Ralentissement, hijackthis, view hidden folde
Résolu/Fermé
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
-
15 févr. 2010 à 00:28
fobb Messages postés 47 Date d'inscription samedi 9 août 2008 Statut Membre Dernière intervention 25 février 2010 - 25 févr. 2010 à 12:03
fobb Messages postés 47 Date d'inscription samedi 9 août 2008 Statut Membre Dernière intervention 25 février 2010 - 25 févr. 2010 à 12:03
A voir également:
- Ralentissement, hijackthis, view hidden folde
- Voir sa maison sur google street view - Guide
- Ralentissement pc - Guide
- Winmend folder hidden - Télécharger - Confidentialité
- Wifi info view - Télécharger - Divers Réseau & Wi-Fi
- Google street view gratuit - Télécharger - Transports & Cartes
44 réponses
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
15 févr. 2010 à 01:09
15 févr. 2010 à 01:09
de plus je perçois que mon cpu roule toujours entre 95 et 100%
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
15 févr. 2010 à 01:56
15 févr. 2010 à 01:56
Bonsoir ,
• Télécharge ici : http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
• Double-clique sur RSIT.exe afin de lancer RSIT.
• Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
• Poste le contenu de log.txt ainsi que info.txt
( tu peux héberger les rapports ici http://www.cijoint.fr/ et me joindre dans ton prochain message le lien )
• Télécharge ici : http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
• Double-clique sur RSIT.exe afin de lancer RSIT.
• Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
• Poste le contenu de log.txt ainsi que info.txt
( tu peux héberger les rapports ici http://www.cijoint.fr/ et me joindre dans ton prochain message le lien )
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
15 févr. 2010 à 02:12
15 févr. 2010 à 02:12
Voilà les 2 rapports :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dumas at 2010-02-14 20:09:58
Microsoft Windows XP Professional Service Pack 3
System drive C: has 62 GB (53%) free of 117 GB
Total RAM: 511 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:39, on 2010-02-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\program files\windows live\messenger\msnmsgr .exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\mcafee.com\agent\mcagent .exe
c:\program files\analog devices\soundmax\smtray .exe
c:\program files\itunes\ituneshelper .exe
c:\program files\adobe\acrobat 9.0\acrobat\acrotray .exe
c:\program files\java\jre6\bin\jusched .exe
c:\windows\system32\rundll32 .exe
C:\Program Files\iPod\bin\iPodService.exe
c:\docume~1\dumas\locals~1\temp\mdm .exe
c:\documents and settings\dumas\liiteoq .exe
c:\docume~1\dumas\locals~1\temp\jcw1ovq .exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\documents and settings\dumas\rundll32 .exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dumas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Dumas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: C:\WINDOWS\system32\qt0l97.dll - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - C:\WINDOWS\system32\qt0l97.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [D-Link Wireless G WUA-1340] C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "c:\program files\quicktime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr .exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [liiteoq] C:\Documents and Settings\Dumas\liiteoq.exe
O4 - HKCU\..\Run: [uishf9wuifwuh387fh3wufinhjfdwefe] c:\docume~1\dumas\locals~1\temp\jcw1ovq .exe
O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] c:\docume~1\dumas\locals~1\temp\mdm .exe
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O22 - SharedTaskScheduler: 7whfiudhf8s7f3oifhif7syfdhsof - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - C:\WINDOWS\system32\qt0l97.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dumas at 2010-02-14 20:09:58
Microsoft Windows XP Professional Service Pack 3
System drive C: has 62 GB (53%) free of 117 GB
Total RAM: 511 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:39, on 2010-02-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\program files\windows live\messenger\msnmsgr .exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\mcafee.com\agent\mcagent .exe
c:\program files\analog devices\soundmax\smtray .exe
c:\program files\itunes\ituneshelper .exe
c:\program files\adobe\acrobat 9.0\acrobat\acrotray .exe
c:\program files\java\jre6\bin\jusched .exe
c:\windows\system32\rundll32 .exe
C:\Program Files\iPod\bin\iPodService.exe
c:\docume~1\dumas\locals~1\temp\mdm .exe
c:\documents and settings\dumas\liiteoq .exe
c:\docume~1\dumas\locals~1\temp\jcw1ovq .exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\documents and settings\dumas\rundll32 .exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dumas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Dumas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: C:\WINDOWS\system32\qt0l97.dll - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - C:\WINDOWS\system32\qt0l97.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [D-Link Wireless G WUA-1340] C:\Program Files\D-Link\Wireless G WUA-1340\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "c:\program files\quicktime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr .exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [liiteoq] C:\Documents and Settings\Dumas\liiteoq.exe
O4 - HKCU\..\Run: [uishf9wuifwuh387fh3wufinhjfdwefe] c:\docume~1\dumas\locals~1\temp\jcw1ovq .exe
O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] c:\docume~1\dumas\locals~1\temp\mdm .exe
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O22 - SharedTaskScheduler: 7whfiudhf8s7f3oifhif7syfdhsof - {A3BA40A2-74F0-42BD-F434-00B15A2C8953} - C:\WINDOWS\system32\qt0l97.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
15 févr. 2010 à 02:20
15 févr. 2010 à 02:20
Les rapports n'ont pas l'air complet le plus simple est de les héberger ici http://www.cijoint.fr/
Puis de marquer les liens dans ton prochain message
Puis de marquer les liens dans ton prochain message
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
15 févr. 2010 à 02:25
15 févr. 2010 à 02:25
pourquoi ne pas intervenir ici?
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
15 févr. 2010 à 10:45
15 févr. 2010 à 10:45
Bas oui c'est ce que je dis tu mets les liens dans ton prochain message ici mais il me faut les rapports complet la ils ne le sont pas
J'ai refait l'exercice et j'ai bien pris la peine de selectionner tout pour te copier l'entier du .txt :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dumas at 2010-02-15 11:22:55
Microsoft Windows XP Professional Service Pack 3
System drive C: has 62 GB (52%) free of 117 GB
Total RAM: 511 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:33, on 2010-02-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\rundll32.exe
c:\windows\system32\rundll32 .exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Documents and Settings\Dumas\Desktop\RSIT.exe
C:\Program Files\Windows Live\Messenger\msnmsgr .exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\Dumas.exe
c:\PROGRA~1\mcafee\msc\mcupdui.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe_Reader] c:\program files\internet explorer\wmpscfgs.exe
O4 - HKCU\..\Run: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr .exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dumas at 2010-02-15 11:22:55
Microsoft Windows XP Professional Service Pack 3
System drive C: has 62 GB (52%) free of 117 GB
Total RAM: 511 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:27:33, on 2010-02-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\rundll32.exe
c:\windows\system32\rundll32 .exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Documents and Settings\Dumas\Desktop\RSIT.exe
C:\Program Files\Windows Live\Messenger\msnmsgr .exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\Dumas.exe
c:\PROGRA~1\mcafee\msc\mcupdui.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe_Reader] c:\program files\internet explorer\wmpscfgs.exe
O4 - HKCU\..\Run: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr .exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
Maintenant je n'ai plus aucun fichier info.txt qui ouvre.... seulement le log.txt
J'ai nettoyé pas mal de chose avec le malwarebytes anti-malware...
j'ai utilisé spybot et Ccleaner aussi.
J'ai réussi à réactiver le folder option dans l'onglet tools qui était disparu pour avoir accès à mes dossiers cachés.
J'ai aussi réussi à réactiver le regedit dans run qui était impossible à ouvrir dû à un virus empêchant l'accès par l'administrateur.
Et aussi j'ai réussi à retrouver le system restore qui était impossible à avoir.
Mon systeme semble se porter mieux... faudrait voir avec vous s'il reste des choses à nettoyer.
Merci
J'ai nettoyé pas mal de chose avec le malwarebytes anti-malware...
j'ai utilisé spybot et Ccleaner aussi.
J'ai réussi à réactiver le folder option dans l'onglet tools qui était disparu pour avoir accès à mes dossiers cachés.
J'ai aussi réussi à réactiver le regedit dans run qui était impossible à ouvrir dû à un virus empêchant l'accès par l'administrateur.
Et aussi j'ai réussi à retrouver le system restore qui était impossible à avoir.
Mon systeme semble se porter mieux... faudrait voir avec vous s'il reste des choses à nettoyer.
Merci
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
15 févr. 2010 à 21:43
15 févr. 2010 à 21:43
Il me faut les deux rapports qui sont dans C:\RSIT , info.txt et log.txt .
Fais le scan et poste moi ces deux rapports puis je te dirais si tout va bien ou non mais d'après ce que j'ai vu il y aura un peu de boulot
Fais le scan et poste moi ces deux rapports puis je te dirais si tout va bien ou non mais d'après ce que j'ai vu il y aura un peu de boulot
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
15 févr. 2010 à 22:55
15 févr. 2010 à 22:55
Voici le permier :
info.txt logfile of random's system information tool 1.06 2010-02-15 16:50:35
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe Acrobat 9.3.0 - CPSID_52073-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe
ANIO Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Bookworm Deluxe-->"C:\Program Files\Zylom Games\Bookworm Deluxe\GameInstlr.exe" --uninstall UnInstall.log
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Linksys Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}\setup.exe" -l0xc0c
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{26AA53D5-1307-48F9-A80F-A4D25F5849D4}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SpeedSim-->C:\Program Files\SpeedSim\uninst.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
WebCam for MSN Messenger-->Rundll32.exe setupapi,InstallHinfSection DefaultUnInstall 128 C:\WINDOWS\INF\Athena.inf
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless G WUA-1340-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{71FD28F7-E697-40B4-8DC9-91E8B1B9AEE9}
Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
=====HijackThis Backups=====
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-06-27]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local [2009-06-27]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-12-21]
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-12-21]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-13]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-13]
O4 - HKCU\..\RunOnce: [SpybotDeletingD1399] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingA7282] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\RunOnce: [SpybotDeletingB1325] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon32.exe [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
O4 - HKCU\..\RunOnce: [SpybotDeletingB8659] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingC2945] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingC7211] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingA1362] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKCU\..\RunOnce: [SpybotDeletingD5532] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
O15 - Trusted Zone: http://*.buy-is2010.com (HKLM) [2010-02-14]
O15 - Trusted Zone: http://*.is10-soft-download.com [2010-02-14]
O15 - Trusted Zone: http://*.is-software-download25.com [2010-02-14]
O15 - Trusted Zone: http://*.buy-is2010.com [2010-02-14]
O15 - Trusted Zone: http://*.is-software-download.com [2010-02-14]
O15 - Trusted Zone: http://*.buy-internetsecurity10.com [2010-02-14]
O15 - Trusted Zone: http://*.buy-internetsecurity10.com (HKLM) [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2010-02-14]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = [2010-02-14]
R3 - Default URLSearchHook is missing [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.supernetforme.com/... [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-14]
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq] C:\Documents and Settings\Dumas\liiteoq.exe [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [uishf9wuifwuh387fh3wufinhjfdwefe] c:\docume~1\dumas\locals~1\temp\jcw1ovq .exe [2010-02-14]
O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] c:\docume~1\dumas\locals~1\temp\mdm .exe [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\Dumas\LOCALS~1\Temp\avp.exe [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-02-14]
======Security center information======
AV: McAfee VirusScan
FW: McAfee Personal Firewall
======System event log======
Computer Name: ED
Event Code: 7011
Message: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
Record Number: 142
Source Name: Service Control Manager
Time Written: 20091201193217.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1073
Message: The attempt to power off ED failed
Record Number: 134
Source Name: USER32
Time Written: 20091201192758.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ED
Event Code: 1009
Message: A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall.
.
Record Number: 131
Source Name: Dhcp
Time Written: 20091201095439.000000-300
Event Type: warning
User:
Computer Name: ED
Event Code: 1073
Message: The attempt to power off ED failed
Record Number: 128
Source Name: USER32
Time Written: 20091201094930.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ED
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Record Number: 125
Source Name: W32Time
Time Written: 20091130112048.000000-300
Event Type: warning
User:
=====Application event log=====
Computer Name: ED
Event Code: 1002
Message: Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10539
Source Name: Application Hang
Time Written: 20091212124432.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1002
Message: Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10538
Source Name: Application Hang
Time Written: 20091212124432.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1002
Message: Hanging application msnmsgr.exe, version 14.0.8089.726, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10505
Source Name: Application Hang
Time Written: 20091130214548.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1002
Message: Hanging application msnmsgr.exe, version 14.0.8089.726, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10504
Source Name: Application Hang
Time Written: 20091130214548.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Record Number: 10496
Source Name: Userenv
Time Written: 20091129110558.000000-300
Event Type: warning
User: ED\Dumas
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-02-15 16:50:35
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe Acrobat 9.3.0 - CPSID_52073-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe
ANIO Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Bookworm Deluxe-->"C:\Program Files\Zylom Games\Bookworm Deluxe\GameInstlr.exe" --uninstall UnInstall.log
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Linksys Wireless-G PCI Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}\setup.exe" -l0xc0c
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{26AA53D5-1307-48F9-A80F-A4D25F5849D4}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{9084040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SpeedSim-->C:\Program Files\SpeedSim\uninst.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
WebCam for MSN Messenger-->Rundll32.exe setupapi,InstallHinfSection DefaultUnInstall 128 C:\WINDOWS\INF\Athena.inf
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless G WUA-1340-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{71FD28F7-E697-40B4-8DC9-91E8B1B9AEE9}
Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
=====HijackThis Backups=====
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) [2009-06-27]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local [2009-06-27]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-12-21]
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-12-21]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-13]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-13]
O4 - HKCU\..\RunOnce: [SpybotDeletingD1399] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingA7282] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\RunOnce: [SpybotDeletingB1325] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon32.exe [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
O4 - HKCU\..\RunOnce: [SpybotDeletingB8659] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingC2945] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingC7211] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
O4 - HKLM\..\RunOnce: [SpybotDeletingA1362] command.com /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\csrss.exe_old" [2010-02-14]
O4 - HKCU\..\RunOnce: [SpybotDeletingD5532] cmd.exe /c del "C:\Documents and Settings\Dumas\Local Settings\Temp\login.exe_old" [2010-02-14]
O15 - Trusted Zone: http://*.buy-is2010.com (HKLM) [2010-02-14]
O15 - Trusted Zone: http://*.is10-soft-download.com [2010-02-14]
O15 - Trusted Zone: http://*.is-software-download25.com [2010-02-14]
O15 - Trusted Zone: http://*.buy-is2010.com [2010-02-14]
O15 - Trusted Zone: http://*.is-software-download.com [2010-02-14]
O15 - Trusted Zone: http://*.buy-internetsecurity10.com [2010-02-14]
O15 - Trusted Zone: http://*.buy-internetsecurity10.com (HKLM) [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2010-02-14]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = [2010-02-14]
R3 - Default URLSearchHook is missing [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.supernetforme.com/... [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq ] c:\documents and settings\dumas\liiteoq .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [toiovo] C:\Documents and Settings\Dumas\toiovo.exe [2010-02-14]
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [liiteoq] C:\Documents and Settings\Dumas\liiteoq.exe [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [uishf9wuifwuh387fh3wufinhjfdwefe] c:\docume~1\dumas\locals~1\temp\jcw1ovq .exe [2010-02-14]
O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] c:\docume~1\dumas\locals~1\temp\mdm .exe [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O4 - HKCU\..\Run: [asg984jgkfmgasi8ug98jgkfgfb] C:\DOCUME~1\Dumas\LOCALS~1\Temp\avp.exe [2010-02-14]
O4 - HKCU\..\Run: [Remote System Protection] rundll32.exe C:\WINDOWS\system32\qt0l97.dll, HUI_proc [2010-02-14]
O4 - HKCU\..\Run: [toiovo ] C:\Documents and Settings\Dumas\toiovo .exe [2010-02-14]
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 [2010-02-14]
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-02-14]
======Security center information======
AV: McAfee VirusScan
FW: McAfee Personal Firewall
======System event log======
Computer Name: ED
Event Code: 7011
Message: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
Record Number: 142
Source Name: Service Control Manager
Time Written: 20091201193217.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1073
Message: The attempt to power off ED failed
Record Number: 134
Source Name: USER32
Time Written: 20091201192758.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ED
Event Code: 1009
Message: A network error occurred when trying to send a message. The error code is: A blocking operation was interrupted by a call to WSACancelBlockingCall.
.
Record Number: 131
Source Name: Dhcp
Time Written: 20091201095439.000000-300
Event Type: warning
User:
Computer Name: ED
Event Code: 1073
Message: The attempt to power off ED failed
Record Number: 128
Source Name: USER32
Time Written: 20091201094930.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ED
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Record Number: 125
Source Name: W32Time
Time Written: 20091130112048.000000-300
Event Type: warning
User:
=====Application event log=====
Computer Name: ED
Event Code: 1002
Message: Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10539
Source Name: Application Hang
Time Written: 20091212124432.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1002
Message: Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10538
Source Name: Application Hang
Time Written: 20091212124432.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1002
Message: Hanging application msnmsgr.exe, version 14.0.8089.726, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10505
Source Name: Application Hang
Time Written: 20091130214548.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1002
Message: Hanging application msnmsgr.exe, version 14.0.8089.726, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 10504
Source Name: Application Hang
Time Written: 20091130214548.000000-300
Event Type: error
User:
Computer Name: ED
Event Code: 1524
Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Record Number: 10496
Source Name: Userenv
Time Written: 20091129110558.000000-300
Event Type: warning
User: ED\Dumas
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
15 févr. 2010 à 22:57
15 févr. 2010 à 22:57
Voici le deuxième :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dumas at 2010-02-15 16:49:31
Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (52%) free of 117 GB
Total RAM: 511 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:58, on 2010-02-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\rundll32.exe
c:\windows\system32\rundll32 .exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr .exe
c:\windows\system32\rundll32 .exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Dumas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Dumas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe_Reader] c:\program files\internet explorer\wmpscfgs.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: McAfee Application Installer Cleanup (0175841266251391) (0175841266251391mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\017584~1.EXE
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dumas at 2010-02-15 16:49:31
Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (52%) free of 117 GB
Total RAM: 511 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:58, on 2010-02-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\rundll32.exe
c:\windows\system32\rundll32 .exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr .exe
c:\windows\system32\rundll32 .exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Dumas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Dumas.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe_Reader] c:\program files\internet explorer\wmpscfgs.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: McAfee Application Installer Cleanup (0175841266251391) (0175841266251391mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\017584~1.EXE
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
16 févr. 2010 à 00:05
16 févr. 2010 à 00:05
Tu ma poster les anciens rapport refait un scan avec RSIT et ensuite poste les deux nouveaux rapports
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
16 févr. 2010 à 00:20
16 févr. 2010 à 00:20
Non il s'agit bien des nouveaux puisque j'avais effacé les anciens... ne te fis pas à l'heure indiquée!
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
16 févr. 2010 à 00:35
16 févr. 2010 à 00:35
Alors si ce sont les nouveaux les infections ne sont pas supprimés .
=> Telecharge Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
=> Double-clique dessus pour lancer l'installation
=> maintenant, demmare Lop S&D (sur ton bureau)
=> Selectionne Français puis appuie sur enter
=> choisis l'option 1.
=> attend la fin du scan puis copie le rapport ici et je te dirais quoi faire (le rapport ce trouve ici: C:\lopR.txt)
=> Telecharge Lop S&D https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
=> Double-clique dessus pour lancer l'installation
=> maintenant, demmare Lop S&D (sur ton bureau)
=> Selectionne Français puis appuie sur enter
=> choisis l'option 1.
=> attend la fin du scan puis copie le rapport ici et je te dirais quoi faire (le rapport ce trouve ici: C:\lopR.txt)
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
16 févr. 2010 à 00:51
16 févr. 2010 à 00:51
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Award Modular BIOS v6.0
USER : Dumas ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:114 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2010-02-15|18:42 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-03|19:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2008-10-09|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010-01-06|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2009-06-22|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2008-10-09|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-10-09|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-13|01:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[2009-06-27|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2009-12-01|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2009-11-06|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2010-02-10|03:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[2009-06-28|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[2009-06-22|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[2008-10-08|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[2010-02-15|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-10-07|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-10-07|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2009-06-23|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-11-08|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[2008-10-03|19:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2010-01-06|11:41] C:\DOCUME~1\Dumas\APPLIC~1\Adobe
[2009-06-25|14:31] C:\DOCUME~1\Dumas\APPLIC~1\Ahead
[2008-11-03|16:34] C:\DOCUME~1\Dumas\APPLIC~1\Apple Computer
[2009-09-19|20:33] C:\DOCUME~1\Dumas\APPLIC~1\Blitware
[2010-02-14|19:55] C:\DOCUME~1\Dumas\APPLIC~1\DNA
[2009-09-19|20:51] C:\DOCUME~1\Dumas\APPLIC~1\FotoWire
[2008-11-08|17:04] C:\DOCUME~1\Dumas\APPLIC~1\Identities
[2008-10-24|21:31] C:\DOCUME~1\Dumas\APPLIC~1\Macromedia
[2009-06-27|14:42] C:\DOCUME~1\Dumas\APPLIC~1\Malwarebytes
[2009-11-28|11:32] C:\DOCUME~1\Dumas\APPLIC~1\Microsoft
[2008-10-07|10:35] C:\DOCUME~1\Dumas\APPLIC~1\Mozilla
[2009-06-22|18:13] C:\DOCUME~1\Dumas\APPLIC~1\River Past G5
[2008-11-28|13:06] C:\DOCUME~1\Dumas\APPLIC~1\SpeedSim
[2009-06-27|00:56] C:\DOCUME~1\Dumas\APPLIC~1\Sun
[2009-01-05|21:22] C:\DOCUME~1\Dumas\APPLIC~1\WinRAR
[2008-11-08|17:04] C:\DOCUME~1\Dumas\APPLIC~1\Zylom
[2009-12-01|19:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[2010-01-13|07:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2009-11-29|14:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore
[2008-10-03|19:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At24.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At23.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At22.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At21.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At20.job
[2010-02-15 18:00][--a------] C:\WINDOWS\tasks\At19.job
[2010-02-15 17:00][--a------] C:\WINDOWS\tasks\At18.job
[2010-02-15 16:00][--a------] C:\WINDOWS\tasks\At17.job
[2010-02-15 15:00][--a------] C:\WINDOWS\tasks\At16.job
[2010-02-15 14:00][--a------] C:\WINDOWS\tasks\At15.job
[2010-02-15 13:00][--a------] C:\WINDOWS\tasks\At14.job
[2010-02-15 12:00][--a------] C:\WINDOWS\tasks\At13.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At12.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At11.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At10.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At9.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At8.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At7.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At6.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At5.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At4.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At3.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At2.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At1.job
[2010-02-14 02:58][--a------] C:\WINDOWS\tasks\Driver Robot.job
[2010-02-15 01:22][--a------] C:\WINDOWS\tasks\McDefragTask.job
[2010-02-01 01:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[2010-02-15 11:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-04 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-10|11:40] C:\Program Files\Adobe
[2009-06-22|18:10] C:\Program Files\Ahead
[2008-10-08|05:16] C:\Program Files\Analog Devices
[2008-10-07|10:20] C:\Program Files\ANI
[2008-10-09|12:21] C:\Program Files\Apple Software Update
[2008-10-09|12:22] C:\Program Files\Bonjour
[2009-06-27|14:30] C:\Program Files\CCleaner
[2010-01-06|11:36] C:\Program Files\Common Files
[2008-10-03|19:08] C:\Program Files\ComPlus Applications
[2009-09-19|20:52] C:\Program Files\directx
[2008-10-07|10:19] C:\Program Files\D-Link
[2008-10-08|05:16] C:\Program Files\InstallShield Installation Information
[2010-02-15|11:19] C:\Program Files\Internet Explorer
[2008-10-09|12:22] C:\Program Files\iPod
[2010-02-14|23:02] C:\Program Files\iTunes
[2010-01-03|16:36] C:\Program Files\Java
[2009-01-06|19:14] C:\Program Files\Kutoka
[2008-10-07|12:52] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[2009-09-19|20:51] C:\Program Files\Logitech
[2010-02-13|20:53] C:\Program Files\Malwarebytes' Anti-Malware
[2010-02-15|11:27] C:\Program Files\McAfee
[2008-10-07|10:40] C:\Program Files\McAfee.com
[2008-10-09|01:31] C:\Program Files\Messenger
[2009-11-06|17:16] C:\Program Files\Microsoft
[2008-10-03|19:12] C:\Program Files\microsoft frontpage
[2009-02-11|20:32] C:\Program Files\Microsoft Office
[2010-01-23|03:19] C:\Program Files\Microsoft Silverlight
[2009-02-11|20:32] C:\Program Files\Microsoft Visual Studio
[2009-11-10|03:07] C:\Program Files\Microsoft Works
[2008-10-08|13:09] C:\Program Files\Movie Maker
[2010-02-15|11:18] C:\Program Files\Mozilla Firefox
[2009-08-21|02:14] C:\Program Files\MSBuild
[2008-10-09|12:09] C:\Program Files\MSECache
[2009-07-28|19:48] C:\Program Files\MSN
[2008-10-03|19:07] C:\Program Files\MSN Gaming Zone
[2009-06-30|02:01] C:\Program Files\MSXML 4.0
[2008-10-08|13:05] C:\Program Files\NetMeeting
[2008-10-03|19:10] C:\Program Files\Online Services
[2009-08-13|02:07] C:\Program Files\Outlook Express
[2010-02-14|23:02] C:\Program Files\QuickTime
[2009-08-21|02:14] C:\Program Files\Reference Assemblies
[2008-12-06|20:29] C:\Program Files\SpeedSim
[2009-12-21|11:10] C:\Program Files\Spybot - Search & Destroy
[2009-06-27|14:30] C:\Program Files\Trend Micro
[2008-10-03|20:48] C:\Program Files\Uninstall Information
[2009-11-06|17:16] C:\Program Files\Windows Live
[2009-11-06|17:16] C:\Program Files\Windows Live SkyDrive
[2009-12-21|16:15] C:\Program Files\Windows Media Connect 2
[2009-12-21|16:35] C:\Program Files\Windows Media Player
[2008-10-08|13:04] C:\Program Files\Windows NT
[2008-10-03|19:10] C:\Program Files\WindowsUpdate
[2009-01-05|21:21] C:\Program Files\WinRAR
[2008-10-03|19:12] C:\Program Files\xerox
[2010-02-11|04:55] C:\Program Files\Xvid
[2009-06-22|18:10] C:\Program Files\Yahoo!
[2008-11-08|17:04] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[2010-01-18|19:23] C:\Program Files\Common Files\Adobe
[2009-06-22|11:21] C:\Program Files\Common Files\Ahead
[2010-02-15|18:32] C:\Program Files\Common Files\Akamai
[2008-10-13|14:25] C:\Program Files\Common Files\Apple
[2009-02-11|20:32] C:\Program Files\Common Files\DESIGNER
[2009-09-19|20:51] C:\Program Files\Common Files\FotoWire
[2008-10-07|10:20] C:\Program Files\Common Files\InstallShield
[2009-09-19|20:51] C:\Program Files\Common Files\Logitech
[2010-01-06|11:36] C:\Program Files\Common Files\Macrovision Shared
[2008-10-07|10:40] C:\Program Files\Common Files\McAfee
[2009-11-10|03:08] C:\Program Files\Common Files\Microsoft Shared
[2008-10-03|19:09] C:\Program Files\Common Files\MSSoap
[2008-10-03|14:58] C:\Program Files\Common Files\ODBC
[2008-10-03|19:09] C:\Program Files\Common Files\Services
[2008-10-03|14:58] C:\Program Files\Common Files\SpeechEngines
[2009-11-10|03:03] C:\Program Files\Common Files\System
[2009-11-01|13:15] C:\Program Files\Common Files\Windows Live
[2008-10-07|11:22] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 36 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-15 18:47:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Dumas\Desktop\Musique T‚l‚charg‚e … bobby\Abba-.The.Definitive.Collection\The Definitive Collection Disc 2\12 The Visitors (Crackin' Up).mp3
C:\DOCUME~1\Dumas\Desktop\Musique T‚l‚charg‚e … bobby\Metadata\Simcity 4 Deluxe Edition Serial Nocd Crack Sim City.rar.xml
C:\DOCUME~1\Dumas\Desktop\Musique T‚l‚charg‚e … bobby\Metadata\WarCraft.3.The.Frozen.Throne.v1.18.No-CD.Crack.AmAdEuS.rar.xml
[F:85][D:6]-> C:\DOCUME~1\Dumas\LOCALS~1\Temp
[F:14][D:0]-> C:\DOCUME~1\Dumas\Cookies
[F:96][D:4]-> C:\DOCUME~1\Dumas\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2010-02-15|18:50 - Option : [1]
--------------------\\ Fin du rapport a 18:50:05
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 2.40GHz )
BIOS : Award Modular BIOS v6.0
USER : Dumas ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:114 Go (Free:59 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2010-02-15|18:42 )
--------------------\\ Listing des dossiers dans APPLIC~1
[2008-10-03|19:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2008-10-09|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010-01-06|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[2009-06-22|18:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[2008-10-09|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-10-09|12:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-10-13|01:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
[2009-06-27|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[2009-12-01|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[2009-11-06|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2010-02-10|03:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[2009-06-28|18:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
[2009-06-22|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\River Past G5
[2008-10-08|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SiteAdvisor
[2010-02-15|08:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[2008-10-07|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[2008-10-07|11:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[2009-06-23|11:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[2008-11-08|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[2008-10-03|19:11] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2010-01-06|11:41] C:\DOCUME~1\Dumas\APPLIC~1\Adobe
[2009-06-25|14:31] C:\DOCUME~1\Dumas\APPLIC~1\Ahead
[2008-11-03|16:34] C:\DOCUME~1\Dumas\APPLIC~1\Apple Computer
[2009-09-19|20:33] C:\DOCUME~1\Dumas\APPLIC~1\Blitware
[2010-02-14|19:55] C:\DOCUME~1\Dumas\APPLIC~1\DNA
[2009-09-19|20:51] C:\DOCUME~1\Dumas\APPLIC~1\FotoWire
[2008-11-08|17:04] C:\DOCUME~1\Dumas\APPLIC~1\Identities
[2008-10-24|21:31] C:\DOCUME~1\Dumas\APPLIC~1\Macromedia
[2009-06-27|14:42] C:\DOCUME~1\Dumas\APPLIC~1\Malwarebytes
[2009-11-28|11:32] C:\DOCUME~1\Dumas\APPLIC~1\Microsoft
[2008-10-07|10:35] C:\DOCUME~1\Dumas\APPLIC~1\Mozilla
[2009-06-22|18:13] C:\DOCUME~1\Dumas\APPLIC~1\River Past G5
[2008-11-28|13:06] C:\DOCUME~1\Dumas\APPLIC~1\SpeedSim
[2009-06-27|00:56] C:\DOCUME~1\Dumas\APPLIC~1\Sun
[2009-01-05|21:22] C:\DOCUME~1\Dumas\APPLIC~1\WinRAR
[2008-11-08|17:04] C:\DOCUME~1\Dumas\APPLIC~1\Zylom
[2009-12-01|19:41] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee
[2010-01-13|07:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[2009-11-29|14:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\SACore
[2008-10-03|19:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At24.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At23.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At22.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At21.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At20.job
[2010-02-15 18:00][--a------] C:\WINDOWS\tasks\At19.job
[2010-02-15 17:00][--a------] C:\WINDOWS\tasks\At18.job
[2010-02-15 16:00][--a------] C:\WINDOWS\tasks\At17.job
[2010-02-15 15:00][--a------] C:\WINDOWS\tasks\At16.job
[2010-02-15 14:00][--a------] C:\WINDOWS\tasks\At15.job
[2010-02-15 13:00][--a------] C:\WINDOWS\tasks\At14.job
[2010-02-15 12:00][--a------] C:\WINDOWS\tasks\At13.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At12.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At11.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At10.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At9.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At8.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At7.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At6.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At5.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At4.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At3.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At2.job
[2010-02-15 11:19][--a------] C:\WINDOWS\tasks\At1.job
[2010-02-14 02:58][--a------] C:\WINDOWS\tasks\Driver Robot.job
[2010-02-15 01:22][--a------] C:\WINDOWS\tasks\McDefragTask.job
[2010-02-01 01:00][--a------] C:\WINDOWS\tasks\McQcTask.job
[2010-02-15 11:14][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-04 07:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[2008-10-10|11:40] C:\Program Files\Adobe
[2009-06-22|18:10] C:\Program Files\Ahead
[2008-10-08|05:16] C:\Program Files\Analog Devices
[2008-10-07|10:20] C:\Program Files\ANI
[2008-10-09|12:21] C:\Program Files\Apple Software Update
[2008-10-09|12:22] C:\Program Files\Bonjour
[2009-06-27|14:30] C:\Program Files\CCleaner
[2010-01-06|11:36] C:\Program Files\Common Files
[2008-10-03|19:08] C:\Program Files\ComPlus Applications
[2009-09-19|20:52] C:\Program Files\directx
[2008-10-07|10:19] C:\Program Files\D-Link
[2008-10-08|05:16] C:\Program Files\InstallShield Installation Information
[2010-02-15|11:19] C:\Program Files\Internet Explorer
[2008-10-09|12:22] C:\Program Files\iPod
[2010-02-14|23:02] C:\Program Files\iTunes
[2010-01-03|16:36] C:\Program Files\Java
[2009-01-06|19:14] C:\Program Files\Kutoka
[2008-10-07|12:52] C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor
[2009-09-19|20:51] C:\Program Files\Logitech
[2010-02-13|20:53] C:\Program Files\Malwarebytes' Anti-Malware
[2010-02-15|11:27] C:\Program Files\McAfee
[2008-10-07|10:40] C:\Program Files\McAfee.com
[2008-10-09|01:31] C:\Program Files\Messenger
[2009-11-06|17:16] C:\Program Files\Microsoft
[2008-10-03|19:12] C:\Program Files\microsoft frontpage
[2009-02-11|20:32] C:\Program Files\Microsoft Office
[2010-01-23|03:19] C:\Program Files\Microsoft Silverlight
[2009-02-11|20:32] C:\Program Files\Microsoft Visual Studio
[2009-11-10|03:07] C:\Program Files\Microsoft Works
[2008-10-08|13:09] C:\Program Files\Movie Maker
[2010-02-15|11:18] C:\Program Files\Mozilla Firefox
[2009-08-21|02:14] C:\Program Files\MSBuild
[2008-10-09|12:09] C:\Program Files\MSECache
[2009-07-28|19:48] C:\Program Files\MSN
[2008-10-03|19:07] C:\Program Files\MSN Gaming Zone
[2009-06-30|02:01] C:\Program Files\MSXML 4.0
[2008-10-08|13:05] C:\Program Files\NetMeeting
[2008-10-03|19:10] C:\Program Files\Online Services
[2009-08-13|02:07] C:\Program Files\Outlook Express
[2010-02-14|23:02] C:\Program Files\QuickTime
[2009-08-21|02:14] C:\Program Files\Reference Assemblies
[2008-12-06|20:29] C:\Program Files\SpeedSim
[2009-12-21|11:10] C:\Program Files\Spybot - Search & Destroy
[2009-06-27|14:30] C:\Program Files\Trend Micro
[2008-10-03|20:48] C:\Program Files\Uninstall Information
[2009-11-06|17:16] C:\Program Files\Windows Live
[2009-11-06|17:16] C:\Program Files\Windows Live SkyDrive
[2009-12-21|16:15] C:\Program Files\Windows Media Connect 2
[2009-12-21|16:35] C:\Program Files\Windows Media Player
[2008-10-08|13:04] C:\Program Files\Windows NT
[2008-10-03|19:10] C:\Program Files\WindowsUpdate
[2009-01-05|21:21] C:\Program Files\WinRAR
[2008-10-03|19:12] C:\Program Files\xerox
[2010-02-11|04:55] C:\Program Files\Xvid
[2009-06-22|18:10] C:\Program Files\Yahoo!
[2008-11-08|17:04] C:\Program Files\Zylom Games
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[2010-01-18|19:23] C:\Program Files\Common Files\Adobe
[2009-06-22|11:21] C:\Program Files\Common Files\Ahead
[2010-02-15|18:32] C:\Program Files\Common Files\Akamai
[2008-10-13|14:25] C:\Program Files\Common Files\Apple
[2009-02-11|20:32] C:\Program Files\Common Files\DESIGNER
[2009-09-19|20:51] C:\Program Files\Common Files\FotoWire
[2008-10-07|10:20] C:\Program Files\Common Files\InstallShield
[2009-09-19|20:51] C:\Program Files\Common Files\Logitech
[2010-01-06|11:36] C:\Program Files\Common Files\Macrovision Shared
[2008-10-07|10:40] C:\Program Files\Common Files\McAfee
[2009-11-10|03:08] C:\Program Files\Common Files\Microsoft Shared
[2008-10-03|19:09] C:\Program Files\Common Files\MSSoap
[2008-10-03|14:58] C:\Program Files\Common Files\ODBC
[2008-10-03|19:09] C:\Program Files\Common Files\Services
[2008-10-03|14:58] C:\Program Files\Common Files\SpeechEngines
[2009-11-10|03:03] C:\Program Files\Common Files\System
[2009-11-01|13:15] C:\Program Files\Common Files\Windows Live
[2008-10-07|11:22] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 36 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-15 18:47:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1
--------------------\\ Recherche d'autres infections
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Dumas\Desktop\Musique T‚l‚charg‚e … bobby\Abba-.The.Definitive.Collection\The Definitive Collection Disc 2\12 The Visitors (Crackin' Up).mp3
C:\DOCUME~1\Dumas\Desktop\Musique T‚l‚charg‚e … bobby\Metadata\Simcity 4 Deluxe Edition Serial Nocd Crack Sim City.rar.xml
C:\DOCUME~1\Dumas\Desktop\Musique T‚l‚charg‚e … bobby\Metadata\WarCraft.3.The.Frozen.Throne.v1.18.No-CD.Crack.AmAdEuS.rar.xml
[F:85][D:6]-> C:\DOCUME~1\Dumas\LOCALS~1\Temp
[F:14][D:0]-> C:\DOCUME~1\Dumas\Cookies
[F:96][D:4]-> C:\DOCUME~1\Dumas\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 2010-02-15|18:50 - Option : [1]
--------------------\\ Fin du rapport a 18:50:05
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
16 févr. 2010 à 01:19
16 févr. 2010 à 01:19
* Téléchargez OTMoveIt2 de OldTimer. http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
* Sauvegardez le sur ton Bureau.
* Double-Cliquez sur OTMoveIt.exe pour le lancer.
* Copiez le chemin des fichiers ci-dessous en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionnez, clique-droit et choisissez Copier) :[/list]
o [kill explorer]
o %windir%\Tasks\At*.job
o [start explorer]
* Retournez dans OTMoveit, faites un clique-droit dans la fenêtre Paste List of Files/Folders to be moved et choisis Coller.
* Cliquez sur le bouton rouge Moveit!.
* Fermez OTMoveIt.
Note : Si un fichier ou un dossier ne peut être déplacé immédiatement, il vous sera demandé de redémarrer l'ordinateur pour finir le processus. Si c'est le cas, choisissez Yes.
Si ce n'est pas le cas, redémarrez l'ordinateur manuellement.
Poste le rapport OTMOVEIT dans ton prochain message
Puis
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]combofix.exe[/url] et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Eventuellement, installe la console de récupération comme cela est conseillé
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
* Sauvegardez le sur ton Bureau.
* Double-Cliquez sur OTMoveIt.exe pour le lancer.
* Copiez le chemin des fichiers ci-dessous en selectionnant TOUT et en appuyant sur CTRL+C (ou, après avoir sélectionnez, clique-droit et choisissez Copier) :[/list]
o [kill explorer]
o %windir%\Tasks\At*.job
o [start explorer]
* Retournez dans OTMoveit, faites un clique-droit dans la fenêtre Paste List of Files/Folders to be moved et choisis Coller.
* Cliquez sur le bouton rouge Moveit!.
* Fermez OTMoveIt.
Note : Si un fichier ou un dossier ne peut être déplacé immédiatement, il vous sera demandé de redémarrer l'ordinateur pour finir le processus. Si c'est le cas, choisissez Yes.
Si ce n'est pas le cas, redémarrez l'ordinateur manuellement.
Poste le rapport OTMOVEIT dans ton prochain message
Puis
Désactive les logiciels de protection (Antivirus, Antispywares) puis :
Télécharge Combofix sUBs : [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]combofix.exe[/url] et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.
Eventuellement, installe la console de récupération comme cela est conseillé
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.
Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
16 févr. 2010 à 04:32
16 févr. 2010 à 04:32
Concernant la premiere demande avec OTMoveIt2 :
J'ai rentré ces trois termes comme demandé...
[kill explorer]
%windir%\Tasks\At*.job
[start explorer]
quand j'ai lancé le tout le programme a gelé...
J'ai redémarré, je suis allé voir dans C:\_OTMoveIt\MovedFiles\02152010_204605\WINDOWS\Tasks
et ai vu que tout les fichiers at*.jobs'y trouvaient...
par contre, rien sur kill explorer et rien sur start explorer...
Quand je relance le programme il gèle encore... je peux voir qu'il gèle sur start explorer.
Oû devrais-je avoir le rapport que vous demandez?
J'ai rentré ces trois termes comme demandé...
[kill explorer]
%windir%\Tasks\At*.job
[start explorer]
quand j'ai lancé le tout le programme a gelé...
J'ai redémarré, je suis allé voir dans C:\_OTMoveIt\MovedFiles\02152010_204605\WINDOWS\Tasks
et ai vu que tout les fichiers at*.jobs'y trouvaient...
par contre, rien sur kill explorer et rien sur start explorer...
Quand je relance le programme il gèle encore... je peux voir qu'il gèle sur start explorer.
Oû devrais-je avoir le rapport que vous demandez?
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
16 févr. 2010 à 10:28
16 févr. 2010 à 10:28
Essai ce script :
:Processes
explorer.exe
:Files
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
:Commands
[emptytemp]
[start explorer]
[Reboot]
:Processes
explorer.exe
:Files
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
:Commands
[emptytemp]
[start explorer]
[Reboot]
fobb
Messages postés
47
Date d'inscription
samedi 9 août 2008
Statut
Membre
Dernière intervention
25 février 2010
16 févr. 2010 à 17:06
16 févr. 2010 à 17:06
vous voulez dire de coller le tout dans OTmoveit2 et d'y aller par le bouton rouge move it?
N.B. je tiens seulement à mentionner que votre lien pour aller downloader OTMoveit2 n'est plus valide... je suis allé le chercher moi-même ailleurs... aussi le lien /list n'est plus fonctionnel également.
N.B. je tiens seulement à mentionner que votre lien pour aller downloader OTMoveit2 n'est plus valide... je suis allé le chercher moi-même ailleurs... aussi le lien /list n'est plus fonctionnel également.
truecode
Messages postés
2092
Date d'inscription
vendredi 29 janvier 2010
Statut
Membre
Dernière intervention
22 septembre 2013
86
16 févr. 2010 à 22:35
16 févr. 2010 à 22:35
Oui c'est ce que je voulais dire et merci pour le lien je vais l'actualiser .
