 23:49:34 ----A---- C:\WINDOWS\system32\Duzactx.dll
2009-06-10 23:49:33 ----A---- C:\WINDOWS\system32\Adme.dll
2009-06-10 23:49:33 ----A---- C:\WINDOWS\system32\actrpt.dll
2009-06-10 23:49:25 ----D---- C:\Program Files\ING
2009-06-10 18:19:44 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Free Download Manager
2009-06-10 18:06:59 ----D---- C:\Program Files\Avira
2009-06-10 17:39:02 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Software Informer
2009-06-10 08:36:34 ----D---- C:\I386
2009-06-10 08:23:02 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-10 00:10:43 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-06-10 00:10:35 ----SHD---- C:\cmdcons
2009-06-10 00:10:02 ----D---- C:\WINDOWS\setupupd
2009-06-10 00:03:34 ----ASH---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\desktop.ini
2009-06-10 00:01:42 ----SD---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Microsoft
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\WinRAR
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Windows Search
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Thunderbird
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Real
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Mozilla
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Malwarebytes
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Macromedia
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Identities
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\DeepBurner
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Canneverbe_Limited
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\ATI
2009-06-10 00:01:42 ----D---- C:\Documents and Settings\HP_Administrateur.HENRI\Application Data\Adobe

======List of files/folders modified in the last 1 months======

2009-07-09 22:40:45 ----D---- C:\Program Files\Trend Micro
2009-07-09 22:37:56 ----D---- C:\Program Files\Mozilla Thunderbird
2009-07-09 19:21:56 ----D---- C:\Program Files\Mozilla Firefox
2009-07-09 19:17:24 ----D---- C:\Downloads
2009-07-09 18:42:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-09 18:39:21 ----AD---- C:\WINDOWS
2009-07-08 23:38:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-08 22:47:20 ----D---- C:\Program Files\Siber Systems
2009-07-08 20:21:52 ----D---- C:\Program Files\Registry Mechanic
2009-07-08 20:21:52 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-07-07 23:14:19 ----SD---- C:\WINDOWS\Tasks
2009-07-07 23:06:56 ----D---- C:\WINDOWS\system32
2009-07-07 23:05:47 ----HD---- C:\WINDOWS\inf
2009-07-07 23:05:47 ----D---- C:\WINDOWS\Help
2009-07-07 23:05:47 ----D---- C:\Program Files\Internet Explorer
2009-07-07 23:03:42 ----RD---- C:\Program Files
2009-07-07 23:03:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-07 23:03:12 ----D---- C:\WINDOWS\ie8updates
2009-07-07 23:01:17 ----HDC---- C:\WINDOWS\ie8
2009-07-07 23:00:44 ----D---- C:\WINDOWS\system32\config
2009-07-07 22:55:40 ----D---- C:\WINDOWS\Debug
2009-07-07 22:28:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-07 22:26:51 ----SHD---- C:\WINDOWS\Installer
2009-07-07 22:26:51 ----HD---- C:\Config.Msi
2009-07-07 22:22:01 ----D---- C:\WINDOWS\system32\Setup
2009-07-07 22:22:01 ----D---- C:\WINDOWS\AppPatch
2009-07-07 22:22:01 ----D---- C:\Program Files\Messenger
2009-07-07 22:22:00 ----RSD---- C:\WINDOWS\Fonts
2009-07-07 22:22:00 ----D---- C:\WINDOWS\system32\wbem
2009-07-07 22:22:00 ----D---- C:\Program Files\Outlook Express
2009-07-07 22:22:00 ----D---- C:\Program Files\Fichiers communs\System
2009-07-07 22:21:56 ----D---- C:\WINDOWS\system32\drivers
2009-07-07 22:19:59 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-07 22:19:33 ----D---- C:\WINDOWS\security
2009-07-07 22:15:31 ----D---- C:\WINDOWS\WinSxS
2009-07-07 22:15:24 ----D---- C:\WINDOWS\system32\inetsrv
2009-07-07 22:15:24 ----D---- C:\WINDOWS\ime
2009-07-07 22:15:06 ----D---- C:\WINDOWS\system32\usmt
2009-07-07 22:15:05 ----D---- C:\WINDOWS\PeerNet
2009-07-07 22:15:05 ----D---- C:\Program Files\Movie Maker
2009-07-07 22:14:48 ----D---- C:\WINDOWS\system32\Restore
2009-07-07 22:14:48 ----D---- C:\WINDOWS\system32\npp
2009-07-07 22:14:46 ----D---- C:\WINDOWS\msagent
2009-07-07 22:14:45 ----D---- C:\WINDOWS\srchasst
2009-07-07 22:14:44 ----D---- C:\WINDOWS\system32\Com
2009-07-07 22:14:44 ----D---- C:\Program Files\NetMeeting
2009-07-07 22:14:41 ----D---- C:\Program Files\Windows NT
2009-07-07 22:14:24 ----D---- C:\WINDOWS\system32\oobe
2009-07-07 22:14:22 ----D---- C:\WINDOWS\system
2009-07-07 22:11:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-07-07 22:11:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-07-07 22:08:16 ----AD---- C:\WINDOWS\ehome
2009-07-07 20:58:32 ----D---- C:\WINDOWS\Registration
2009-07-07 20:42:18 ----SHD---- C:\System Volume Information
2009-07-07 20:35:04 ----D---- C:\WINDOWS\repair
2009-07-05 20:32:49 ----D---- C:\Program Files\Fichiers communs
2009-07-05 20:32:41 ----D---- C:\Program Files\Fichiers communs\Real
2009-07-05 20:32:38 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-07-05 20:32:15 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-07-05 20:32:15 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-07-05 20:32:09 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-07-05 20:32:09 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-07-05 20:32:09 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-07-05 20:30:39 ----D---- C:\Program Files\Google
2009-07-05 20:30:39 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-07-05 20:07:36 ----D---- C:\Program Files\Adobe
2009-07-03 19:16:00 ----D---- C:\Program Files\Sonic
2009-07-02 22:39:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-02 22:39:24 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-06-20 19:17:33 ----D---- C:\WINDOWS\Minidump
2009-06-20 18:53:53 ----D---- C:\WINDOWS\system32\FxsTmp
2009-06-20 11:33:31 ----D---- C:\WINDOWS\system32\RTCOM
2009-06-20 11:32:27 ----D---- C:\Driver Download
2009-06-20 11:27:15 ----D---- C:\Program Files\Intel
2009-06-19 16:31:35 ----D---- C:\Program Files\uTorrent
2009-06-19 16:25:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-17 18:21:11 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-06-16 21:28:07 ----D---- C:\Program Files\DEFRAG
2009-06-16 20:49:46 ----D---- C:\Program Files\Bonjour
2009-06-16 20:49:21 ----D---- C:\Program Files\QuickTime
2009-06-15 23:31:15 ----D---- C:\Program Files\netpass
2009-06-14 09:40:15 ----D---- C:\WINDOWS\Drivers
2009-06-13 08:43:54 ----A---- C:\WINDOWS\system.ini
2009-06-13 07:16:03 ----D---- C:\Program Files\Hewlett-Packard
2009-06-13 00:05:22 ----D---- C:\Program Files\Windows Media Player
2009-06-13 00:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB926251$
2009-06-13 00:05:03 ----D---- C:\Program Files\Windows Desktop Search
2009-06-12 23:40:29 ----D---- C:\Program Files\Fichiers communs\PC Tools
2009-06-11 20:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-06-11 20:47:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-06-11 20:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-06-11 20:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-06-11 20:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-06-11 20:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-06-11 20:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-06-11 20:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2009-06-11 20:46:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-06-11 20:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-06-11 20:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-06-11 20:45:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-06-11 20:44:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-06-11 20:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2009-06-11 20:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-06-11 20:41:41 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-06-11 20:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-06-11 20:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-06-11 20:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-06-11 20:40:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-06-11 20:40:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-06-11 20:40:22 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-06-11 20:40:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-06-11 20:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-06-11 20:39:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-06-11 20:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB930494$
2009-06-11 20:38:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-06-11 20:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-06-11 20:38:15 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-06-11 20:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-06-11 20:37:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-06-11 20:37:34 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-06-11 20:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-06-11 20:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-06-11 20:16:46 ----D---- C:\USBStorage
2009-06-11 19:58:45 ----D---- C:\Documents and Settings
2009-06-11 18:43:22 ----D---- C:\Medion
2009-06-11 17:53:12 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-06-11 17:52:53 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-06-11 17:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-06-11 17:27:50 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-06-11 17:27:50 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-06-11 15:56:36 ----SHD---- C:\WINDOWS\CSC
2009-06-11 14:30:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-11 13:22:44 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-06-10 23:59:16 ----D---- C:\Program Files\Free Download Manager
2009-06-10 23:56:58 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-10 18:19:46 ----D---- C:\Program Files\Software Informer
2009-06-10 18:07:11 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-06-10 18:07:09 ----D---- C:\Program Files\NOS
2009-06-10 16:40:55 ----HD---- C:\hp
2009-06-10 08:36:00 ----RSD---- C:\WINDOWS\assembly
2009-06-10 08:36:00 ----RD---- C:\WINDOWS\Web
2009-06-10 08:36:00 ----RD---- C:\WINDOWS\Offline Web Pages
2009-06-10 00:11:03 ----D---- C:\WINDOWS\SoftwareDistribution
2009-06-10 00:10:52 ----ASH---- C:\boot.ini
2009-06-10 00:10:35 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-06-10 00:10:32 ----D---- C:\WINDOWS\setup.pss
2009-06-10 00:07:59 ----AD---- C:\WINDOWS\system32\pcintro

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ELhid;EL hid Service; \??\C:\WINDOWS\System32\Drivers\Elhid.sys []
R1 ELkbd;EL KB Service; \??\C:\WINDOWS\System32\Drivers\Elkbd.sys []
R1 ELmon;EL Monitor Service; \??\C:\WINDOWS\System32\Drivers\Elmon.sys []
R1 ELmou;EL Mouse Service; \??\C:\WINDOWS\System32\Drivers\Elmou.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-12-19 10384]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-07-03 44704]
R2 ubsbm;Unibrain 1394 SBM Driver; C:\WINDOWS\system32\DRIVERS\ubsbm.sys [2005-07-27 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver; C:\WINDOWS\system32\DRIVERS\ubumapi.sys [2005-07-27 36352]
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-12 2829696]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-05-20 257432]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-12-29 1346464]
R3 ASWFilt;ASWFilt; \??\C:\WINDOWS\system32\Filt\ASWFilt.dll []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-12-04 241296]
R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2006-05-09 9728]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-19 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-19 37392]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 ubohci;Unibrain 1394 OHCI Driver; C:\WINDOWS\system32\DRIVERS\ubohci.sys [2005-07-27 77056]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\HP_ADM~1.HEN\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 DrvSnSht;DrvSnSht; \??\C:\Program Files\R-Drive Image\DrvSnSht.sys []
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-13 19072]
S3 R-ImageDisk;R-ImageDisk; \??\C:\Program Files\R-Drive Image\R-ImageDisk.sys []
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WN5301;LIteon Wireless PCI Network Adapter Service; C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2009-05-19 619408]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-06-08 1268040]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Fi

   
Répondre à resbel

47

resbel, le 9 jui 2009 à 23:25:52

Je n''ai pas formaté

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : HP_Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.30 (Activated)
Firewall : Outpost Firewall Pro 6.5.5 (Activated)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:133 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:17 Go)
E:\ (Local Disk) - FAT32 - Total:6 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (USB)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( jeu. 09/07/2009|23:14 )

-----------\\ SUPPRESSION

Supprime! - [Service] ASKUpgrade
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\PopSwatter
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_Astroburn.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(HP_Administrateur) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe

(HP_Administrateur.BOON) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(HP_Administrateur.BOON) - {53c4d698-0a74-873e-7946-7d19bb035667} => boox
(HP_Administrateur.BOON) - {5546F97E-11A5-46b0-9082-32AD74AAA920} => informenter
(HP_Administrateur.BOON) - {cb84136f-9c44-433a-9048-c5cd9df1dc16} => bdtoolbar
(HP_Administrateur.BOON) - {D419DABB-C0EA-4168-BFD7-637C7BF90D0A} => password

(HP_Administrateur.HENRI) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe
(HP_Administrateur.HENRI) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar
(HP_Administrateur.HENRI) - {4BBDD651-70CF-4821-84F8-2B918CF89CA3} => febe


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.yoower.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Default_Search_URL"="http://ie.redirect.hp.com/..."
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
"Search Bar"="http://ie.redirect.hp.com/..."


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - jeu. 09/07/2009|23:20 - Option : [2]

-----------\\ Fin du rapport a 23:20:37,40

   
Répondre à resbel

51

resbel, le 11 jui 2009 à 15:12:32

Bonjour,
Parfait : problèmes résolus.
Encore mille fois bien merci.
très sincères salutations.
Resbel

   
Répondre à resbel

3

jlpjlp, le 1 jun 2009 à 21:26:58

Après antivir rescue systeme tu peux passer malwarebyte ou antivir???
si oui colle un rapport avec pour voir
_______________

l'ordi se comporte bien?

_________________

puis

Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

   
Répondre à jlpjlp

37

resbel, le 20 jun 2009 à 18:44:39

Bonjour,
J'ai refait superantispyware qui n'a rien trouvé.
Bitdefender stoppé après 467254 fichiers,pointeur de souris zigzazuant dans tous les sens et ensuite écran bleu avec avertissement kernel_inkpage_error.
CHKDSK/F/E = nombreux clusters endommagé et donc remplacés?
Finalement ne faut il pas remplacer le disque dur et si oui quel type?
Salutations

   
Répondre à resbel

4

resbel, le 2 jun 2009 à 14:30:52

Cijoint info.txt
info.txt logfile of random's system information tool 1.06 2009-06-02 14:16:40

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x040c -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c32
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira Premium Security Suite-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Detective-->"C:\Program Files\InstallShield Installation Information\{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}\setup.exe" -runfromtemp -l0x0409 -removeonly
Driver Detective-->MsiExec.exe /X{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}
Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins001.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (fra)-->C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
IE PassView-->C:\WINDOWS\zipinst.exe /uninst "C:\Program Files\IE PassView\uninst1~.nsu"
Intel(R) Network Connections 14.0.40.0-->MsiExec.exe /i{888019C0-54D4-40C2-9274-27B9DAB17017} ARPREMOVE=1
Intel(R) Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
J2SE Development Kit 5.0 Update 19-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150190}
J2SE Runtime Environment 5.0 Update 19-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150190}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Le logiciel Intel® Viiv™-->MsiExec.exe /X{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x40c
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x40c
PC-Doctor 5 pour Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Services Off-line de Home'Bank 4.54-->"C:\Program Files\ING\Off-line\unins000.exe"
Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
ubCore-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoMate T , M , P Series Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E340F0-0BD6-4A87-AF29-E9E584471756}\Setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
xp-AntiSpy 3.97-3-->C:\Program Files\xp-AntiSpy\Uninstall.exe

======Security center information======

AV: AntiVir Desktop
FW: Avira Pare-feu

======System event log======

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1400
Source Name: NetBT
Time Written: 20090514230545.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 1002
Message: Le bail de l'adresse IP 192.168.1.100 pour la carte réseau dont l'adresse réseau est 0018F37B9453
a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK).

Record Number: 1357
Source Name: Dhcp
Time Written: 20090514170802.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection
. Le lien a été déconnecté.

Record Number: 1353
Source Name: e1express
Time Written: 20090514170732.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 2504
Message: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{4A6FB951-DCBB-4646-A52E-90BFBA3DA4C1}.

Record Number: 1249
Source Name: Server
Time Written: 20090514132536.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1215
Source Name: NetBT
Time Written: 20090514125103.000000+120
Event Type: error
User:

=====Application event log=====

Computer Name: HENRI
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\Program Files\IE PassView\iepv.exe
un code suspect avec la désignation 'SPR/PSW.NetPass.ET'!

Record Number: 1066
Source Name: Avira AntiVir
Time Written: 20090521184415.000000+120
Event Type: warning
User: AUTORITE NT\SYSTEM

Computer Name: HENRI
Event Code: 1004
Message: Application défaillante services.exe, version 5.1.2600.5755, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00d9fb05.

Record Number: 1065
Source Name: Application Error
Time Written: 20090521184401.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1057
Source Name: Avira Pare-feu
Time Written: 20090521184305.000000+120
Event Type:
User:

Computer Name: HENRI
Event Code: 2004
Message: Impossible d'ouvrir le Service serveur. Les données de performance du
serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.

Record Number: 1038
Source Name: PerfNet
Time Written: 20090519080927.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1037
Source Name: Avira Pare-feu
Time Written: 20090519080926.000000+120
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Intel\DMIX;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

-----------------EOF-----------------

   
Répondre à resbel

5

jlpjlp, le 3 jun 2009 à 09:59:10

Le deuxième rapport?

   
Répondre à jlpjlp

6

resbel, le 3 jun 2009 à 16:21:16

Bonjour,
l'ordinateur est plus lentCi-joint les 2 rapports.
1.Infotext :
info.txt logfile of random's system information tool 1.06 2009-06-02 14:16:40

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Amélioration de nos services-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1036
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x040c -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x5c32
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira Premium Security Suite-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Detective-->"C:\Program Files\InstallShield Installation Information\{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}\setup.exe" -runfromtemp -l0x0409 -removeonly
Driver Detective-->MsiExec.exe /X{7395D650-AE5D-4D68-B8FE-D3FA6B51467F}
Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins001.exe"
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software (fra)-->C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u
HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
IE PassView-->C:\WINDOWS\zipinst.exe /uninst "C:\Program Files\IE PassView\uninst1~.nsu"
Intel(R) Network Connections 14.0.40.0-->MsiExec.exe /i{888019C0-54D4-40C2-9274-27B9DAB17017} ARPREMOVE=1
Intel(R) Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
J2SE Development Kit 5.0 Update 19-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150190}
J2SE Runtime Environment 5.0 Update 19-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150190}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Kaspersky Online Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Kaspersky On-line Scanner-->C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Le logiciel Intel® Viiv™-->MsiExec.exe /X{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}
Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 5.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x40c
muvee autoProducer unPlugged 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x40c
PC-Doctor 5 pour Windows-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Python 2.5.2-->MsiExec.exe /I{6B976ADF-8AE8-434E-B282-A06C7F624D2F}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036
Services Off-line de Home'Bank 4.54-->"C:\Program Files\ING\Off-line\unins000.exe"
Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
ubCore-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VideoMate T , M , P Series Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E340F0-0BD6-4A87-AF29-E9E584471756}\Setup.exe" -l0x9
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
xp-AntiSpy 3.97-3-->C:\Program Files\xp-AntiSpy\Uninstall.exe

======Security center information======

AV: AntiVir Desktop
FW: Avira Pare-feu

======System event log======

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1400
Source Name: NetBT
Time Written: 20090514230545.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 1002
Message: Le bail de l'adresse IP 192.168.1.100 pour la carte réseau dont l'adresse réseau est 0018F37B9453
a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a envoyé un message DHCPNACK).

Record Number: 1357
Source Name: Dhcp
Time Written: 20090514170802.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection
. Le lien a été déconnecté.

Record Number: 1353
Source Name: e1express
Time Written: 20090514170732.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 2504
Message: Le serveur n'a pas pu se lier au transport \Device\NetBT_Tcpip_{4A6FB951-DCBB-4646-A52E-90BFBA3DA4C1}.

Record Number: 1249
Source Name: Server
Time Written: 20090514132536.000000+120
Event Type: warning
User:

Computer Name: HENRI
Event Code: 4307
Message: L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales.

Record Number: 1215
Source Name: NetBT
Time Written: 20090514125103.000000+120
Event Type: error
User:

=====Application event log=====

Computer Name: HENRI
Event Code: 4113
Message: AntiVir a détecté dans le fichier
C:\Program Files\IE PassView\iepv.exe
un code suspect avec la désignation 'SPR/PSW.NetPass.ET'!

Record Number: 1066
Source Name: Avira AntiVir
Time Written: 20090521184415.000000+120
Event Type: warning
User: AUTORITE NT\SYSTEM

Computer Name: HENRI
Event Code: 1004
Message: Application défaillante services.exe, version 5.1.2600.5755, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00d9fb05.

Record Number: 1065
Source Name: Application Error
Time Written: 20090521184401.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1057
Source Name: Avira Pare-feu
Time Written: 20090521184305.000000+120
Event Type:
User:

Computer Name: HENRI
Event Code: 2004
Message: Impossible d'ouvrir le Service serveur. Les données de performance du
serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0.

Record Number: 1038
Source Name: PerfNet
Time Written: 20090519080927.000000+120
Event Type: error
User:

Computer Name: HENRI
Event Code: 0
Message: Service démarré

Record Number: 1037
Source Name: Avira Pare-feu
Time Written: 20090519080926.000000+120
Event Type:
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Intel\DMIX;C:\Program Files\Fichiers communs\DivX Shared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

-----------------EOF-----------------
2.log text

Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrateur at 2009-06-02 14:25:52
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 150 GB (65%) free of 232 GB
Total RAM: 1022 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:25:53, on 2/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\USBStorage\USBDetector.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_19\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Administrateur\Bureau\RSIT.exe
C:\Documents and Settings\HP_Administrateur\Bureau\HP_Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skynet.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.linksys.com/be/registration
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Assistant de traduction IdiomaX.lnk = C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira Pare-feu (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
End of file - 14246 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-25 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-05-25 5931848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_19\bin\ssv.dll [2009-05-04 452088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-04-21 2582136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2009-06-02 325048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-05-25 5931848]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-04-21 2582136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"ftutil2"=ftutil2.dll,SetWriteCacheMode []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]
"PCDrProfiler"= []
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-12-19 76304]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-25 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-30 17881088]
"USBDetector"=C:\USBStorage\USBDetector.exe [2003-04-01 53248]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-05-25 198160]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2009-05-07 1839173]
"fsm"= []
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-05-25 160592]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LOGITE~1.EXE [2009-02-23 67128]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Assistant de traduction IdiomaX.lnk - C:\Program Files\IdiomaX\Translation Assistant 4.0\TrasWord.exe
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2009-02-19 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"

======List of files/folders created in the last 1 months======

2009-06-02 14:16:29 ----D---- C:\rsit
2009-06-01 17:04:39 ----D---- C:\Avira rescue system update
2009-06-01 10:57:26 ----A---- C:\WINDOWS\ntbtlog.txt
2009-06-01 09:07:12 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Malwarebytes
2009-06-01 09:07:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-01 09:07:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\swsc.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\swreg.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-06-01 09:03:49 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-06-01 09:03:48 ----A---- C:\WINDOWS\system32\Process.exe
2009-05-31 10:31:32 ----D---- C:\WINDOWS\system32\Kaspersky Lab
2009-05-30 19:05:49 ----D---- C:\Program Files\xp-AntiSpy
2009-05-30 10:58:53 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\OfficeUpdate12
2009-05-30 10:54:46 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-05-27 20:36:03 ----D---- C:\Medion
2009-05-26 19:39:52 ----A---- C:\UFantasy.ini
2009-05-26 19:34:04 ----D---- C:\Program Files\Unibrain
2009-05-26 19:33:20 ----D---- C:\Program Files\Intel Desktop Board
2009-05-26 19:29:01 ----D---- C:\HP LJ P4010 Series Printer
2009-05-26 19:24:15 ----D---- C:\USBStorage
2009-05-25 16:48:00 ----D---- C:\IntelPRO
2009-05-25 16:36:14 ----D---- C:\Program Files\ATI
2009-05-25 16:16:28 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-05-25 15:43:51 ----D---- C:\Program Files\PC Drivers HeadQuarters
2009-05-25 15:43:51 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2009-05-25 15:41:47 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-05-25 15:29:29 ----D---- C:\Python25
2009-05-25 15:25:47 ----A---- C:\WINDOWS\system32\javaws.exe
2009-05-25 15:25:47 ----A---- C:\WINDOWS\system32\javaw.exe
2009-05-25 15:25:47 ----A---- C:\WINDOWS\system32\java.exe
2009-05-25 14:51:26 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-05-25 14:51:00 ----D---- C:\Program Files\Fichiers communs\DivX Shared
2009-05-25 14:33:19 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Software Informer
2009-05-17 13:47:18 ----A---- C:\WINDOWS\system32\hpz3l4pi.dll
2009-05-17 13:37:33 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2009-05-17 13:37:33 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2009-05-17 13:37:33 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2009-05-17 13:37:33 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2009-05-17 13:37:33 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2009-05-17 13:37:33 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2009-05-17 12:25:31 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Image Zone Express
2009-05-16 11:14:20 ----A---- C:\WINDOWS\zipinst.exe
2009-05-14 23:35:05 ----D---- C:\WINDOWS\system32\appmgmt
2009-05-14 23:12:50 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-05-14 12:34:56 ----A---- C:\WINDOWS\~DF7724.tmp
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Wint351.exe
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\VBAR332.DLL
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Vb5db.dll
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\MSREPL35.DLL
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Dzip32.dll
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Dunzip32.dll
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Dtcutil.dll
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Dtctrace.dll
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Dtccm.dll
2009-05-14 12:20:18 ----A---- C:\WINDOWS\system32\Axdist.exe
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\MSXBSE35.DLL
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\Msstkprp.dll
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\MSRD2X35.DLL
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\MSJET35.DLL
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\Dzactx.dll
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\Duzactx.dll
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\Adme.dll
2009-05-14 12:20:17 ----A---- C:\WINDOWS\system32\actrpt.dll
2009-05-12 17:23:00 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Avira
2009-05-12 01:06:28 ----D---- C:\WINDOWS\system32\LogFiles
2009-05-12 01:06:15 ----D---- C:\Program Files\Avira
2009-05-12 00:51:59 ----A---- C:\WINDOWS\system32\LuResult.txt
2009-05-12 00:38:57 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\iolo
2009-05-11 23:36:17 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2009-05-11 23:36:13 ----A---- C:\WINDOWS\system32\KemXML.dll
2009-05-11 23:36:13 ----A---- C:\WINDOWS\system32\KemWnd.dll
2009-05-11 23:36:13 ----A---- C:\WINDOWS\system32\kemutb.dll
2009-05-11 23:36:12 ----A---- C:\WINDOWS\system32\KemUtil.dll
2009-05-11 23:34:07 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-05-11 23:31:29 ----D---- C:\Program Files\Atheros
2009-05-11 23:30:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-11 23:29:57 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-05-11 23:27:30 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-05-11 18:08:48 ----A---- C:\WINDOWS\system32\XceedZip.dll
2009-05-11 17:53:45 ----D---- C:\WINDOWS\ie8updates
2009-05-11 17:53:11 ----HDC---- C:\WINDOWS\ie8
2009-05-11 17:49:44 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-11 17:49:35 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-05-11 17:49:29 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-05-11 17:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-05-11 17:49:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-05-11 17:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-05-11 17:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-05-11 17:48:55 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-05-11 17:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-05-11 17:28:38 ----D---- C:\WINDOWS\Prefetch
2009-05-11 17:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-05-11 17:21:44 ----D---- C:\WINDOWS\system32\fr-fr
2009-05-11 17:21:44 ----D---- C:\WINDOWS\system32\fr
2009-05-11 17:21:43 ----D---- C:\WINDOWS\system32\bits
2009-05-11 17:02:10 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-05-11 17:02:08 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-05-11 17:02:06 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-05-11 17:02:05 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-05-11 17:02:05 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-05-11 17:01:58 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-05-11 17:01:58 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-05-11 17:01:58 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-05-11 17:01:52 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2009-05-11 17:01:51 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2009-05-11 17:01:47 ----N---- C:\WINDOWS\system32\slserv.exe
2009-05-11 17:01:47 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-05-11 17:01:47 ----N---- C:\WINDOWS\system32\slgen.dll
2009-05-11 17:01:46 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-05-11 17:01:46 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-05-11 17:01:44 ----N---- C:\WINDOWS\system32\setupn.exe
2009-05-11 17:01:42 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-05-11 17:01:40 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-05-11 17:01:39 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-05-11 17:01:38 ----N---- C:\WINDOWS\system32\qutil.dll
2009-05-11 17:01:38 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-05-11 17:01:37 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-05-11 17:01:37 ----N---- C:\WINDOWS\system32\qagent.dll
2009-05-11 17:01:36 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-05-11 17:01:33 ----N---- C:\WINDOWS\system32\onex.dll
2009-05-11 17:01:30 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-05-11 17:01:24 ----N---- C:\WINDOWS\system32\napstat.exe
2009-05-11 17:01:24 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-05-11 17:01:24 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-05-11 17:01:24 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-05-11 17:01:23 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-05-11 17:01:23 ----A---- C:\WINDOWS\system32\msxml6.dll
2009-05-11 17:01:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-05-11 17:01:21 ----N---- C:\WINDOWS\system32\mssha.dll
2009-05-11 17:01:09 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-05-11 17:01:09 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-05-11 17:01:09 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-05-11 17:01:09 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-05-11 17:01:07 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-05-11 17:01:03 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-05-11 17:01:03 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-05-11 17:01:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-05-11 17:01:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-05-11 17:01:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-05-11 17:01:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-05-11 17:00:59 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-05-11 17:00:59 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-05-11 17:00:57 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-05-11 17:00:53 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-05-11 17:00:48 ----A---- C:\WINDOWS\004136_.tmp
2009-05-11 17:00:47 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-05-11 17:00:46 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-05-11 17:00:46 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-05-11 17:00:45 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-05-11 17:00:45 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-05-11 17:00:45 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-05-11 17:00:45 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-05-11 17:00:45 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-05-11 17:00:45 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-05-11 17:00:42 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-05-11 17:00:41 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-05-11 17:00:41 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-05-11 17:00:40 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-05-11 17:00:38 ----N---- C:\WINDOWS\system32\credssp.dll
2009-05-11 17:00:32 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-05-11 17:00:32 ----N---- C:\WINDOWS\system32\azroles.dll
2009-05-11 17:00:31 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-05-11 17:00:30 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-05-11 17:00:30 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-05-11 17:00:24 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-05-11 16:59:42 ----D---- C:\WINDOWS\system32\PreInstall
2009-05-11 16:39:18 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-05-11 14:26:06 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-05-11 08:38:17 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\ErrorFix
2009-05-11 08:37:29 ----A---- C:\WINDOWS\oodcnt.INI
2009-05-11 08:36:10 ----SHD---- C:\cmdcons
2009-05-11 08:28:49 ----ASH---- C:\Documents and Settings\HP_Administrateur\Application Data\desktop.ini
2009-05-11 08:26:55 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Macromedia
2009-05-11 08:26:55 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Identities
2009-05-11 08:26:55 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\DeepBurner
2009-05-11 08:26:55 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Canneverbe_Limited
2009-05-11 08:26:55 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\ATI
2009-05-11 08:26:55 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Adobe
2009-05-11 08:26:54 ----SD---- C:\Documents and Settings\HP_Administrateur\Application Data\Microsoft
2009-05-11 08:26:54 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\WinRAR
2009-05-11 08:26:54 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Windows Search
2009-05-11 08:26:54 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Thunderbird
2009-05-11 08:26:54 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Real
2009-05-11 08:26:54 ----D---- C:\Documents and Settings\HP_Administrateur\Application Data\Mozilla
2009-05-11 08:11:08 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-05-10 08:37:15 ----SHD---- C:\found.001
2009-05-10 08:27:20 ----D---- C:\_OTMoveIt
2009-05-09 22:12:40 ----SHD---- C:\WINDOWS\CSC
2009-05-09 14:17:28 ----D---- C:\Program Files\OO Software
2009-05-09 09:27:28 ----D---- C:\Program Files\Astonsoft
2009-05-08 15:59:20 ----D---- C:\Program Files\iolo
2009-05-08 15:55:15 ----D---- C:\Documents and Settings\All Users\Application Data\iolo

======List of files/folders modified in the last 1 months======

2009-06-02 14:23:08 ----D---- C:\Program Files\Mozilla Thunderbird
2009-06-02 14:18:10 ----D---- C:\Program Files\Mozilla Firefox
2009-06-02 14:12:26 ----D---- C:\WINDOWS\Registration
2009-06-02 14:12:25 ----D---- C:\WINDOWS\Temp
2009-06-02 14:12:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-02 14:11:39 ----AD---- C:\WINDOWS
2009-06-02 07:41:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-02 07:38:54 ----D---- C:\Program Files\Google
2009-06-02 01:21:00 ----D---- C:\Program Files\netpass
2009-06-01 11:27:03 ----D---- C:\Downloads
2009-06-01 09:19:25 ----D---- C:\WINDOWS\Debug
2009-06-01 09:19:24 ----D---- C:\WINDOWS\Minidump
2009-06-01 09:07:09 ----D---- C:\WINDOWS\system32\drivers
2009-06-01 09:07:07 ----RD---- C:\Program Files
2009-06-01 09:03:49 ----D---- C:\WINDOWS\system32
2009-06-01 09:03:47 ----D---- C:\Program Files\Free Download Manager
2009-05-31 19:31:21 ----D---- C:\WINDOWS\system32\Restore
2009-05-31 10:31:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-31 10:31:31 ----HD---- C:\WINDOWS\inf
2009-05-30 11:31:19

   
Répondre à resbel

7

jlpjlp, le 3 jun 2009 à 16:40:47

Colle un rapport malwarebyte et antivir pour voir

regarde la température du pc: avec speedfan:
http://www.commentcamarche.net/telecharger/telecharger 34055057 speedfan

   
Répondre à jlpjlp

8

resbel, le 4 jun 2009 à 17:41:41

Win9x:NO 64Bit:NO GiveIO:YES SpeedFan:YES
I/O properly initialized
Linked ISA BUS at $0290
Linked Intel 82801HB ICH8 SMBUS at $0500
Scanning ISA BUS at $0290...
SuperIO Chip=Asus F8000
Asus F8000 found on ISA at $290
Scanning Intel SMBus at $0500...
Found ST3250824AS (250,1GB)
Found ST3250824AS (250,1GB)
Found ACPI temperature (21,0C)
Found Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
End of detection
Temp1 47C
Temp2 128C
Temp3 29C
HDO 43C
HD1 41C
Temp1 21C
Core 0 44C
Core1 44C
Salutations,

   
Répondre à resbel

9

jlpjlp, le 4 jun 2009 à 17:58:54

Ok colle antivir et malwarebyte

   
Répondre à jlpjlp

10

resbel, le 5 jun 2009 à 07:43:36

Bonjour,
Avira Premium Security Suite Updater

Heure de création : Thu Jun 04 23:17:38 2009


Système d'exploitation:
Windows XP (Service Pack 3) [5.1.2600]

Informations produit :
Version produit : 9.0.0.61
Updater : C:\Program Files\Avira\AntiVir Desktop\update.exe 9.0.0.46

Répertoire temporaire : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Répertoire de sauvegarde : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Répertoire dapos;installation : C:\Program Files\Avira\AntiVir Desktop\
Répertoire de l'Updater : C:\Program Files\Avira\AntiVir Desktop\
Répertoire AppData : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\


[UPD] [INFO] Contrôle en cours pour savoir si des fichiers plus récents sont disponibles.
[UPD] [INFO] Sélection en cours du serveur de mise à jour 'http://62.146.87.172/update'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/master.idx' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/wks_avira-win32-fr-isec.idx­' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-fr-isec.idx'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/wks_avira-win32-fr-isec.inf­o.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-fr-isec.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/webcat-common-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\webcat-common-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/vdf.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\vdf.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/ave2-win32-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\ave2-win32-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/antispam-win32-int.info.gz'­ vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\antispam-win32-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/specvir-win32-int.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\specvir-win32-int.info.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/idx/wks_avira-win32-fr-isec-inf­o.info.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\wks_avira-win32-fr-isec-info.info.gz­'.
[UPD] [INFO] Comparaison en cours des fichiers locaux avec la version disponible sur le serveur de mise à jour.
[UPD] [INFO] Contrôle en cours du module SELFUPDATE :
[UPD] [INFO] Contrôle en cours du module WEBCAT :
[UPD] [INFO] Fichier 'webcat/common/int/webcat1.dat' (local, serveur) : aed9a06d7faf674f1f0b61af27c5c6ee != 39db65f35863b12d20cde3b1bc3d2da5
[UPD] [INFO] Fichier 'webcat/common/int/webcat2.dat' (local, serveur) : 42e51833ec5226cbe085edc654f5cf78 != 4dec593ccf594dbbcfaeb4712b96a8e9
[UPD] [INFO] Fichier 'webcat/common/int/webcat3.dat' (local, serveur) : f54984dea6f05cabda2471140067ee09 != ce011d092eb17f4395cae63956ff03eb
[UPD] [INFO] Fichier 'webcat/common/int/webcat4.dat' (local, serveur) : 37eeadc18de607dcc66406afe53879e2 != d50516c88c452337078410ad0178f12e
[UPD] [INFO] Contrôle en cours du module VDF :
[UPD] [INFO] Fichier 'vdf/antivir3.vdf' (local, serveur) : 7.1.4.48 < 7.1.4.59
[UPD] [INFO] Contrôle en cours du module AVE2 :
[UPD] [INFO] Contrôle en cours du module ANTISPAM :
[UPD] [INFO] Contrôle en cours du module AVREP_NT :
[UPD] [INFO] Contrôle en cours du module MAIN :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/avupgsvc.exe' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/presetup.exe' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/vcredist_x86.exe' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/xp/avgntflt.inf' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/filelist.ini' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/product.ini' a défini le drapeau IGNORE et n'est de ce fait pas pris en compte.
[UPD] [INFO] Contrôle en cours du module COMMAPPDATA_AV :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/basic-nt/addr_file.html' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module COMMAPP :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/produpd.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/scanjob.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/startupd.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/updjob.avj' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module COMMAPDATA_AV_PROFILES :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/folder.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/folder.avp' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/mydocs.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/mymusic.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/mypics.avb' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/rootkit.avp' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module TEXT :
[UPD] [INFO] Le fichier 'wks_avira/win32/fr/isec-nt/eula.txt' est déjà installé et ne sera pas actualisé.
[UPD] [INFO] Contrôle en cours du module DRV :
[UPD] [INFO] Contrôle en cours du module PRODINFO :
[UPD] [INFO] Fichier de licence : version d'évaluation
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\' requiert 1684132 octets d'espace mémoire libre.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\' requiert 1181725 octets d'espace mémoire libre.
[UPD] [INFO] 'C:\Program Files\Avira\AntiVir Desktop\' requiert 1002525 octets d'espace mémoire libre.
[UPD] [INFO] Espace mémoire OK.
[UPD] [INFO] Lecteur : C:\, capacité disponible : 2779222016 octets.
[UPD] [INFO] Téléchargement en cours de nouveaux fichiers...
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat1.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat1.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat2.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat2.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat3.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat3.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/webcat/common/int/webcat4.dat.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\webcat\common\int\webcat4.dat.gz'.
[UPD] [INFO] Téléchargement de 'http://62.146.87.172/update/vdf/antivir3.vdf.gz' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\vdf\antivir3.vdf.gz'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat1.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat1.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat2.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat2.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat3.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat3.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\webcat\common\int\webcat4.dat' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\webcat4.dat'.
[UPD] [INFO] 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\.\vdf\antivir3.vdf' a été copié vers 'C:\Program Files\Avira\AntiVir Desktop\antivir3.vdf'.
[UPD] [INFO] Réinitialisation du Avira AntiVir Guard réussie.

Résumé :
********
5 fichiers téléchargés
5 fichiers installés
Fichier(s) téléchargé(s) : webcat1.dat; webcat2.dat; webcat3.dat; webcat4.dat; antivir3.vdf 7.1.4.59;

23:18:21 La mise à jour a été effectuée avec succès !njour,

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2232
Executable location: C:\Program Files\Malwarebytes' Anti-Malware
Database location: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

Username: HP_Administrateur
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\system32
Root drive: C:
Program Files: C:\Program Files
Common Files: C:\Program Files\Fichiers communs

Desktop: c:\documents and settings\Administrateur\Bureau
Desktop: c:\documents and settings\All Users\Bureau
Desktop: c:\documents and settings\Default User\Bureau
Desktop: c:\documents and settings\HP_Administrateur\Bureau
Desktop: c:\documents and settings\HP_Administrateur.BOON\Bureau

Start Menu: c:\documents and settings\Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\All Users\Menu Démarrer
Start Menu: c:\documents and settings\Default User\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur.BOON\Menu Démarrer
Start Menu: c:\documents and settings\LocalService\Menu Démarrer
Start Menu: C:\Documents and Settings\All Users\Menu Démarrer

User Root: c:\documents and settings\Administrateur
User Root: c:\documents and settings\All Users
User Root: c:\documents and settings\Default User
User Root: c:\documents and settings\HP_Administrateur
User Root: c:\documents and settings\HP_Administrateur.BOON
User Root: c:\documents and settings\HP_ADM~1~BOO
User Root: c:\documents and settings\LocalService
User Root: c:\documents and settings\NetworkService

Favorite: c:\documents and settings\Administrateur\Favoris
Favorite: c:\documents and settings\All Users\Favoris
Favorite: c:\documents and settings\Default User\Favoris
Favorite: c:\documents and settings\HP_Administrateur\Favoris
Favorite: c:\documents and settings\HP_Administrateur.BOON\Favoris
Favorite: c:\documents and settings\LocalService\Favoris

Application Data: c:\documents and settings\Administrateur\Application Data
Application Data: c:\documents and settings\All Users\Application Data
Application Data: c:\documents and settings\Default User\Application Data
Application Data: c:\documents and settings\HP_Administrateur\Application Data
Application Data: c:\documents and settings\HP_Administrateur.BOON\Application Data
Application Data: c:\documents and settings\LocalService\Application Data
Application Data: c:\documents and settings\NetworkService\Application Data
Application Data: C:\Documents and Settings\All Users\Application Data

Quick Launch: c:\documents and settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur.BOON\Application Data\Microsoft\Internet Explorer\Quick Launch

Temporary Folder: c:\documents and settings\Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\Default User\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur.BOON\Local Settings\Temp
Temporary Folder: c:\documents and settings\LocalService\Local Settings\Temp
Temporary Folder: c:\documents and settings\NetworkService\Local Settings\Temp
Temporary Folder: C:\WINDOWS\Temp
Salutations

   
Répondre à resbel

11

resbel, le 6 jun 2009 à 11:18:38

POUR ANTIVIR
SCAN IMPOSSIBLE UNIQUEMENT RAPPORT D4UPDATE
Avira Premium Security Suite Updater

Heure de création : Sat Jun 06 10:33:12 2009


Système d'exploitation:
Windows XP (Service Pack 3) [5.1.2600]

Informations produit :
Version produit : 9.0.0.61
Updater : C:\Program Files\Avira\AntiVir Desktop\update.exe 9.0.0.46

Répertoire temporaire : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Répertoire de sauvegarde : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Répertoire dapos;installation : C:\Program Files\Avira\AntiVir Desktop\
Répertoire de l'Updater : C:\Program Files\Avira\AntiVir Desktop\
Répertoire AppData : C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\


[UPD] [INFO] Contrôle en cours pour savoir si des fichiers plus récents sont disponibles.
[UPD] [INFO] Sélection en cours du serveur de mise à jour 'http://80.190.154.73/update'.
[UPD] [INFO] Téléchargement de 'http://80.190.154.73/update/idx/master.idx' vers'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
[UPD] [INFO] Pas de mise à jour disponible, l'installation est à jour.

Résumé :
********
0 fichiers téléchargés
0 fichiers installés

10:33:13 La mise à jour a été effectuée avec succès !enyw

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2232
Executable location: C:\Program Files\Malwarebytes' Anti-Malware
Database location: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

Username: HP_Administrateur
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\system32
Root drive: C:
Program Files: C:\Program Files
Common Files: C:\Program Files\Fichiers communs

Desktop: c:\documents and settings\Administrateur\Bureau
Desktop: c:\documents and settings\All Users\Bureau
Desktop: c:\documents and settings\Default User\Bureau
Desktop: c:\documents and settings\HP_Administrateur\Bureau
Desktop: c:\documents and settings\HP_Administrateur.BOON\Bureau

Start Menu: c:\documents and settings\Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\All Users\Menu Démarrer
Start Menu: c:\documents and settings\Default User\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur\Menu Démarrer
Start Menu: c:\documents and settings\HP_Administrateur.BOON\Menu Démarrer
Start Menu: c:\documents and settings\LocalService\Menu Démarrer
Start Menu: C:\Documents and Settings\All Users\Menu Démarrer

User Root: c:\documents and settings\Administrateur
User Root: c:\documents and settings\All Users
User Root: c:\documents and settings\Default User
User Root: c:\documents and settings\HP_Administrateur
User Root: c:\documents and settings\HP_Administrateur.BOON
User Root: c:\documents and settings\HP_ADM~1~BOO
User Root: c:\documents and settings\LocalService
User Root: c:\documents and settings\NetworkService

Favorite: c:\documents and settings\Administrateur\Favoris
Favorite: c:\documents and settings\All Users\Favoris
Favorite: c:\documents and settings\Default User\Favoris
Favorite: c:\documents and settings\HP_Administrateur\Favoris
Favorite: c:\documents and settings\HP_Administrateur.BOON\Favoris
Favorite: c:\documents and settings\LocalService\Favoris

Application Data: c:\documents and settings\Administrateur\Application Data
Application Data: c:\documents and settings\All Users\Application Data
Application Data: c:\documents and settings\Default User\Application Data
Application Data: c:\documents and settings\HP_Administrateur\Application Data
Application Data: c:\documents and settings\HP_Administrateur.BOON\Application Data
Application Data: c:\documents and settings\LocalService\Application Data
Application Data: c:\documents and settings\NetworkService\Application Data
Application Data: C:\Documents and Settings\All Users\Application Data

Quick Launch: c:\documents and settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\Default User\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch
Quick Launch: c:\documents and settings\HP_Administrateur.BOON\Application Data\Microsoft\Internet Explorer\Quick Launch

Temporary Folder: c:\documents and settings\Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\Default User\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur\Local Settings\Temp
Temporary Folder: c:\documents and settings\HP_Administrateur.BOON\Local Settings\Temp
Temporary Folder: c:\documents and settings\LocalService\Local Settings\Temp
Temporary Folder: c:\documents and settings\NetworkService\Local Settings\Temp
Temporary Folder: C:\WINDOWS\Temp

   
Répondre à resbel

12

jlpjlp, le 6 jun 2009 à 20:31:46

Colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://www.pandasoftware.fr/Activescan/Activescan.html

Kaspersky en ligne
http://webscanner.kaspersky.fr/

   
Répondre à jlpjlp

13

resbel, le 6 jun 2009 à 22:54:55

Scans imposibles.
écran bleu avec à nouveau Kernel_inpage_error etc.
salutations

   
Répondre à resbel

14

jlpjlp, le 6 jun 2009 à 23:00:28

Fais un teste de ta mémoire ram avec memtest pour etre sur que ce n'est pas la ram :

http://www.commentcamarche.net/faq/sujet 899 memoire tester ses barrettes de ram avec memtest

http://netah25.developpez.com/Tutoriels/TutoMemtest86/


Ensuite va dans panneau de configuration-->outils d'administration-->observateur d'evenement-->systeme et dis nous l'erreur qui apparait (noté d'une croix rouge) apres l'erreur fatale. Sinon est- ce que ceci arrive quand tu lance des jeux ou des logiciels d'animation 3D?


______________________

a plus

   
Répondre à jlpjlp

15

resbel, le 6 jun 2009 à 23:24:45

Bonsoir,
je vais faire memtest.
Erreur system 6/6/2009 20.20
catégorie 102
événement 1003
utillisateur N/A
orddinateur HENRI

   
Répondre à resbel

16

resbel, le 7 jun 2009 à 01:09:42

Memtest : Pass complete no errors
Je ne lance jamais de jeux ou logiciels d'animation.
Salutations

   
Répondre à resbel

17

jlpjlp, le 8 jun 2009 à 11:42:24

Ok
repare windows comme ceci et dis si cela le fait encore:

http://www.microapp.com/astuce_234_windows_xp_reparer_un_fic­hier_corrompu.html

   
Répondre à jlpjlp

18

resbel, le 8 jun 2009 à 16:02:18

Bonjour,
premier message :
les fichiers nécessaires au fonctionnement de W doivent être copiés dans le dossier DLL cahe.Veuillez insérer votre CDdu service pack 3 pour Win.Le CD que vous avez n'est pas le bon.Effectivement je n'ai que le CD Win XP pro (pack1)en tout légalité d'un premier ordinateur remplacé par celui ci avec Win XP media center d'origine (sans disquette).
deuxième message :
les fichiers nécessaires au fonctionnement de W ont été remplacés par des fichiers d'une version non reconnu.Pour maintenir la stabilité du système W doit restaurer la version originale de ces fichiers.Insérez votre disquette WXP pro CD2.que je n'ai pas.....et pour caue ci-dessus.
P.S.impossibles d'enlever ( ctrl + del) le message de protection des fichiers qui me dit constamment de recommencer( Insérez votre disquette WXP pro CD2).

Salutations,

   
Répondre à resbel

19

jlpjlp, le 8 jun 2009 à 16:04:59

Ok alors on peut pas reparer ...

sinon comme ceci: mais si ce n'est pas le bon cd c'est risqué
http://www.informatruc.com/reparer.php


ou avec zeb restore:
http://telechargement.zebulon.fr/zeb-restore.html

   
Répondre à jlpjlp

20

resbel, le 8 jun 2009 à 16:29:17

Ne puis je pas installer comme nouvelle version Win à savoir WXPpro dont j'ai le CD ?Et perds t on les données?
J'ai fait restore Z qui me dit que les fichiers ont été restaurés?????
Salutations,

   
Répondre à resbel

21

jlpjlp, le 8 jun 2009 à 16:33:19

Si tu réinstalle windows tu perds toutes les données sauf si tu installe windows sur une autre partition


si tu repare normalement tu garde toutes les données

   
Répondre à jlpjlp

22

resbel, le 8 jun 2009 à 16:52:27

Et si je tape F10=system recovery ou au démarrage récupération ?Vais je retrouver WXPmedia center?ou comment?
Merci de toutes ces informations et salutations

   
Répondre à resbel

23

jlpjlp, le 8 jun 2009 à 16:55:22

Tu retrouve le pc sorti d'usine , vide de ce que tu as mis

   
Répondre à jlpjlp

24

resbel, le 8 jun 2009 à 17:02:22

Bonjour
Et encore merci de toutes ces informations.Je vais réfléchir...et peut être reprendre la config d'usine en sauvegardant ce que je peux sur un disque externe.Est ce une bonne idée?
Salutations

   
Répondre à resbel

25

jlpjlp, le 9 jun 2009 à 10:40:01

Oui c'est une bonne idée

pour sauvegarder facilement tu peux utiliser Fab's autobackup:
http://www.commentcamarche.net/telecharger/telecharger 34055063 fab s autobackup

   
Répondre à jlpjlp

26

resbel, le 11 jun 2009 à 15:02:15

Bonjour,
J'ai donc fait F10=system recovery.
Tout n'a pas été effacé mais l'ordi fonctionne plus vite.
Avec Malware l'écran devient noire et le PC redémarre normalement.
Ci-joint le rapport d'avira qui s'est arrété après 27 minutes :
Avira AntiVir Personal
Report file date: mercredi 10 juin 2009 18:21

Scanning for 1462412 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HENRI

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 3/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10/06/2009 16:11:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.4.38 2692096 Bytes 29/05/2009 16:11:39
ANTIVIR3.VDF : 7.1.4.82 321024 Bytes 10/06/2009 16:11:39
Engineversion : 8.2.0.183
AEVDF.DLL : 8.1.1.1 106868 Bytes 10/06/2009 16:11:39
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 10/06/2009 16:11:39
AESCN.DLL : 8.1.2.3 127347 Bytes 10/06/2009 16:11:39
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 10/06/2009 16:11:39
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:56
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 10/06/2009 16:11:39
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:56
AEGEN.DLL : 8.1.1.45 348532 Bytes 10/06/2009 16:11:39
AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 10/06/2009 16:11:39
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10/06/2009 16:11:39
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, M:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: mercredi 10 juin 2009 18:21

Starting search for hidden objects.
'156505' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'softinfo.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'TrasWord.exe' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'ccApp.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'CLI.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'navapsvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ccProxy.exe' - '1' Module(s) have been scanned
Scan process 'ccEvtMgr.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'ccSetMgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
51 processes with 51 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Master boot sector HD6
[INFO] No virus was found!
Master boot sector HD7
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'M:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '71' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix.exe.XXX
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program

Beginning disinfection:
C:\Documents and Settings\HP_Administrateur\Bureau\SmitfraudFix.exe.XXX
[NOTE] The file was moved to '4a98e467.qua'!


End of the scan: mercredi 10 juin 2009 18:48
Used time: 27:35 Minute(s)

The scan has been canceled!

4625 Scanned directories
257594 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
257590 Files not concerned
4600 Archives were scanned
2 Warnings
3 Notes
156505 Objects were scanned with rootkit scan
0 Hidden objects were found
EN QUARANTAINE :
contains recognition patterns of the SPR/tools.Hardoff source C/doc....Smitfraudfix.exe
contains recognition patterns of the SPR/PSW.netpass source c/program files /IE...iepv.exe.....
contains recognition patterns of the SPR/tools.Hardoff source /doc.. restart

Salutations

   
Répondre à resbel

27

jlpjlp, le 11 jun 2009 à 15:13:08

Fais malwarebyte et antivir en mode sans echec cela devrait passer

http://www.malekal.com/modesansechec.php

   
Répondre à jlpjlp

28

resbel, le 12 jun 2009 à 14:55:56

Bonjour,
l'ordi fonctionne apparemment mieux mais toujours impossible de scanner avec avira ou malware.Après un certain temps freezing.Que faire?formater,nouveau disquz,quid?????
Salutations

   
Répondre à resbel

30

resbel, le 13 jun 2009 à 08:51:40

Bonjour,
l'écran a changé
Ci dessous le rapport combofix :
ComboFix 09-06-12.02 - HP_Administrateur 13/06/2009 8:35.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.32.1036.18.1022.531 [GMT 2:00]
Lancé depuis: c:\documents and settings\HP_Administrateur.HENRI\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Outpost Firewall Pro *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-05-13 au 2009-06-13 ))))))))))))))))))))))))))))))))))))
.

2009-06-13 05:55 . 2006-05-16 06:25 77824 ----a-r- c:\windows\system32\hpzids01.dll
2009-06-13 05:55 . 2006-06-03 19:29 48128 ----a-w- c:\windows\system32\hpz3l4pi.dll
2009-06-13 05:14 . 2009-06-13 05:46 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Image Zone Express
2009-06-13 04:58 . 2009-06-13 04:58 -------- d-s---w- c:\documents and settings\HP_Administrateur.HENRI\UserData
2009-06-11 18:17 . 2008-07-16 14:05 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-06-11 18:17 . 2009-06-11 18:17 2517528 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\INF_allOS_9.0.0.1011_PV.exe
2009-06-11 18:16 . 2003-04-03 16:57 5183 ----a-w- c:\windows\system32\drivers\usbu2a.sys
2009-06-11 18:14 . 2009-06-11 18:14 -------- d-----w- c:\windows\system32\LogFiles
2009-06-11 17:58 . 2009-06-11 17:58 -------- d-----w- c:\documents and settings\HP_ADM~1~HEN\LOCALS~1
2009-06-11 17:58 . 2009-06-11 17:58 -------- d-----w- c:\documents and settings\HP_ADM~1~HEN
2009-06-11 17:54 . 2009-06-11 17:58 29966043 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\WDM_R225.exe
2009-06-11 17:54 . 2008-09-01 08:18 1564544 ----a-w- c:\windows\system32\drivers\VMHybr64.­sys
2009-06-11 17:54 . 2008-09-01 08:05 1060224 ----a-w- c:\windows\system32\drivers\VMHybrid.­sys
2009-06-11 16:39 . 2009-06-11 18:25 24469075 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\lanintel_pronwo10gbewxpvst32.exe
2009-06-11 16:38 . 2009-06-11 18:14 -------- d-----w- c:\program files\ATI
2009-06-11 16:17 . 2009-06-11 16:17 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\PC_Drivers_Headquarters
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Identities
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Windows Desktop Search
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\windows\system32\fr-FR
2009-06-11 15:53 . 2009-06-11 15:53 -------- d-----w- c:\windows\system32\GroupPolicy
2009-06-11 15:17 . 2009-02-25 13:15 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-06-11 14:39 . 2009-06-09 12:18 575488 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\su­pport@lastpass.com\platform\WINNT_x86-msvc\components\lpxpco­m.dll
2009-06-11 14:24 . 2009-06-11 14:31 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\RegTool
2009-06-11 12:30 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissar­my.sys
2009-06-11 12:29 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-11 12:23 . 2009-06-11 12:23 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\AutoBackup
2009-06-11 12:22 . 2009-06-13 05:32 1753616 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Thunderbird\Profiles\svwpsky0.default\Mail\Local Folders\Inbox.sbd\TELECHARGER.COM
2009-06-11 12:22 . 2009-04-30 21:08 575488 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Profiles\dgqc0dnt.default\extensions\support@la­stpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2009-06-11 12:22 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Profiles\dgqc0dnt.default\extensions\{77b819fa-­95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-11 12:22 . 2009-06-11 12:22 -------- d-----w- C:\Wallpaper
2009-06-11 11:34 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sy­s
2009-06-11 11:34 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\dllcache\bthport.s­ys
2009-06-11 11:33 . 2009-02-09 11:50 2017792 ------w- c:\windows\system32\dllcache\ntkrpamp­.exe
2009-06-11 11:33 . 2009-02-09 11:50 2059776 ------w- c:\windows\system32\dllcache\ntkrnlpa­.exe
2009-06-11 11:33 . 2009-02-09 11:50 2182528 ------w- c:\windows\system32\dllcache\ntoskrnl­.exe
2009-06-11 11:33 . 2009-02-09 11:50 2138112 ------w- c:\windows\system32\dllcache\ntkrnlmp­.exe
2009-06-11 11:29 . 2008-10-24 11:10 453632 ------w- c:\windows\system32\dllcache\mrxsmb.sy­s
2009-06-10 22:27 . 2009-06-10 22:27 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\HPQ
2009-06-10 22:23 . 2009-06-10 22:23 -------- d-----w- c:\program files\7-Zip
2009-06-10 22:21 . 2009-06-10 22:29 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\uTorrent
2009-06-10 22:21 . 2009-06-10 22:21 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Logitech
2009-06-10 22:20 . 2008-12-18 22:43 10384 ----a-w- c:\windows\system32\drivers\LBeepKE.sys­
2009-06-10 22:19 . 2008-11-07 14:37 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2009-06-10 22:19 . 2008-11-07 14:38 84496 ----a-w- c:\windows\system32\KemXML.dll
2009-06-10 22:19 . 2008-11-07 14:38 117264 ----a-w- c:\windows\system32\KemWnd.dll
2009-06-10 22:19 . 2008-11-07 14:38 145936 ----a-w- c:\windows\system32\KemUtil.dll
2009-06-10 22:19 . 2008-11-07 14:38 170512 ----a-w- c:\windows\system32\kemutb.dll
2009-06-10 22:04 . 2009-06-10 22:04 -------- d-----w- c:\documents and settings\LocalService\Bureau
2009-06-10 22:04 . 2009-06-10 22:04 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\SupportSoft
2009-06-10 22:02 . 2008-12-24 15:24 703904 ----a-w- c:\windows\system32\drivers\SandBox.sy­s
2009-06-10 22:02 . 2008-12-17 09:07 257176 ----a-w- c:\windows\system32\drivers\afwcore.sy­s
2009-06-10 22:02 . 2008-06-20 07:45 30864 ----a-w- c:\windows\system32\drivers\afw.sys
2009-06-10 22:01 . 2009-06-11 11:28 -------- d-----w- c:\windows\system32\Filt
2009-06-10 22:00 . 2009-06-10 22:02 -------- d-----w- C:\Belgacom.msi.2.1
2009-06-10 21:57 . 2004-06-14 12:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2009-06-10 21:53 . 2009-06-10 21:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Apple Computer
2009-06-10 21:53 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-10 21:53 . 2008-04-17 11:12 15464 ----a-w- c:\windows\system32\drivers\GEARAspiWDM­.sys
2009-06-10 21:52 . 2009-06-10 21:52 -------- d-----w- c:\program files\iPod
2009-06-10 21:52 . 2009-06-10 21:53 -------- d-----w- c:\program files\iTunes
2009-06-10 21:51 . 2009-06-10 21:51 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Apple
2009-06-10 21:51 . 2009-06-10 21:53 -------- dc----w- c:\windows\system32\DRVSTORE
2009-06-10 21:50 . 2009-06-10 21:53 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Apple Computer
2009-06-10 16:19 . 2009-06-13 06:42 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Free Download Manager
2009-06-10 16:07 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-10 16:07 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sy­s
2009-06-10 16:07 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sy­s
2009-06-10 16:07 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys­
2009-06-10 16:06 . 2009-06-10 16:06 -------- d-----w- c:\program files\Avira
2009-06-10 15:45 . 2009-06-12 21:37 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\Adobe
2009-06-10 15:39 . 2009-06-13 06:31 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Software Informer
2009-06-10 14:45 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\{7­7b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-10 06:36 . 2009-06-10 06:37 -------- d-----w- C:\I386
2009-06-10 06:23 . 2009-06-13 05:55 -------- d-sh--r- c:\windows\system32\dllcache
2009-06-10 06:23 . 2009-06-10 06:36 -------- d-----r- c:\windows\system32\config\systempro­file\Menu Démarrer
2009-06-09 22:02 . 2009-06-11 16:17 31176 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-09 22:02 . 2009-06-09 22:07 146 ----a-w- c:\documents and settings\HP_Administrateur.HENRI\Local Settings\Application Data\fusioncache.dat
2009-06-09 21:58 . 2009-06-01 08:58 -------- d-----w- c:\windows\system32\config\systempro­file\Application Data\Malwarebytes
2009-06-09 21:56 . 2009-06-01 04:47 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-06-09 21:49 . 2004-08-03 22:54 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-06-09 21:49 . 2001-08-23 15:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-06-09 21:49 . 2001-08-23 15:04 12288 ----a-w- c:\windows\system32\dllcache\mouhid.sys­
2009-06-09 21:49 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-06-09 21:49 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys­
2009-06-09 21:49 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-06-09 21:48 . 2004-08-03 21:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sy­s
2009-06-09 21:48 . 2004-08-03 21:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys­
2009-06-09 20:58 . 2009-06-12 21:55 -------- d-----w- C:\Downloads
2009-06-09 15:57 . 2009-06-09 15:57 -------- d-----w- c:\program files\MozBackup
2009-06-09 14:29 . 2009-06-09 14:29 -------- d-----w- c:\program files\2BrightSparks
2009-06-07 13:43 . 2009-06-07 13:43 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\PCHealth
2009-06-07 07:37 . 2009-06-07 07:42 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-07 07:34 . 2008-12-03 23:25 120832 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\{7­7b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-06 15:24 . 2009-06-06 15:26 152576 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-04 15:24 . 2009-06-04 15:43 -------- d-----w- c:\program files\SpeedFan
2009-06-02 20:23 . 2009-06-07 07:34 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\LastPass
2009-06-02 20:23 . 2009-04-30 21:08 575488 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Mozilla\Firefox\Profiles\dgqc0dnt.default\extensions\su­pport@lastpass.com\platform\WINNT_x86-msvc\components\lpxpco­m.dll
2009-06-02 18:24 . 2009-06-02 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\HanDBase4
2009-06-02 12:16 . 2009-06-02 12:16 -------- d-----w- C:\rsit
2009-06-01 15:04 . 2009-06-01 15:09 -------- d-----w- C:\Avira rescue system update
2009-06-01 08:58 . 2009-06-01 08:58 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes
2009-06-01 07:07 . 2009-06-01 07:07 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Malwarebytes
2009-06-01 07:07 . 2009-06-11 12:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-01 07:07 . 2009-06-01 07:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-01 04:47 . 2009-06-01 04:47 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-05-30 17:05 . 2009-05-30 17:05 -------- d-----w- c:\program files\xp-AntiSpy
2009-05-30 08:59 . 2009-04-13 20:10 264704 ------w- c:\documents and settings\HP_Administrateur\Application Data\OfficeUpdate12\oudetect.dll
2009-05-30 08:58 . 2009-05-30 09:23 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\OfficeUpdate12
2009-05-28 15:44 . 2009-06-11 18:06 41116951 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\setpoint310.exe
2009-05-28 15:10 . 2009-06-11 18:28 906365 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\chpwim2210wxp.exe
2009-05-27 18:36 . 2009-06-11 16:43 -------- d-----w- C:\Medion
2009-05-27 18:35 . 2009-05-27 18:42 905433 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\chpwim2140_2170wxp.exe
2009-05-26 17:34 . 2009-05-26 17:34 -------- d-----w- c:\program files\Unibrain
2009-05-26 17:33 . 2009-05-26 17:33 -------- d-----w- c:\program files\Intel Desktop Board
2009-05-26 17:32 . 2009-06-11 18:21 7357546 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\1394B_XP2K_32_4.0.1.EXE
2009-05-26 17:29 . 2009-05-26 17:36 -------- d-----w- C:\HP LJ P4010 Series Printer
2009-05-26 17:24 . 2009-06-11 18:16 -------- d-----w- C:\USBStorage
2009-05-26 17:18 . 2009-05-26 17:22 29950768 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\WDM_R223.exe
2009-05-25 14:48 . 2009-05-25 14:48 -------- d-----w- C:\IntelPRO
2009-05-25 14:20 . 2009-05-25 14:41 24866536 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\VideoNet_2008_12.exe
2009-05-25 14:03 . 2009-05-28 15:37 15117544 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\HP_LJ_P4010_PCL6_32Bit.exe
2009-05-25 14:03 . 2009-06-11 16:24 15003136 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\HP_LJ_P4010_PCL6_64Bit.exe
2009-05-25 14:03 . 2009-06-11 18:16 918745 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\DX-ECDRW100_Drivers.exe
2009-05-25 14:03 . 2009-06-11 17:53 3347908 ----a-w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters\Driver Detective\Downloads\VMHybrid_1.3.7.8.exe
2009-05-25 13:44 . 2009-05-25 13:44 -------- d-----w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\PC_Drivers_Headquarters

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-13 06:19 . 2009-02-15 22:29 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-13 05:31 . 2009-02-15 21:43 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-06-13 05:16 . 2006-09-15 20:05 -------- d-----w- c:\program files\Hewlett-Packard
2009-06-12 22:05 . 2008-11-07 17:10 -------- d-----w- c:\program files\Windows Desktop Search
2009-06-12 21:40 . 2009-04-18 11:16 -------- d-----w- c:\program files\Fichiers communs\PC Tools
2009-06-11 20:08 . 2005-10-10 11:39 73570 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-11 20:08 . 2005-10-10 11:39 469400 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-11 15:27 . 2006-09-15 20:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-06-11 15:27 . 2006-09-15 20:23 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared
2009-06-10 22:20 . 2009-06-10 22:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMo­uFilt_01005.Wdf
2009-06-10 22:20 . 2009-06-10 22:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHi­dFilt_01005.Wdf
2009-06-10 22:20 . 2009-06-10 22:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_­01005_Coinstaller_Critical.Wdf
2009-06-10 21:59 . 2007-12-26 13:41 -------- d-----w- c:\program files\Free Download Manager
2009-06-10 21:56 . 2006-09-15 19:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-10 21:52 . 2008-12-25 14:10 -------- d-----w- c:\program files\Bonjour
2009-06-10 21:49 . 2009-06-10 21:49 -------- d-----w- c:\program files\ING
2009-06-10 16:19 . 2009-03-12 09:19 -------- d-----w- c:\program files\Software Informer
2009-06-10 16:07 . 2009-01-08 16:07 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-06-10 16:07 . 2009-01-08 16:07 -------- d-----w- c:\program files\NOS
2009-06-09 22:08 . 2009-06-09 22:08 2004 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_­RJ038AA-B14 m7660.be_YC_0Pavi_QCZH641_E64FRemMPA3_48_IBasswood_SASUSTek Computer INC._V1.05_B3.17_T070821_WXP2_L40C_M1023_J250_7Intel_8Core2 6300_91.87_#071226_N168C001B_Z_G10027140.MRK
2009-06-09 13:31 . 2009-05-13 14:46 1577734 ----a-w- c:\documents and settings\HP_Administrateur\Application Data\Thunderbird\Profiles\svwpsky0.default\Mail\Local Folders\Inbox.sbd\TELECHARGER.COM
2009-06-06 19:48 . 2008-03-09 15:57 -------- d-----w- c:\program files\TubeMaster
2009-06-06 15:35 . 2009-05-11 06:27 68752 ----a-w- c:\documents and settings\HP_Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-01 23:21 . 2008-11-08 12:13 -------- d-----w- c:\program files\netpass
2009-06-01 08:58 . 2009-06-09 22:01 -------- d-----w- c:\documents and settings\HP_Administrateur.HENRI\Application Data\Malwarebytes
2009-05-30 09:31 . 2008-11-07 19:12 -------- d-----w- c:\program files\MSECache
2009-05-25 14:34 . 2009-05-11 06:26 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\ATI
2009-05-24 22:24 . 2008-05-26 20:18 350208 ------w- c:\windows\system32\mssph.dll
2009-05-17 13:55 . 2008-05-17 05:52 -------- d-----w- c:\documents and settings\All Users\Application Data\SymplisIT
2009-05-17 12:08 . 2009-03-26 12:09 137153 ----a-w- c:\windows\HPHins12.dat
2009-05-14 21:12 . 2008-11-07 17:11 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Windows Desktop Search
2009-05-14 10:34 . 2009-05-14 10:34 6144 ----a-w- c:\windows\~DF7724.tmp
2009-05-12 15:23 . 2009-05-12 15:23 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\Avira
2009-05-12 13:12 . 2006-09-15 19:31 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-05-11 22:52 . 2008-03-20 09:39 -------- d-----w- c:\program files\CCleaner
2009-05-11 22:38 . 2009-05-11 22:38 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\iolo
2009-05-11 22:02 . 2008-07-24 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-11 21:31 . 2009-03-14 15:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Atheros
2009-05-11 21:31 . 2009-05-11 21:31 -------- d-----w- c:\program files\Atheros
2009-05-11 06:38 . 2009-05-11 06:38 -------- d-----w- c:\documents and settings\HP_Administrateur\Application Data\ErrorFix
2009-05-11 05:31 . 2009-03-12 09:19 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Free Download Manager
2009-05-11 05:30 . 2009-03-12 09:23 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Software Informer
2009-05-09 21:40 . 2009-05-09 21:40 68176 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-09 14:35 . 2008-03-25 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-05-09 12:42 . 2009-02-15 16:45 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\HP
2009-05-09 12:17 . 2009-05-09 12:17 -------- d-----w- c:\program files\OO Software
2009-05-09 11:46 . 2008-11-07 18:11 -------- d-----w- c:\program files\DEFRAG
2009-05-09 09:15 . 2009-05-08 13:55 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\iolo
2009-05-09 08:22 . 2009-04-18 09:02 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\uTorrent
2009-05-09 07:28 . 2009-05-09 07:27 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DeepBurner
2009-05-09 07:27 . 2009-05-09 07:27 -------- d-----w- c:\program files\Astonsoft
2009-05-08 15:21 . 2009-05-08 15:21 518 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\iolo\Registry\Last\restore.bat
2009-05-08 14:08 . 2009-05-08 14:08 1744 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\iolo\restore.bat
2009-05-08 13:59 . 2009-05-08 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-05-08 13:59 . 2009-05-08 13:59 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2009-05-08 13:59 . 2009-05-08 13:59 -------- d-----w- c:\program files\iolo
2009-05-08 13:48 . 2008-11-07 18:10 -------- d-----w- c:\program files\doc
2009-05-07 15:43 . 2004-08-10 11:00 347136 ----a-w- c:\windows\system32\localspl.dll
2009-05-04 15:51 . 2009-05-04 15:51 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Canneverbe_Limited
2009-05-03 12:35 . 2009-05-03 12:35 10134 ----a-r- c:\documents and settings\HP_Administrateur.BOON\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC9353­55}\ARPPRODUCTICON.exe
2009-05-03 10:11 . 2008-03-07 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-03 07:00 . 2009-05-01 14:04 -------- d-----w- c:\program files\JkDefrag
2009-05-01 15:30 . 2009-05-01 15:30 167376 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Mozilla\Firefox\Profiles\u440w8cy.default\FlashGot.exe
2009-05-01 13:54 . 2009-05-01 13:54 -------- d-----w- c:\program files\KeePass Password Safe
2009-04-29 17:31 . 2009-04-29 16:16 -------- d-----w- c:\program files\Unlocker
2009-04-29 16:16 . 2009-04-29 16:16 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Desktopicon
2009-04-29 06:36 . 2009-04-29 06:36 -------- d-----w- c:\program files\Smart Projects
2009-04-29 04:31 . 2004-08-10 11:00 672256 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:31 . 2004-08-10 11:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-28 19:42 . 2009-03-13 16:31 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DAEMON Tools Pro
2009-04-26 16:02 . 2009-02-15 21:37 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Apple Computer
2009-04-26 12:15 . 2009-04-26 09:27 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\UseNeXT
2009-04-26 09:27 . 2009-04-26 09:27 -------- d-----w- c:\program files\UseNeXT
2009-04-26 08:37 . 2009-04-26 07:50 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-04-26 07:52 . 2009-03-13 16:24 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DAEMON Tools Lite
2009-04-19 20:09 . 2004-08-10 11:00 1846784 ----a-w- c:\windows\system32\win32k.sys
2009-04-19 13:12 . 2009-04-18 10:20 -------- d-----w- c:\program files\PFConfig
2009-04-18 11:21 . 2009-04-18 11:16 -------- d-----w- c:\program files\PC Tools Firewall Plus
2009-04-18 11:19 . 2009-04-18 11:19 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\PCToolsFirewallPlus
2009-04-18 10:44 . 2008-08-16 08:13 -------- d-----w- c:\program files\Bit Che
2009-04-18 10:44 . 2009-04-18 10:44 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Convivea
2009-04-18 10:04 . 2008-08-03 07:53 -------- d-----w- c:\program files\uTorrent
2009-04-18 08:57 . 2009-04-18 08:57 13824 ----a-w- c:\windows\~DF71AC.tmp
2009-04-17 17:57 . 2009-04-12 10:16 -------- d-----w- c:\documents and settings\HP_Administrateur.BOON\Application Data\DiskAid
2009-04-16 15:23 . 2008-04-02 18:29 540672 ----a-w- c:\windows\RtlExUpd.dll
2009-04-15 15:17 . 2004-08-10 11:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-14 16:08 . 2009-04-14 16:08 -------- d-----w- c:\program files\Deliverypress
2009-04-13 20:10 . 2009-04-13 20:10 524288 ----a-w- c:\windows\opuc.dll
2009-04-12 09:18 . 2009-04-12 09:18 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-10 16:40 . 2009-04-18 10:44 118784 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Convivea\Bit_Che\scripts\x.exe
2009-03-30 14:31 . 2009-02-15 10:29 68176 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-27 12:54 . 2009-03-27 12:54 152576 ----a-w- c:\documents and settings\HP_Administrateur.BOON\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2008-02-21 18:30 . 2008-02-21 18:30 6152242 ----a-w- c:\program files\iDjinni.exe
2007-03-02 01:03 . 2007-12-26 18:31 22 --sha-w- c:\windows\SMINST\HPCD.SYS
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-06-01 1851461]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-06-10 160592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-04-13 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2008-12-25 1227080]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe" [2008-12-25 432968]
"Belgacom"="c:\program files\Belgacom\bin\sprtcmd.exe" [2008-05-29 202016]
"USBDetector"="c:\usbstorage\USBDetector.exe" [2003-04-01 53248]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-07-21 16261632]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304]

c:\documents and settings\HP_Administrateur.BOON\Menu D‚marrer\Programmes\D‚marrage\
Download Manager.lnk - c:\documents and settings\HP_Administrateur\Application Data\Microsoft\Installer\{7220A111-A842-44A8-B3F1-525BF2C52118}\_96096054A1736693F3BBA4.exe [2009-1-3 259591]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Assistant de traduction IdiomaX.lnk - c:\program files\IdiomaX\Translation Assistant 4.0\TrasWord.exe [2007-1-18 410160]
Google Updater.lnk - c:\program files\Google\Google Updater\GoogleUpdater.exe [2008-3-25 161776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-11 809488]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-02-18 22:30 72208 ----a-w- c:\program files\Fichiers communs\logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [11/06/2009 0:02 703904]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [10/02/2009 15:53 1267016]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/06/2009 18:07 108289]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [11/06/2009 0:20 10384]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [27/07/2005 17:25 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [27/07/2005 17:25 36352]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [15/09/2006 21:53 2829696]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [11/06/2009 0:02 30864]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [11/06/2009 0:02 257176]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [27/07/2005 17:25 77056]
S2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom);c:\program files\Belgacom\bin\sprtsvc.exe [29/05/2008 12:18 202016]
S3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [11/06/2009 0:02 34080]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [11/06/2009 14:30 40160]
S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [15/09/2006 21:52 468768]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.skynet.be/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_BE&c=64&bd=PAVILION&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_BE&c=64&bd=PAVILION&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_BE&c=64&bd=PAVILION&pf=desktop
IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Barre RoboForm - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Enregistrer le formulaire - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Identités - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Personnaliser le menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Remplir le formulaire - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: {{45DB34C3-955C-11D3-ABEF-444553540000} - c:\program files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-13 08:43
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1356)
c:\windows\system32\Ati2evxx.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
c:\program files\fichiers communs\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(416)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\fr-fr\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\fr-fr\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
.
Heure de fin: 2009-06-13 8:45
ComboFix-quarantined-files.txt 2009-06-13 06:45

Avant-CF: 142.611.169.280 octets libres
Après-CF: 142.598.541.312 octets libres

349 --- E O F --- 2009-06-12 22:05
Salutations

   
Répondre à resbel

32

resbel, le 13 jun 2009 à 20:10:04

Bonjour,
scan avira stop après 5 minutes et disparition.
ci joint rapport malware :

Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2261
Windows 5.1.2600 Service Pack 2

13/06/2009 20:02:29
mbam-log-2009-06-13 (20-02-19).txt

Type de recherche: Examen rapide
Eléments examinés: 106822
Temps écoulé: 5 minute(s), 58 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 11
Fichier(s) infecté(s): 127

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\RegTool (Rogue.RegTool) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\Drivers\Aud32 (Adware.BHO) -> No action taken.
c:\documents and settings\HP_Administrateur.HENRI\Application Data\RegTool (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\QuarantineW (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210 (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results (Rogue.RegTool) -> No action taken.
c:\documents and settings\HP_Administrateur\Application Data\ErrorFix (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410 (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results (Rogue.ErrorFix) -> No action taken.

Fichier(s) infecté(s):
c:\downloads\setup.exe (Rogue.Installer) -> No action taken.
c:\documents and settings\administrateur\Bureau\setup.exe (Rogue.Installer) -> No action taken.
c:\documents and settings\default user\Bureau\setup.exe (Rogue.Installer) -> No action taken.
c:\WINDOWS\Drivers\Aud32\gan.exe (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\gside2.exe (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\iemsgmgr_2.dll (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\Aud32\iephasst_2.dll (Adware.BHO) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\spy_ignore.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs\2009-06-11 16-24-220.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Logs\2009-06-11 17-05-120.log (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\filelist.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-0.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-1.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-10.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-11.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-12.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-13.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-14.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-15.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-16.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-17.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-18.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-19.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-2.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-20.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-21.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-22.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-23.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-24.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-25.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-26.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-27.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-28.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-29.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-3.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-30.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-31.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-32.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-33.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-34.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-35.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-36.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-37.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-38.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-39.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-4.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-40.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-41.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-42.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-43.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-44.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-45.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-46.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-47.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-48.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-49.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-5.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-50.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-51.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-52.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-53.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-54.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-55.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-56.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-57.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-6.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-7.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-8.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\quarantinew\2009-06-11 16-31-210\regb-9.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Evidence.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Junk.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Registry.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur.henri\application data\RegTool\Results\Update.db (Rogue.RegTool) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs\2009-05-11 08-38-170.log (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Logs\2009-05-11 13-46-200.log (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\filelist.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-0.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-1.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-10.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-11.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-12.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-13.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-14.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-15.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-16.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-17.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-18.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-19.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-2.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-20.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-21.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-22.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-23.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-24.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-25.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-26.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-27.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-28.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-29.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-3.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-30.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-31.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-32.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-33.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-34.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-35.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-36.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-37.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-38.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-39.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-4.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-40.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-41.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-42.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-43.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-5.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-6.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-7.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-8.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\quarantinew\2009-05-11 08-42-410\regb-9.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> No action taken.
c:\documents and settings\hp_administrateur\application data\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> No action taken.
C:\WINDOWS\Drivers\pub.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\Drivers\readme.html (Adware.BHO) -> No action taken.
c:\WINDOWS\Drivers\PhishAgnt.dll (Adware.Deewoo) -> No action taken.

   
Répondre à resbel

34

resbel, le 14 jun 2009 à 12:50:19

Bonjour,
superantispyware bloque
Kaspersy online bloque et pointeur de souris devient fou
bitdefender bloque et pointeur fou.Avira,kaspersky et bitdefender bloque toujours au même endroit = C:\documents and settings\HP adm........ccsetup.exe ????
salutations

   
Répondre à resbel

36

resbel, le 16 jun 2009 à 17:38:58

Bonjour,
Superantispyware a mis en quarantaine et éliminé une soixantaine de fichiers.
Bitdefender a scanné 1130937 fichiers ( disques C;D;E) et trouvé 34 fichiers infectés puis s'est bloqué avec écran bleu et avertissement de danger.Idem avec avira.
Salutations

   
Répondre à resbel

40

resbel, le 21 jun 2009 à 10:13:55

Avira =scan complet cijoint.
crystal disk info = 38 prudence disque C - cijoint.
AVIRA
Avira AntiVir Personal
Report file date: samedi 20 juin 2009 23:00

Scanning for 1478190 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : HENRI

Version information:
BUILD.DAT : 9.0.0.403 17961 Bytes 3/06/2009 17:05:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 10/06/2009 16:11:40
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:26
ANTIVIR2.VDF : 7.1.4.87 2982912 Bytes 12/06/2009 17:02:21
ANTIVIR3.VDF : 7.1.4.117 212480 Bytes 19/06/2009 06:38:27
Engineversion : 8.2.0.193
AEVDF.DLL : 8.1.1.1 106868 Bytes 10/06/2009 16:11:39
AESCRIPT.DLL : 8.1.2.9 409978 Bytes 17/06/2009 18:22:32
AESCN.DLL : 8.1.2.3 127347 Bytes 10/06/2009 16:11:39
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:41
AEPACK.DLL : 8.1.3.18 401783 Bytes 10/06/2009 16:11:39
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 18:22:28
AEHEUR.DLL : 8.1.0.133 1798520 Bytes 17/06/2009 18:22:26
AEHELP.DLL : 8.1.3.6 205174 Bytes 11/06/2009 16:08:40
AEGEN.DLL : 8.1.1.46 348533 Bytes 20/06/2009 06:38:29
AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 13:32:40
AECORE.DLL : 8.1.6.12 180599 Bytes 10/06/2009 16:11:39
AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/02/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 09:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 10/06/2009 16:11:39
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 09:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: samedi 20 juin 2009 23:00

Starting search for hidden objects.
'184200' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'searchfilterhost.exe' - '1' Module(s) have been scanned
Scan process 'searchprotocolhost.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'hpsysdrv.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'seccenter.exe' - '1' Module(s) have been scanned
Scan process 'ELService.exe' - '1' Module(s) have been scanned
Scan process 'kbd.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'SetPoint.exe' - '1' Module(s) have been scanned
Scan process 'IAANTmon.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'TrasWord.exe' - '1' Module(s) have been scanned
Scan process 'ehrecvr.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'robotaskbaricon.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'fdm.exe' - '1' Module(s) have been scanned
Scan process 'softinfo.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'bdagent.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'HpqSRmon.exe' - '1' Module(s) have been scanned
Scan process 'op_mon.exe' - '0' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'acs.exe' - '0' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'USBDetector.exe' - '1' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'DMAScheduler.exe' - '1' Module(s) have been scanned
Scan process 'IAAnotif.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'livesrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
67 processes with 67 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Master boot sector HD6
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '77' files ).


Starting the file scan:

Begin scan in 'C:\' <HP_PAVILION>
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\OLDOWNLOAD\Software\iepv_setup.exe.XXX

[0] Archive type: ZIP SFX (self extracting)
--> iepv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.NetPass.ET program
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.zip
[0] Archive type: ZIP
--> mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.zip
[0] Archive type: ZIP
--> pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
C:\hp\bin\KillIt.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
C:\hp\bin\KillIt.exe.XXX
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
C:\Program Files\Free Download Manager\SmitfraudFix\Reboot.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
C:\Program Files\Free Download Manager\SmitfraudFix\restart.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP10\A0005123.exe
[0] Archive type: CAB SFX (self extracting)
--> \Source\ACE\1028.mst
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP17\A0007735.EXE
[0] Archive type: CAB SFX (self extracting)
--> \ubCore32_080405.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017516.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017517.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017518.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017519.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017520.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017521.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017523.dll
[DETECTION] Is the TR/Killav.28714 Trojan
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP28\A0027750.exe
[DETECTION] Contains recognition pattern of the APPL/KillApplicat.A application
Begin scan in 'D:\' <HP_USER>
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Desktop\SmitfraudFix.exe.XXX
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\documents\VIDEOS\Setup.zip.XXX
[0] Archive type: ZIP
--> setup.exe
[DETECTION] Contains recognition pattern of the DR/Hupigon.frdu dropper
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034235.exe
[0] Archive type: NSIS
--> ProgramFilesDir/pwdump6_setup.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.PwDump program
--> ProgramFilesDir/servpw.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.generic.11894 program
--> ProgramFilesDir/lsremora.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.B program
--> ProgramFilesDir/lsremora64.dll
[DETECTION] Contains recognition pattern of the SPR/Tool.PWDump.F program
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034238.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034239.exe
[0] Archive type: NSIS
--> ProgramFilesDir/PFConfig.exe
[DETECTION] This file has been compressed using unusual runtime compression (PCK/ExeCryptor). Please verify the origin of this file.
Begin scan in 'E:\' <HP_RECOVERY>

Beginning disinfection:
C:\Documents and Settings\HP_Administrateur\Mes documents\Downloads\OLDOWNLOAD\Software\iepv_setup.exe.XXX
[NOTE] The file was moved to '4aad7ce2.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57ced.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807cc3.qua'!
C:\Documents and Settings\HP_Administrateur\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '49da14c4.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.Messen.BG program
[NOTE] The file was moved to '4aad7cf1.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\mspass.zip
[NOTE] The file was moved to '4b0beae2.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.exe
[DETECTION] Contains recognition pattern of the SPR/PSW.PassView.B program
[NOTE] The file was moved to '4b09fa72.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Bureau\UTIL\pspv.zip
[NOTE] The file was moved to '4aad7cf2.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57cef.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807cc7.qua'!
C:\Documents and Settings\HP_Administrateur.HENRI\Mes documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '4a807cc8.qua'!
C:\hp\bin\KillIt.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '4aa97cec.qua'!
C:\hp\bin\KillIt.exe.XXX
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '49f6dd45.qua'!
C:\Program Files\Free Download Manager\SmitfraudFix\Reboot.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
[NOTE] The file was moved to '4a9f7ce8.qua'!
C:\Program Files\Free Download Manager\SmitfraudFix\restart.exe.XXX
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4ab07ce8.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017516.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a6d7cb4.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017517.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4a6d7cb5.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017518.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '490e91de.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017519.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4bf2232e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017520.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4931fc86.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017521.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '490ca98e.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP25\A0017523.dll
[DETECTION] Is the TR/Killav.28714 Trojan
[NOTE] The file was moved to '4a6d7cb6.qua'!
C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP28\A0027750.exe
[DETECTION] Contains recognition pattern of the APPL/KillApplicat.A application
[NOTE] The file was moved to '490a7877.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Desktop\SmitfraudFix.exe.XXX
[NOTE] The file was moved to '4aa67cf3.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\ophcrack-win32-installer-3.1.0.exe
[NOTE] The file was moved to '4aa57cf6.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232(2).exe
[NOTE] The file was moved to '4a807ccc.qua'!
D:\Autobackup - HP_Administrateur - 9-06-2009\Archive\Documents\UTIL\DOWNL\PFCSetup1.0.232.exe
[NOTE] The file was moved to '49ee30b5.qua'!
D:\documents\VIDEOS\Setup.zip.XXX
[NOTE] The file was moved to '4ab17ceb.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034235.exe
[NOTE] The file was moved to '4a6d7cb7.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034238.exe
[NOTE] The file was moved to '49064998.qua'!
D:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP31\A0034239.exe
[NOTE] The file was moved to '49057030.qua'!


End of the scan: dimanche 21 juin 2009 02:19
Used time: 3:18:21 Hour(s)

The scan has been done completely.

41643 Scanned directories
1847938 Files were scanned
44 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
31 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
1847892 Files not concerned
62327 Archives were scanned
6 Warnings
33 Notes
184200 Objects were scanned with rootkit scan
0 Hidden objects were found

crystal disk info =
----------------------------------------------------------------------------
CrystalDiskInfo 2.7.4 (C) 2008-2009 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Media Center 2005 SP2 [5.1 Build 2600] (x86)
Date : 2009/06/21 10:01:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R/ICH10R/DO SATA RAID Controller [SCSI]
- ST3250824AS
- ST3250824AS
- HL-DT-ST DVDRRW GSA-H30L
- TSSTcorp DVD-ROM TS-H353A

-- Disk List ---------------------------------------------------------------
(1) ST3250824AS : 250.0 GB [0-0-0, pd1]
(2) ST3250824AS : 250.0 GB [1-0-1, pd1]

----------------------------------------------------------------------------
(1) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AHH
Serial Number : 9ND027KS
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Number of Sectors : 488397168
Rotation Rate : Inconnu
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12166 heures
Power On Count : 1492 x
Temparature : 39 C (102 F)
Health Status : Prudence
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 115 _99 __6 0000057ECBFA Taux Erreur en Lecture
03 _99 _98 __0 000000000000 Temps moyen mise en rotation
04 _98 _98 _20 00000000080D Décompte des cycles de mise en rotation
05 100 100 _36 000000000001 Nombre de secteurs réalloués
07 _72 _60 _30 000F0FF3CC50 Taux d'erreurs d'accès des têtes
09 _87 _87 __0 000000002F86 Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000005D4 Nombre total de cycles marche/arrêt du disque dur
BB __1 __1 __0 0000000000F5 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _61 _42 _45 000227140027 Température de l'air sur les disques Western Digital
C2 _39 _58 __0 000F00000027 Température
C3 _56 _46 __0 000000BD4762 Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 _71 _70 __0 000000000261 Nombre de secteurs "instables"
C6 _71 _70 __0 000000000261 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000011 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA _91 244 __0 000000000009 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 39 30 44 37 32 53 4B 00 00 00 40 04 00 2E 33
030: 48 41 20 48 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 48 00 40 00
0A0: FE 00 00 00 69 30 01 7C 23 40 69 30 01 3C 23 40
0B0: 3F 20 00 00 00 00 FE FE FE FF 00 00 00 D0 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 0A
110: 02 00 8A 00 7B 3C 04 03 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 B3

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 0F 00 73 63 FA CB 7E 05 00 00 00 03 02 00
010: 63 62 00 00 00 00 00 00 00 04 33 00 62 62 0D 08
020: 00 00 00 00 00 05 33 00 64 64 01 00 00 00 00 00
030: 00 07 0F 00 48 3C 50 CC F3 0F 0F 00 00 09 32 00
040: 57 57 86 2F 00 00 00 00 00 0A 13 00 64 64 00 00
050: 00 00 00 00 00 0C 33 00 63 63 D4 05 00 00 00 00
060: 00 BB 32 00 01 01 F5 00 00 00 00 00 00 BD 3A 00
070: 64 64 00 00 00 00 00 00 00 BE 22 00 3D 2A 27 00
080: 14 27 02 00 00 C2 22 00 27 3A 27 00 00 00 0F 00
090: 00 C3 1A 00 38 2E 62 47 BD 00 00 00 00 C5 12 00
0A0: 47 46 61 02 00 00 00 00 00 C6 10 00 47 46 61 02
0B0: 00 00 00 00 00 C7 3E 00 C8 C8 11 00 00 00 00 00
0C0: 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32 00
0D0: 5B F4 09 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 82 79 B1 01 00 5B 03
170: 00 01 2F 02 64 03 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 07 02 02 02 00 02 00 02 02 00 00
190: 00 00 00 01 00 00 01 B1 6A 46 1B 2F 00 00 00 01
1A0: 00 26 FB B8 F2 51 01 00 00 61 02 00 00 00 00 01
1B0: 00 00 00 B1 6A 46 1B 00 00 00 00 00 00 00 00 02
1C0: 00 01 00 00 00 11 00 00 00 E3 02 38 BA 01 00 00
1D0: 00 0B 8B 45 00 00 00 00 00 75 2F 00 00 00 00 C2
1E0: B3 01 00 01 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5F 00

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 00
010: 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 00
020: 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 00
030: 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 00
040: 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 00
050: 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 00
060: 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00 00
070: 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00 00
080: 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00 00
090: 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00 00
0A0: 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00
0B0: 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00 00
0C0: 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26 00

----------------------------------------------------------------------------
(2) ST3250824AS
----------------------------------------------------------------------------
Model : ST3250824AS
Firmware : 3.AHH
Serial Number : 4ND4ZKTT
Total Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
NV Cache Size : ----
Number of Sectors : 488397168
Rotation Rate : Inconnu
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12203 heures
Power On Count : 1492 x
Temparature : 37 C (98 F)
Health Status : Correct
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values Attribute Name
01 114 _95 __6 000003A1AB9D Taux Erreur en Lecture
03 _98 _98 __0 000000000000 Temps moyen mise en rotation
04 _99 _99 _20 000000000728 Décompte des cycles de mise en rotation
05 100 100 _36 000000000000 Nombre de secteurs réalloués
07 _87 _60 _30 000023A00A26 Taux d'erreurs d'accès des têtes
09 _87 _87 __0 000000002FAB Heures de Fonctionnement
0A 100 100 _97 000000000000 Nombre d'essais de relancement de la rotation
0C _99 _99 _20 0000000005D4 Nombre total de cycles marche/arrêt du disque dur
BB 100 100 __0 000000000000 Inconnu
BD 100 100 __0 000000000000 Inconnu
BE _63 _49 _45 000025140025 Température de l'air sur les disques Western Digital
C2 _37 _51 __0 000E00000025 Température
C3 _81 _49 __0 0000085284FE Temps entre les erreurs corrigées par code correcteur(codage basée sur la redondance)
C5 100 100 __0 000000000000 Nombre de secteurs "instables"
C6 100 100 __0 000000000000 Nombre total d'erreurs incorrigibles d'un secteur
C7 200 200 __0 000000000000 Nombre d'erreurs dans le transfert de données via le câble d'interface
C8 100 253 __0 000000000000 Nombre total d'erreurs à l'écriture d'un secteur
CA 100 253 __0 000000000000 Erreur de marquage des données d'adresses

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 0C FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 4E 34 34 44 4B 5A 54 54 00 00 00 40 04 00 2E 33
030: 48 41 20 48 20 20 54 53 32 33 30 35 32 38 41 34
040: 20 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 2F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 06 05 00 00 48 00 40 00
0A0: FE 00 00 00 69 30 01 7C 23 40 69 30 01 3C 23 40
0B0: 3F 20 00 00 00 00 FE FE FE FF 00 00 00 D0 00 00
0C0: 00 00 00 00 00 00 00 00 70 59 1C 1D 00 00 00 00
0D0: 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 70 59 1C 1D 70 59 1C 1D 20 20 02 00 B6 0A
110: 02 00 8A 00 7B 3C 04 03 00 00 C6 07 00 01 00 08
120: 0F 10 00 12 02 00 80 00 00 00 00 00 A0 00 02 02
130: 00 00 04 04 00 00 00 00 00 00 00 00 00 10 0B 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 6E

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 0F 00 72 5F 9D AB A1 03 00 00 00 03 02 00
010: 62 62 00 00 00 00 00 00 00 04 33 00 63 63 28 07
020: 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00 00
030: 00 07 0F 00 57 3C 26 0A A0 23 00 00 00 09 32 00
040: 57 57 AB 2F 00 00 00 00 00 0A 13 00 64 64 00 00
050: 00 00 00 00 00 0C 33 00 63 63 D4 05 00 00 00 00
060: 00 BB 32 00 64 64 00 00 00 00 00 00 00 BD 3A 00
070: 64 64 00 00 00 00 00 00 00 BE 22 00 3F 31 25 00
080: 14 25 00 00 00 C2 22 00 25 33 25 00 00 00 0E 00
090: 00 C3 1A 00 51 31 FE 84 52 08 00 00 00 C5 12 00
0A0: 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00 00
0B0: 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00
0C0: 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32 00
0D0: 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 82 00 B1 01 00 5B 03
170: 00 01 00 02 64 03 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 02 02 02 02 03 02 02 02 02 00 00
190: 00 00 00 01 00 00 01 F8 D8 83 13 00 00 00 00 01
1A0: 00 08 60 08 F9 52 01 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 F8 D8 83 13 00 00 00 00 00 00 00 00 02
1C0: 00 01 00 00 00 00 00 00 00 85 71 63 21 00 00 00
1D0: 00 B6 88 00 00 00 00 00 00 AA 2F 00 00 00 00 74
1E0: 10 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B 00

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 00
010: 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 00
020: 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 00
030: 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 00
040: 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 00
050: 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 00
060: 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00 00
070: 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00 00
080: 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00 00
090: 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00 00
0A0: 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00 00
0B0: 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00 00
0C0: 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26 00

   
Répondre à resbel

43

resbel, le 9 jui 2009 à 18:57:06

Windows ne peut formater le DD C.Or je n'ai pas les disquettes car HP media center intégré.
faut il aussi ,si possible, formater le DD E: qui contient recovery ?
Je pense de plus en plus acheter un boitier(storm de cool master ) pour tout réinstaller avec un nouveau DD de 500 GO.Salutations

   
Répondre à resbel
52 réponses 12 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide