|
Informations |
Messages |
|
scando
137 messages
Carte Graphique 3D
|
 Le 02 Juin 2011 à 21h20
Bjr,
Je pense que je dois avoir un virus ou alors une fausse manip car depuis ce matin, impossible d'allé sur mon poste de travail afin de recuperer un fichier sur une cle USB.
Chaque fois que j essai d'y acceder mon ecran devient tout bleu et la seule solution est de redemarrer l ordi .
J ai essayé 25 fois sans succes ... Impossible de lire une cle USB .
J ai fais Ccleaner rien de plus ...
merci de votre aide
Tres cordialement |
| |
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 02 Juin 2011 à 21h52
FICHIER RAMDOW
Log.txt
Logfile of random's system information tool 1.08 (written by random/random)
Run by tz9dnh at 2011-06-02 21:46:15
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 13 GB (18%) free of 76 GB
Total RAM: 1918 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:46:38, on 02/06/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SAgent.exe
C:\WINDOWS\System32\SUProxy.exe
c:\winnt\system32\netmon.exe
C:\WINDOWS\EDS\SDT\SDT.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\mnmsrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\program files\Self Service Tool\SelfServiceTool.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegakeyUpdater.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\tz9dnh\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\tz9dnh.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.delphiauto.net/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: MegaIeHelperBHO - {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegaIeHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SST] c:\program files\Self Service Tool\SelfServiceTool.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Megakey] C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.exe /Tray
O4 - HKCU\..\Run: [MegakeyUpdater] C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegakeyUpdater.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Capture Web Page - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\CaptureWebPage.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fetch to Megaupload - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegaUpload.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\megamedia\megakey\msadm.dll
O10 - Unknown file in Winsock LSP: c:\documents and settings\all users\application data\megamedia\megakey\msadm.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.delphiauto.net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269444230721
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Europe.DelphiAuto.net
O17 - HKLM\Software\..\Telephony: DomainName = Europe.DelphiAuto.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Europe.DelphiAuto.net
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = europe.delphiauto.net,frcer.europe.delphiauto.net,ectc.delcoelect.com,northamerica.de lphiauto.net,delphiauto.net,delphiauto.com,delcoelect.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Europe.DelphiAuto.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = europe.delphiauto.net,frcer.europe.delphiauto.net,ectc.delcoelect.com,northamerica.de lphiauto.net,delphiauto.net,delphiauto.com,delcoelect.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = europe.delphiauto.net,frcer.europe.delphiauto.net,ectc.delcoelect.com,northamerica.de lphiauto.net,delphiauto.net,delphiauto.com,delcoelect.com
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Delphi Security Agent Service (Delphi Security Agent) - Delphi - C:\WINDOWS\System32\SAgent.exe
O23 - Service: Delphi Security Proxy - Delphi - C:\WINDOWS\System32\SUProxy.exe
O23 - Service: EDS Configuration Manager - Electronic Data Systems - C:\WINDOWS\EDS\SDT\SDT.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 10636 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic Defrag at Idle.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-813497703-1202660629-65700Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-507921405-813497703-1202660629-65700UA.job
C:\WINDOWS\tasks\Manual Defrag.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Run Backup.job
C:\WINDOWS\tasks\Run Client Information.job
C:\WINDOWS\tasks\Set IP Renew.job
C:\WINDOWS\tasks\Set Power Mode.job
C:\WINDOWS\tasks\Set Telephon Mode.job
C:\WINDOWS\tasks\Set Time Zone.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77F4E711-789B-447F-9614-96759B2F83C6}]
MegaIeHelperBHO Class - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegaIeHelper.dll [2011-01-13 64000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2010-08-25 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-03-18 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"SST"=c:\program files\Self Service Tool\SelfServiceTool.exe [2009-02-19 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2009-10-07 2498560]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2010-08-25 124224]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2009-05-18 136512]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Megakey"=C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.exe [2011-01-13 2593280]
"MegakeyUpdater"=C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegakeyUpdater.exe [2011-01-13 64000]
"Google Update"=C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-23 136176]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-29 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-11 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHoo ks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-25 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineServ ice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=Secure System Login
"legalnoticetext"=User activity may be monitored by system personnel according to the applicable laws and policies in each country of Europe. Be advised if possible criminal activity is detected systems records may be provided to law enforcement officials according to the applicable laws and policies in each country of Europe. Use of computer software on any Delphi computer system without first acquiring the appropriate licensing to use this software is strictly prohibited by Delphi.
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoWindowsUpdate"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoOnlinePrintsWizard"=1
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office Communicator\communicator.exe"="C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Office Communicator"
"C:\WINDOWS\EDS\Setup\vnc\winvnc4.exe"="C:\WINDOWS\EDS\Setup\vnc\winvnc4.exe:*:Enabled:WinVNC"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2011-06-02 21:46:15 ----D---- C:\rsit
2011-06-02 21:46:15 ----D---- C:\Program Files\trend micro
2011-06-02 21:19:37 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-06-02 21:11:16 ----D---- C:\WINDOWS\LastGood
2011-06-02 21:10:53 ----D---- C:\Program Files\Microsoft Security Client
2011-06-02 20:07:13 ----D---- C:\Documents and Settings\tz9dnh\Application Data\Malwarebytes
2011-06-02 19:57:49 ----A---- C:\Ad-Report-CLEAN[2].txt
2011-06-02 19:53:37 ----A---- C:\Ad-Report-SCAN[2].txt
2011-06-01 20:13:23 ----D---- C:\Program Files\Pando Networks
2011-05-31 22:38:37 ----D---- C:\Documents and Settings\tz9dnh\Application Data\MAGIX
2011-05-31 22:37:57 ----D---- C:\Program Files\Common Files\MAGIX Shared
2011-05-31 22:29:19 ----D---- C:\Documents and Settings\All Users\Application Data\MAGIX
2011-05-31 22:26:02 ----D---- C:\Documents and Settings\tz9dnh\Application Data\GetRightToGo
2011-05-31 15:57:47 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2011-05-28 11:20:48 ----D---- C:\Program Files\CamStudio
2011-05-28 11:11:21 ----D---- C:\Documents and Settings\tz9dnh\Application Data\DVDVideoSoft
2011-05-28 11:11:02 ----D---- C:\Program Files\Common Files\Plasmoo
2011-05-28 11:10:57 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-05-28 11:10:56 ----D---- C:\Program Files\DVDVideoSoft
2011-05-28 11:09:58 ----D---- C:\Program Files\Pamus MP3 Recorder
2011-05-18 20:25:32 ----D---- C:\WINDOWS\Minidump
======List of files/folders modified in the last 1 months======
2011-06-02 21:46:35 ----D---- C:\WINDOWS\Temp
2011-06-02 21:46:35 ----D---- C:\WINDOWS\Prefetch
2011-06-02 21:46:15 ----RD---- C:\Program Files
2011-06-02 21:20:06 ----SD---- C:\WINDOWS\Tasks
2011-06-02 21:19:37 ----D---- C:\WINDOWS\system32
2011-06-02 21:11:55 ----AD---- C:\WINDOWS
2011-06-02 21:11:41 ----SHD---- C:\WINDOWS\Installer
2011-06-02 21:11:41 ----HD---- C:\Config.Msi
2011-06-02 21:11:16 ----HD---- C:\WINDOWS\inf
2011-06-02 21:11:16 ----D---- C:\WINDOWS\system32\drivers
2011-06-02 21:11:14 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-02 21:11:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-06-02 21:07:54 ----A---- C:\WINDOWS\smscfg.ini
2011-06-02 21:06:08 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D330 MDC V.92 Modem.txt
2011-06-02 21:04:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-06-02 20:56:54 ----SHD---- C:\WINDOWS\CSC
2011-06-02 20:07:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-06-01 20:26:36 ----D---- C:\Program Files\Common Files
2011-05-31 23:21:12 ----D---- C:\Quarantine
2011-05-31 22:37:57 ----RSD---- C:\WINDOWS\Fonts
2011-05-31 22:30:21 ----SD---- C:\Documents and Settings\tz9dnh\Application Data\Microsoft
2011-05-31 22:28:31 ----D---- C:\WINDOWS\WinSxS
2011-05-31 21:42:20 ----D---- C:\Program Files\Common Files\Adobe
2011-05-30 11:30:12 ----D---- C:\Documents and Settings\tz9dnh\Application Data\Adobe
2011-05-06 19:26:06 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 a320raid;a320raid; C:\WINDOWS\system32\DRIVERS\a320raid.sys [2004-05-08 251194]
R0 aac;PERC 320/DC SCSI RAID Miniport Driver; C:\WINDOWS\system32\DRIVERS\aac.sys [2004-04-07 48140]
R0 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-09 105472]
R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-04-25 871040]
R0 megasas;megasas; C:\WINDOWS\system32\DRIVERS\megasas.sys [2006-04-18 17664]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-08-25 344712]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 symmpi;symmpi; C:\WINDOWS\system32\drivers\symmpi.sys [2007-04-19 103552]
R1 mfetdik;McAfee Inc. mfetdik; C:\WINDOWS\system32\drivers\mfetdik.sys [2010-08-25 64208]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl83e593bd;MpKsl83e593bd; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0485D5A6-2B93-4386-80FE-3CB5444172D7}\MpKsl83e593bd.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-06-26 155136]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-29 1975808]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-12-10 187392]
R3 BCM43XX;DW WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-10-07 2649216]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-03 989696]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-03 209152]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-08-25 76024]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2010-08-25 91896]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2010-08-25 43192]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-03 730112]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-28 4609024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2010-08-25 66536]
S3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\system32\CCM\prepdrv.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-29 446464]
R2 CCMEXEC;SMS Agent Host; C:\WINDOWS\system32\CCM\CcmExec.exe [2007-04-13 590712]
R2 Delphi Security Agent;Delphi Security Agent Service; C:\WINDOWS\System32\SAgent.exe [2006-05-03 98304]
R2 Delphi Security Proxy;Delphi Security Proxy; C:\WINDOWS\System32\SUProxy.exe [2005-03-18 61440]
R2 EDS Configuration Manager;EDS Configuration Manager; C:\WINDOWS\EDS\SDT\SDT.EXE [2008-12-12 18944]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-03-18 153376]
R2 McAfeeEngineService;McAfee Engine Service; C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe [2010-08-25 22816]
R2 McAfeeFramework;Service McAfee Framework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2009-05-18 103744]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2010-08-25 147984]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2010-08-25 66880]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-08-25 69192]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe [2007-05-10 94208]
R2 wltrysvc;DW WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2009-10-07 25088]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-27 439808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2007-08-23 147824]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Fichier info.txt
info.txt logfile of random's system information tool 1.08 2011-06-02 21:46:40
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{D8A4EA59-7203-46EB-A687-4B2FBA3F9690}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -maintain plugin
Adobe Reader 9.3.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Adobe Shockwave Player 11.5-->MsiExec.exe /X{7D0F2155-D7D3-42CE-903F-684ADD77FF89}
Ad-Remover By C_XX-->C:\Program Files\Ad-Remover\main.exe /u
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000f5.inf
Cute PDF Writer-->MsiExec.exe /I{C82BDBEC-B199-460C-BC17-9FDBBA03D29E}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Delphi CD Viewer V8-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Delphi Viewer\DelUnst.log"
DGDII Office Templates-->MsiExec.exe /I{C0C82430-4D18-4763-A163-C5952828F892}
DW WLAN Card Utility-->"C:\Program Files\Dell\DW WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\DW WLAN Card"
FastStone Capture 5.3 (French)-->C:\Program Files\FastStone Capture\uninst.exe
Free Screen Video Recorder version 2.5.16.426-->"C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\unins000.exe"
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
hp LaserJet 1000-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{975C8028-51D8-44A9-9585-82E9810FE96A}\Setup.exe"
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Malwarebytes' Anti-Malware version 1.51.0.1200-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Agent-->MsiExec.exe /X{FB82DEF7-781F-4F45-9B6D-1B67DF304ADA}
McAfee VirusScan Enterprise-->MsiExec.exe /I{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended FRA Language Pack-->MsiExec.exe /X{043F86B7-EE12-3399-B2CA-D0B603D87963}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
Microsoft Antimalware-->MsiExec.exe /X{774088D4-0777-4D78-904D-E435B318F5D2}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft MapPoint Europe 2009-->MsiExec.exe /I{C82185E8-C27B-4EF4-2009-2222BC2C2B6D}
Microsoft Office 2007 Help Tab-->MsiExec.exe /I{0533A3FE-9EBF-498E-91A8-F6B717441B18}
Microsoft Office Access database engine 2007 (English)-->MsiExec.exe /I{90120000-00D1-0409-0000-0000000FF1CE}
Microsoft Office Access Runtime (English) 2007-->MsiExec.exe /X{90120000-001C-0409-0000-0000000FF1CE}
Microsoft Office Communicator 2007 R2, MUI-->MsiExec.exe /X{CEECF731-3F08-4210-8073-7E87F58C01D3}
Microsoft Office Communicator 2007 R2-->MsiExec.exe /X{0D1CBBB9-F4A8-45B6-95E7-202BA61D7AF4}
Microsoft Office Excel 2007 Get Started Tab-->MsiExec.exe /I{AB706D91-2242-4E1D-B4D0-1ED35387F5A7}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint 2007 Get Started Tab-->MsiExec.exe /I{5AE5DB70-5CE6-4876-A83E-8246CC36FC28}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Visio Viewer 2007-->MsiExec.exe /I{95120000-0052-0409-0000-0000000FF1CE}
Microsoft Office Word 2007 Get Started Tab-->MsiExec.exe /I{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Security Client FR-FR Language Pack-->MsiExec.exe /I{859B9BCA-5376-4566-9F88-C6C9DAA7A925}
Microsoft Security Client-->MsiExec.exe /I{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Compact 3.5 SP2 FRA-->MsiExec.exe /I{AF6919D0-5691-4F35-9D65-54F981013514}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411-->MsiExec.exe /X{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 4 Client Profile FRA-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1036 /parameterfolder ClientLP
Module linguistique Microsoft .NET Framework 4 Extended FRA-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1036 /parameterfolder ExtendedLP
Mozilla Firefox 4.0.1 (x86 fr)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Pamus MP3 Recorder 1.05-->"C:\Program Files\Pamus MP3 Recorder\unins000.exe"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Pseudo DHCP (AutoUpdate) v1.4.12-->notepad.exe C:\PDHCP.LOG
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Revo Uninstaller 1.91-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
SAP 6.40 P3-->MsiExec.exe /I{13AA6291-CA4D-401E-9E4E-B7BFA4764FDB}
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB2288953)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8B772E1C-7C05-42D2-839D-3EC2D39EFF22}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
VLC media player 1.1.7-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows_Installer_4.5.6001.22159_SMS-->notepad.exe C:\\WINDOWS\\Windows_Installer_4.5.6001.22159_32bit.log
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WSUS_ENABLED_MACHINE-->notepad.exe C:\\WINDOWS\\EDS\\setup\\\\wsus_activation.log
======Security center information======
AV: Microsoft Security Essentials
AV: McAfee VirusScan Enterprise
======System event log======
Computer Name: DLBPY464J
Event Code: 5719
Message: Aucun contrôleur de domaine n'est disponible pour le domaine EUROPE pour la raison suivante :
Aucun serveur d'accès n'est actuellement disponible pour traiter la demande d'ouverture de session.
.
Vérifiez que l'ordinateur est connecté au réseau et tentez
une nouvelle fois. Si le problème persiste, contactez votre administrateur système.
Record Number: 12264
Source Name: NETLOGON
Time Written: 20110512105717.000000+120
Event Type: erreur
User:
Computer Name: DLBPY464J
Event Code: 29
Message: Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une
ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible.
Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient n'a pas de source de temps précis.
Record Number: 12263
Source Name: W32Time
Time Written: 20110512105121.000000+120
Event Type: erreur
User:
Computer Name: DLBPY464J
Event Code: 14
Message: Le fournisseur de temps NtpClient n'a pas pu trouver un contrôleur de domaine à utiliser comme
source de temps. NtpClient va essayer à nouveau dans 15 minutes.
Record Number: 12262
Source Name: W32Time
Time Written: 20110512105121.000000+120
Event Type: Avertissement
User:
Computer Name: DLBPY464J
Event Code: 1002
Message: Le bail de l'adresse IP 192.168.1.15 pour la carte réseau dont l'adresse réseau est 00242B603E5A
a été refusé par le serveur DHCP 192.168.2.1 (celui-ci a envoyé un message DHCPNACK).
Record Number: 12261
Source Name: Dhcp
Time Written: 20110512105114.000000+120
Event Type: erreur
User:
Computer Name: DLBPY464J
Event Code: 4201
Message: Le système a détecté que la carte réseau Dell...WLAN Mini-Card - Packet Scheduler Miniport était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 12260
Source Name: Tcpip
Time Written: 20110512105114.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: DLBPY464J
Event Code: 1
Message: SAGENT : The user or group Europe\Tier3_Desktop_Support could NOT deleted from the local Administrators group
Record Number: 136517
Source Name: Delphi
Time Written: 20110602065158.000000+120
Event Type: Avertissement
User:
Computer Name: DLBPY464J
Event Code: 1
Message: SAGENT : The user or group Europe\Central_Helpdesk could NOT deleted from the local Administrators group
Record Number: 136516
Source Name: Delphi
Time Written: 20110602065045.000000+120
Event Type: Avertissement
User:
Computer Name: DLBPY464J
Event Code: 1
Message: SAGENT : The user or group Europe\Tier3_Desktop_Support could NOT deleted from the local Administrators group
Record Number: 136515
Source Name: Delphi
Time Written: 20110602065045.000000+120
Event Type: Avertissement
User:
Computer Name: DLBPY464J
Event Code: 1
Message: SAGENT : The user or group Europe\Central_Helpdesk could NOT deleted from the local Administrators group
Record Number: 136514
Source Name: Delphi
Time Written: 20110602064932.000000+120
Event Type: Avertissement
User:
Computer Name: DLBPY464J
Event Code: 1
Message: SAGENT : The user or group Europe\Tier3_Desktop_Support could NOT deleted from the local Administrators group
Record Number: 136513
Source Name: Delphi
Time Written: 20110602064932.000000+120
Event Type: Avertissement
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 124 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=7c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
"SERIALNUM"=BPY464J
"BUILDVER"=2.2600.100707
"SYSMODL"=D531
"SYSTYPE"=D531
"DEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
"VSEDEFLOGDIR"=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
-----------------EOF----------------- |
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 03 Juin 2011 à 09h52
hello,
aprioris deux types d'infection dans cette machine....
Infection Rogue
Infection BT
Fais ceci,
* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.
* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
Passons à la suppression:
-----------------------------------------------------------
* Double clic sur le programme Ad-Remover pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Nettoyer"
* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)
ps:
donc poste deux rapports.
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 03 Juin 2011 à 10h20
Bjr Winx
Voilà les rapports
scan
======= REPORT FROM AD-REMOVER 2.0.0.2,E | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 21/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [3]) -> Launched at 10:08:20 on 03/06/2011, Normal boot
Microsoft Windows XP Professionnel Service Pack 3 (X86)
tz9dnh@DLBPY464J ( )
============== SEARCH ==============
============== ADDITIONNAL SCAN ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKCU_MozillaPlugins\@megamedia/Megakey (x)
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKCU_Extensions|{1D3DB383-DB45-45b2-9F46-91218CA2CBCB} - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\{1D3DB383-DB45-45b2-9F46-91218CA2CBCB}
-- C:\Documents and Settings\tz9dnh\Application Data\Mozilla\FireFox\Profiles\lgc9y2eh.default --
Extensions\SkipScreen@SkipScreen (SkipScreen)
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\tz9dnh\\Desktop
Prefs.js - browser.search.defaultenginename, BearShare Web Search
Prefs.js - browser.search.selectedEngine, BearShare Web Search
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
========================================
**** Google Chrome Version [11.0.696.71] ****
Extension\nhhocpdgkjoocfobhdbcfeafckeoiemc (C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.crx) (?)
-- C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage:
Preferences - homepage_is_newtabpage: true
Plugin - Chrome NaCl (Enabled: false) (C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Silverlight" (Enabled: true)
Plugin - "Chrome NaCl" (Enabled: false)
Plugin - "Megakey" (Enabled: true)
========================================
**** Internet Explorer Version [6.0.2900.5512] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (x)
HKCU_ElevationPolicy\{83FE00CC-498E-4e11-8CDE-DDC10296597C} - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.exe (Megamedia Ltd.)
HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{77F4E711-789B-447F-9614-96759B2F83C6} - "MegaIeHelperBHO Class" (C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegaIeHelper.dll)
BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 2 File(s)
C:\Program Files\Ad-Remover\Backup: 30 File(s)
C:\Ad-Report-CLEAN[1].txt - 28/03/2011 23:28:56 (424 Byte(s))
C:\Ad-Report-CLEAN[2].txt - 02/06/2011 19:57:49 (5058 Byte(s))
C:\Ad-Report-SCAN[1].txt - 23/03/2011 23:08:38 (3856 Byte(s))
C:\Ad-Report-SCAN[2].txt - 02/06/2011 19:53:37 (5026 Byte(s))
C:\Ad-Report-SCAN[3].txt - 03/06/2011 10:08:31 (3768 Byte(s))
End at: 10:09:14, 03/06/2011
============== E.O.F ==============
Clean
======= REPORT FROM AD-REMOVER 2.0.0.2,E | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 21/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [3]) -> Launched at 10:10:22 on 03/06/2011, Normal boot
Microsoft Windows XP Professionnel Service Pack 3 (X86)
tz9dnh@DLBPY464J ( )
============== ACTION(S) ==============
(!) -- Temporary files deleted.
============== ADDITIONNAL SCAN ==============
**** Mozilla Firefox Version [4.0.1 (fr)] ****
HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKCU_MozillaPlugins\@megamedia/Megakey (x)
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKCU_Extensions|{1D3DB383-DB45-45b2-9F46-91218CA2CBCB} - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\{1D3DB383-DB45-45b2-9F46-91218CA2CBCB}
-- C:\Documents and Settings\tz9dnh\Application Data\Mozilla\FireFox\Profiles\lgc9y2eh.default --
Extensions\SkipScreen@SkipScreen (SkipScreen)
Searchplugins\BearShareWebSearch.xml ( hxxp://search.bearshare.com/web?src=ffb&systemid=2&q={searchTerms}/)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\tz9dnh\\Desktop
Prefs.js - browser.search.defaultenginename, BearShare Web Search
Prefs.js - browser.search.selectedEngine, BearShare Web Search
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
Prefs.js - keyword.URL, hxxp://search.bearshare.com/web?src=ffb&systemid=2&q=
========================================
**** Google Chrome Version [11.0.696.71] ****
Extension\nhhocpdgkjoocfobhdbcfeafckeoiemc (C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.crx) (?)
-- C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage:
Preferences - homepage_is_newtabpage: true
Plugin - Chrome NaCl (Enabled: false) (C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Silverlight" (Enabled: true)
Plugin - "Chrome NaCl" (Enabled: false)
Plugin - "Megakey" (Enabled: true)
========================================
**** Internet Explorer Version [6.0.2900.5512] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (x)
HKCU_ElevationPolicy\{83FE00CC-498E-4e11-8CDE-DDC10296597C} - C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\Megakey.exe (Megamedia Ltd.)
HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{77F4E711-789B-447F-9614-96759B2F83C6} - "MegaIeHelperBHO Class" (C:\Documents and Settings\tz9dnh\Local Settings\Application Data\Megamedia\Megakey\MegaIeHelper.dll)
BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 2 File(s)
C:\Program Files\Ad-Remover\Backup: 43 File(s)
C:\Ad-Report-CLEAN[1].txt - 28/03/2011 23:28:56 (424 Byte(s))
C:\Ad-Report-CLEAN[2].txt - 02/06/2011 19:57:49 (5058 Byte(s))
C:\Ad-Report-CLEAN[3].txt - 03/06/2011 10:10:26 (3514 Byte(s))
C:\Ad-Report-SCAN[1].txt - 23/03/2011 23:08:38 (3856 Byte(s))
C:\Ad-Report-SCAN[2].txt - 02/06/2011 19:53:37 (5026 Byte(s))
C:\Ad-Report-SCAN[3].txt - 03/06/2011 10:08:31 (4716 Byte(s))
End at: 10:11:17, 03/06/2011
============== E.O.F ==============
dans l attente , merci encore
|
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 04 Juin 2011 à 14h03
re,
Ensuite fais ceci:
Télécharge Malwarebytes' Anti-Malware (MBAM)
[*] Double clique sur le fichier téléchargé pour lancer le processus d'installation.
[*] Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
[*] Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
[*] Sélectionne "Exécuter un examen rapide"
[*] Clique sur "Rechercher"
[*] L'analyse démarre, le scan est relativement long, c'est normal.
[*] A la fin de l'analyse, un message s'affiche :
Citation L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
[*] Ferme tes navigateurs.
[*] Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
[*] MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
ps:
--->aide visuelle sur Mbam ici
Etiré
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 04 Juin 2011 à 17h07
Bjr Winx,
Voilà le rapport Malwarebytes
( Winx , j ai de nouveau acces à mon poste de travail , et je peux réutiliser une cle USB ??? )
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Version de la base de données: 6769
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
04/06/2011 17:04:02
mbam-log-2011-06-04 (17-04-02).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 158805
Temps écoulé: 6 minute(s), 28 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
|
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 04 Juin 2011 à 18h44
Si tu es sous Vista/Windows 7, désactive provisoirement l'UAC
Télécharge USBFix de El Desaparecido et C_XX et enregistre le sur ton bureau.
[*] Si tu es sous XP, double-clique sur USBFix.exe pour le lancer.
Si tu es sous Vista ou Windows 7, clique droit sur USBFix.exe et choisis Exécuter en tant qu'administrateur.
------------------------------------------
Analyse :
[*] Clique sur Recherche et laisse l'outil travailler
[*] Une fenêtre te demandant de brancher tous les périphériques externes utilisés ces derniers jours (clés USB, lecteurs MP3, disques durs externes, etc ...) va apparaître.
Branche le matériel puis clique sur OK pour poursuivre.
[*] Patiente le temps d'exécution du scan.
[*] A la fin, un rapport va être généré (C:\USBFix.txt). Copie-colle l'intégralité de son contenu dans ta prochaine réponse sur le forum.
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 04 Juin 2011 à 23h57
e Winx,
Voilà le rapport de USBFix avec mon disque dur externe branché, qui me posait souci.
############################## | UsbFix 7.046 | [Research]
User: tz9dnh (Administrator) # DLBPY464J [ ]
Updated 23/05/2011 by TeamXscript
Started at 23:50:15 | 04/06/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com
CPU: Mobile AMD Sempron(tm) Processor 3600+
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall: Enabled
Antivirus: Microsoft Security Essentials 3.0.8107.0 [Enabled | Updated]
Antivirus: McAfee VirusScan Enterprise 8.7.0.570 [Enabled | Updated]
RAM -> 1918 Mb
C:\ (%systemdrive%) -> Fixed drive # 75 Gb (21 Mb free - 28%) [WinXP] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 233 Gb (115 Mb free - 49%) [VERBATIM] # FAT32
################## | Files # Infected Folders |
Found ! C:\install1.log
Found ! C:\tmp
################## | Registry |
Found ! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{b57ea699-6e0a-11dd-9a22-001cc454c434}
Shell\AutoRun\Command = E:\rsd_en_4.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{c52cd792-3e48-11de-ab52-001cc454c434}
Shell\AutoRun\Command = E:\LaunchU3.exe -a
HKCU\.\.\.\.\Explorer\MountPoints2\{d781087b-89c4-11df-bef6-001cc454c434}
Shell\AutoRun\Command = E:\WD_Windows_Tools\Setup.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{ed7381e6-6fab-11dd-ba23-001cc454c434}
Shell\AutoRun\Command = E:\rsd_en_4.exe
################## | Vaccin |
(!) This computer is not vaccinated!
################## | E.O.F |
merci encore
|
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 05 Juin 2011 à 16h24
re,
Nettoyage :
[*] Si tu es sous XP, double-clique sur USBFix.exe pour le lancer.
Si tu es sous Vista ou Windows 7, clique droit sur USBFix.exe et choisis Exécuter en tant qu'administrateur.
[*] Clique sur Suppression et laisse travailler l'outil.
[*] Une fenêtre te demandant de brancher tous les périphériques externes utilisés ces derniers jours (clés USB, lecteurs MP3, disques durs externes, etc ...) va apparaître.
Branche le matériel puis clique sur OK pour poursuivre.
[*] USBFix va continuer son exécution. Le bureau va disparaitre (à 10 %) et ne sera plus accessible tout le temps du scan. Ne t'inquiète pas, c'est normal. Patiente le temps du nettoyage sans l'interrompre.
[*] A la fin, un rapport va être généré (C:\USBFix.txt). Copie-colle l'intégralité de son contenu dans ta prochaine réponse sur le forum.
--------------------------------------------------------------
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 05 Juin 2011 à 17h48
Re ,
Voilà le rapport de nettoyage UsbFix
############################## | UsbFix 7.046 | [Deletion]
User: tz9dnh (Administrator) # DLBPY464J [ ]
Updated 23/05/2011 by TeamXscript
Started at 17:38:02 | 05/06/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com
CPU: Mobile AMD Sempron(tm) Processor 3600+
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall: Enabled
Antivirus: Microsoft Security Essentials 3.0.8107.0 [(!) Disabled | Updated]
Antivirus: McAfee VirusScan Enterprise 8.7.0.570 [Enabled | Updated]
RAM -> 1918 Mb
C:\ (%systemdrive%) -> Fixed drive # 75 Gb (21 Mb free - 28%) [WinXP] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 233 Gb (113 Mb free - 48%) [VERBATIM] # FAT32
################## | Files # Infected Folders |
Deleted ! C:\Recycler\S-1-5-21-507921405-813497703-1202660629-65700
Deleted ! C:\install1.log
Deleted ! C:\tmp
################## | Registry |
Deleted ! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman
################## | Mountpoints2 |
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{b57ea699-6e0a-11dd-9a22-001cc454c434}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c52cd792-3e48-11de-ab52-001cc454c434}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d781087b-89c4-11df-bef6-001cc454c434}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ed7381e6-6fab-11dd-ba23-001cc454c434}
################## | Listing |
[05/03/2008 - 15:23:28 | N | 46] C:\$$X86.INI
[28/03/2011 - 23:28:56 | N | 424] C:\Ad-Report-CLEAN[1].txt
[02/06/2011 - 19:58:38 | N | 5058] C:\Ad-Report-CLEAN[2].txt
[03/06/2011 - 10:11:18 | N | 4822] C:\Ad-Report-CLEAN[3].txt
[23/03/2011 - 23:09:11 | N | 3856] C:\Ad-Report-SCAN[1].txt
[02/06/2011 - 19:55:14 | N | 5026] C:\Ad-Report-SCAN[2].txt
[03/06/2011 - 10:09:14 | N | 4716] C:\Ad-Report-SCAN[3].txt
[19/08/2008 - 18:17:13 | N | 0] C:\AUTOEXEC.BAT
[21/02/2011 - 18:25:00 | RASH | 211] C:\boot.ini
[06/04/2011 - 17:58:05 | D ] C:\Careo
[06/04/2011 - 17:59:20 | D ] C:\careo temp
[02/06/2011 - 21:11:41 | HD ] C:\Config.Msi
[19/08/2008 - 18:17:13 | N | 0] C:\CONFIG.SYS
[21/02/2011 - 13:31:50 | D ] C:\Dell
[21/02/2011 - 14:43:33 | D ] C:\Documents and Settings
[19/08/2008 - 22:03:27 | D ] C:\Drivers
[21/02/2011 - 13:28:09 | D ] C:\Drv
[21/02/2011 - 17:54:34 | D ] C:\GOLDA
[21/02/2011 - 18:05:37 | D ] C:\Google
[21/02/2011 - 21:19:31 | N | 1809] C:\Injection.log
[21/02/2011 - 14:22:58 | N | 26058] C:\install.log
[21/02/2011 - 13:34:50 | N | 3703450] C:\INSTALL_SMS.LOG
[06/04/2011 - 11:34:27 | D ] C:\Internet Explorer
[19/08/2008 - 18:17:13 | N | 0] C:\IO.SYS
[21/02/2011 - 13:39:59 | N | 178] C:\Lang040c.txt
[19/08/2008 - 18:17:13 | N | 0] C:\MSDOS.SYS
[07/07/2010 - 17:06:26 | RHD ] C:\MSOCache
[04/08/2004 - 14:00:00 | RASH | 47564] C:\NTDETECT.COM
[11/05/2009 - 16:06:27 | N | 250048] C:\ntldr
[07/09/2010 - 22:07:23 | N | 1048576] C:\NTUSER.DAT
[07/09/2010 - 22:07:23 | N | 1024] C:\NTUSER.DAT.LOG
[05/06/2011 - 17:31:34 | ASH | 3015704576] C:\pagefile.sys
[05/06/2011 - 17:37:34 | N | 265133] C:\PDHCP.CSV
[05/06/2011 - 17:37:34 | N | 181604] C:\PDHCP.LOG
[10/03/2011 - 14:08:18 | D ] C:\perso
[21/02/2011 - 13:36:50 | N | 1227] C:\preinstall.log
[04/06/2011 - 17:54:08 | D ] C:\Program Files
[04/06/2011 - 01:34:44 | D ] C:\Quarantine
[05/06/2011 - 17:40:12 | SHD ] C:\RECYCLER
[02/06/2011 - 21:46:40 | D ] C:\rsit
[21/02/2011 - 14:14:32 | SHD ] C:\System Volume Information
[21/02/2011 - 13:37:37 | D ] C:\temp
[21/02/2011 - 18:50:09 | N | 951] C:\update.log
[05/06/2011 - 17:41:13 | D ] C:\UsbFix
[05/06/2011 - 17:42:11 | A | 1110] C:\UsbFix.txt
[21/02/2011 - 14:18:27 | N | 1154] C:\ver.ini
[05/06/2011 - 17:32:52 | D ] C:\WINDOWS
[21/02/2011 - 13:44:33 | D ] C:\winnt
[21/02/2011 - 13:31:50 | N | 86] C:\WLCONFIG.LOG
[21/02/2011 - 13:31:50 | N | 90] C:\WLCONFIg.TXT
[02/06/2009 - 16:00:14 | D ] E:\2_5 USB HD MANUAL
[02/06/2009 - 16:00:18 | D ] E:\Nero BackItUp 4
[22/04/2010 - 21:35:00 | D ] E:\tz9dnh
[22/04/2010 - 21:35:02 | SHD ] E:\System Volume Information
[21/05/2010 - 23:13:30 | SHD ] E:\Recycled
[04/07/2010 - 23:02:12 | D ] E:\Pack produits 02-2010
[04/07/2010 - 23:02:58 | D ] E:\Eric_Scandolin_02JUILLET2010
[06/08/2010 - 00:12:56 | D ] E:\Eric_Scandolin_06aout2010
[09/09/2010 - 21:00:00 | D ] E:\maj gps delphi TAKARA
[09/09/2010 - 21:49:06 | D ] E:\gps NAV 210W SPT 2010
[09/09/2010 - 20:59:56 | D ] E:\Favorites gps SEPT 2010
[24/10/2010 - 11:46:50 | D ] E:\Eric_Scandolin_24 Octobre 2010
[10/01/2011 - 08:59:04 | D ] E:\Eric_Scandolin_01_01_2011
[16/02/2011 - 21:04:42 | D ] E:\disque delphi fevrier 2011
[27/03/2011 - 15:16:36 | D ] E:\film
[27/03/2011 - 21:49:36 | D ] E:\wawa
[03/04/2011 - 16:55:44 | D ] E:\Save Sylvaine
[02/05/2011 - 10:01:18 | D ] E:\tolreance data
[02/05/2011 - 10:31:08 | D ] E:\scandolin 1 mai 2011
[20/05/2011 - 21:08:10 | D ] E:\Nouveau dossier
[31/05/2011 - 10:14:28 | D ] E:\wawa 01 juin 2011
################## | Vaccin |
C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
################## | Upload |
Please send the file: C:\UsbFix_Upload_Me_DLBPY464J.zip
http://www.teamxscript.org/Upload.php
Thank you for your contribution.
################## | E.O.F |
|
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 06 Juin 2011 à 19h02
|
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 06 Juin 2011 à 21h41
Bjr Winx,
J ai fais le scan demandé mais pas de fichier detecté , donc je n ai pas de fichier à copier coller .
Amicalement, |
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 07 Juin 2011 à 20h22
re,
bien comment se comporte le pc a ce point ? |
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
scando
137 messages
Carte Graphique 3D
|
Le 07 Juin 2011 à 22h26
Bjr Winx,
Pour l'instant tout marche OK, j ai de nouveau acces à mon Poste de travail, ainsi que mes cles USB.
Je te remercie par avance pour le temps que tu à bien voulu consacrer à mon probleme.
Tres cordialement |
| |
|
|
|
|
Winx
19817 messages
No-Life
AidoHardware
AidoAntivirus
AidoWindows
|
Le 13 Juin 2011 à 11h35
re,
pas de souci passes quant tu veux  |
| |
Je n'ai pas la prétention de résoudre les problèmes, mais celle de vous aider à les résoudre ;-)
|
|
|
|
Demander de l'aide
RSS
Profil
Les Pays-Bas inscrivent la neutralité du net dans la loi
Facebook Messenger: Plus besoin d'un navigateur web pour discuter sur le chat Facebook
Google Drive: Google lancerait bientôt un service de stockage en ligne
Un tiers des divorces en Angleterre seraient liés à Facebook
Des photos privées de Mark Zuckerberg dévoilées à cause d'une faille de sécurité Facebook
Rock-It 2.0 : un amplificateur à se mettre dans la poche
Google Chrome passe devant Firefox et devient le second navigateur mondial
Procurez vous le nouveau design de Youtube dès maintenant
Appelez vos amis Facebook via Skype - même s'ils n'ont pas Skype!
Impact des cyber-attaques sur le monde réel: Aux portes d'une guerre?
[Fireworks] Réaliser une gemme
Achetez et vendez votre matériel multimédia d'occasion sur notre service de petites annonces informatiques gratuites
