FAQ   Charte   Rechercher   Membres   Utilisateurs   S'enregistrer   Profil   Vérifier ses messages privés   Connexion   Problème d'ordinateur bloqué Aller à la page 1, 2  Suivante   Le site -> Assiste PC Index du Forum -> Configurations et problèmes réseaux Auteur Message leoufdelife Newbie Inscrit le: 07 Fév 2008 Message(s): 10 Posté le: 07 Fév 2008 18:21    Sujet du message: Problème d'ordinateur bloqué Bonjour à tous, J'ai en effet un gros problème sur mon pc, quand je lance internet via l'espace wanadoo, celui-ci se bloque peu de temps après et me fait planter mon pc. Ensuite quand je vais dans poste de travail / gérer / observateur d'événements / applications : J'ai le message suivant : Application bloquée GestionnaireInternet.exe, version 5.9.1.3, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Je n'y connait pas grand chose à vrai dire, c'est la pemiere fois qu'il me fait ça. ma config : Pentium Dual Core 3GHZ 2 GB de RAM Geforce 8600 GTS Disque dur 300 GO J'ai Avast comme antivirus. J'ai pensé a un virus donc j'ai posté ici, et désolé si ce sujet a déja été abordé auparavant. Merci d'avance. Revenir en haut de page Angeldark Equipe Sécurité Inscrit le: 23 Mai 2007 Message(s): 113 Posté le: 07 Fév 2008 20:49    Sujet du message: Bonjour, Je ne pense pas à un virus. Désactive tes protections résidentes (antivirus, Spybot...) ! Télécharge Deckard's System Scanner (DSS) (Deckard) sur ton Bureau. Ferme maintenant toutes les applications et fenêtres. Double-clique sur dss.exe pour le lancer. Clique 2 fois sur le OK des boîtes de dialogue. ! Attention, si tu tardes trop, la réponse Abandon sera automatiquement validée ! Une fois le traitement terminé, clique une nouvelle fois sur OK. Deux fichiers texte vont s'ouvrir : - main.txt (ouvert en premier plan et en plein écran) - extra.txt [color=red](ouvert en second plan et en fenêtré)[color] Copie le contenu de main.txt et extra.txt afin de le coller dans ta prochaine réponse. Revenir en haut de page leoufdelife Newbie Inscrit le: 07 Fév 2008 Message(s): 10 Posté le: 07 Fév 2008 21:24    Sujet du message: Voici ce que j'ai obtenu en suivant ce que tu m'as dit : MAIN.TXT : Deckard's System Scanner v20071014.68 Run by SIMOTHE on 2008-02-07 20:19:17 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 25: 2008-02-07 19:19:19 UTC - RP25 - Deckard's System Scanner Restore Point 24: 2008-02-07 19:16:03 UTC - RP24 - Removed BitDefender Internet Security v10 23: 2008-02-07 19:10:52 UTC - RP23 - Deckard's System Scanner Restore Point 22: 2008-02-07 19:03:34 UTC - RP22 - Installed BitDefender Internet Security v10 21: 2008-02-06 20:44:50 UTC - RP21 - Point de vérification système -- First Restore Point -- 1: 2008-02-02 12:23:14 UTC - RP1 - Point de vérification système Backed up registry hives. Performed disk cleanup. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-02-07 20:19:44 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\WINDOWS\system32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Wanadoo\TaskBarIcon.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\WINDOWS\RTHDCPL.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\Program Files\Wanadoo\Toaster.exe C:\Program Files\Wanadoo\Inactivity.exe C:\Program Files\Wanadoo\PollingModule.exe C:\WINDOWS\system32\AlertModule\AlertModule.exe C:\Program Files\Wanadoo\Watch.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Wanadoo\WOOBrowser\WOOBrowser.exe C:\Documents and Settings\SIMOTHE\Bureau\dss.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/fr/srchasst/srchasst.htm R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Wanadoo Messager\Wanadoo Messager.exe O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll O15 - Trusted Zone: http://www.secuser.com (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201959633031 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{02815B30-4017-45E2-A9DA-0F2FAD367739}: NameServer = 80.10.246.130 81.253.149.10 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\system32\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6928 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller> S2 BDRSDRV - c:\program files\softwin\bitdefender10\bdrsdrv.sys (file missing) S3 bdfdll - c:\program files\softwin\bitdefender10\bdfdll.sys (file missing) S3 BDFSDRV - c:\program files\softwin\bitdefender10\bdfsdrv.sys (file missing) S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing) S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 FTRTSVC (France Telecom Routing Table Service) - c:\windows\system32\ftrtsvc.exe <Not Verified; France Telecom; FTRTSVC NT Service> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Intel(R) 82562V-2 10/100 Network Connection Device ID: PCI\VEN_8086&DEV_10C0&SUBSYS_023D1028&REV_02\3&2411E6FE&0&C8 Manufacturer: Intel Name: Intel(R) 82562V-2 10/100 Network Connection PNP Device ID: PCI\VEN_8086&DEV_10C0&SUBSYS_023D1028&REV_02\3&2411E6FE&0&C8 Service: e1express -- Files created between 2008-01-07 and 2008-02-07 ----------------------------- 2008-02-07 20:16:06 81984 --a------ C:\WINDOWS\system32\bdod.bin 2008-02-07 20:02:55 0 d-------- C:\Program Files\Bit Defender - Internet Security v10+Serial 2008-02-07 16:55:56 0 dr-h----- C:\Documents and Settings\SIMOTHE\Recent 2008-02-07 16:50:13 0 d-------- C:\Program Files\Nouveau dossier 2008-02-07 16:34:55 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\DivX 2008-02-07 16:34:17 0 d-------- C:\Program Files\DivX 2008-02-06 21:10:44 0 d-------- C:\Program Files\CCleaner 2008-02-06 21:03:23 36864 --a------ C:\WINDOWS\system32\IfHelper.dll <Not Verified; France Télécom R&D; IfHelper> 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2008-02-06 20:38:44 0 dr-h----- C:\Documents and Settings\Administrateur\SendTo 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Recent 2008-02-06 20:38:44 524288 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Modèles 2008-02-06 20:38:44 0 d-------- C:\Documents and Settings\Administrateur\Mes documents 2008-02-06 20:38:44 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings 2008-02-06 20:38:44 0 d-------- C:\Documents and Settings\Administrateur\Favoris 2008-02-06 20:38:44 0 d--hs---- C:\Documents and Settings\Administrateur\Cookies 2008-02-06 20:38:44 0 d-------- C:\Documents and Settings\Administrateur\Bureau 2008-02-06 20:38:44 0 dr-h----- C:\Documents and Settings\Administrateur\Application Data 2008-02-06 20:38:44 0 d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2008-02-06 19:43:22 0 d-------- C:\Program Files\a-squared Anti-Malware 2008-02-06 19:21:44 507904 --a------ C:\WINDOWS\TMUPDATE.DLL <Not Verified; Trend Micro Inc.; ActiveUpdate Module> 2008-02-06 19:21:43 69689 --a------ C:\WINDOWS\UNZIP.DLL <Not Verified; Trend Micro Inc.; Trend Active Update 1.32> 2008-02-06 19:21:43 286720 --a------ C:\WINDOWS\PATCH.EXE <Not Verified; Trend Micro Inc.; ActiveUpdate Module> 2008-02-06 17:19:32 0 d-------- C:\Program Files\Foxit Software 2008-02-05 16:59:41 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Help 2008-02-05 16:50:13 94208 --a------ C:\WINDOWS\system32\W32n50.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> 2008-02-05 16:50:13 16128 -----n--- C:\WINDOWS\system32\PCANDIS5.SYS <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> 2008-02-04 19:19:06 0 d--h----- C:\WINDOWS\PIF 2008-02-03 12:44:17 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; > 2008-02-03 12:42:03 0 d-------- C:\WINDOWS\system32\ageia 2008-02-03 12:42:03 0 d-------- C:\Program Files\AGEIA Technologies 2008-02-03 12:38:25 0 d-------- C:\Program Files\Ubisoft 2008-02-03 11:38:17 94208 --a------ C:\WINDOWS\amcap.exe <Not Verified; Microsoft Corporation; DirectX 8.1 Sample> 2008-02-03 11:38:12 262144 --a------ C:\WINDOWS\tsnp2std.exe <Not Verified; ; tsnp2std> 2008-02-03 11:38:10 147456 --a------ C:\WINDOWS\rsnp2std.dll <Not Verified; ; ResourceDLL> 2008-02-03 11:38:10 0 d-------- C:\Program Files\Fichiers communs\snp2std 2008-02-03 10:54:31 0 d-------- C:\WINDOWS\system32\fr-fr 2008-02-03 10:52:39 0 d-------- C:\WINDOWS\network diagnostic 2008-02-02 23:52:02 0 d-------- C:\WINDOWS\system32\PreInstall 2008-02-02 22:19:24 0 d-------- C:\Program Files\Everest Poker 2008-02-02 22:18:23 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2008-02-02 15:17:50 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Adobe 2008-02-02 15:16:05 0 d-------- C:\WINDOWS\system32\Lang 2008-02-02 15:16:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-02-02 15:14:53 49152 --a------ C:\WINDOWS\system32\ChCfg.exe 2008-02-02 15:14:41 0 d-------- C:\WINDOWS\system32\RTCOM 2008-02-02 15:14:10 0 d-------- C:\Program Files\Realtek 2008-02-02 15:14:02 520192 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library> 2008-02-02 15:14:02 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-02-02 15:02:53 0 d-------- C:\Program Files\eMule 2008-02-02 14:56:01 0 d-------- C:\Program Files\Windows Live 2008-02-02 14:56:01 0 d-------- C:\Program Files\Messenger Plus! Live 2008-02-02 14:51:03 0 d-------- C:\Program Files\MSN Apps 2008-02-02 14:49:45 0 d-------- C:\Documents and Settings\SIMOTHE\Contacts 2008-02-02 14:40:27 0 d--hs---- C:\Documents and Settings\SIMOTHE\UserData 2008-02-02 14:38:14 0 d-------- C:\Program Files\Alwil Software 2008-02-02 14:36:14 0 d-------- C:\Program Files\MSN Messenger 2008-02-02 14:22:19 0 d------c- C:\WINDOWS\system32\DRVSTORE 2008-02-02 14:22:12 0 d-------- C:\Intel 2008-02-02 14:21:37 0 d-------- C:\Program Files\Intel 2008-02-02 14:19:34 0 d-------- C:\WINDOWS\system32\vmm32 2008-02-02 14:19:34 0 d-------- C:\Program Files\Dell 2008-02-02 14:11:51 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Macromedia 2008-02-02 14:07:45 32768 --a------ C:\WINDOWS\system32\WooDial2000.dll <Not Verified; France Télécom R&D; Kit de Connexion et de Services> 2008-02-02 14:05:37 0 d-------- C:\Program Files\Zhongxing 2008-02-02 14:05:32 0 d-------- C:\WINDOWS\system32\ReinstallBackups 2008-02-02 14:05:13 0 d-------- C:\Program Files\ZXDSL852 2008-02-02 14:05:13 0 d-------- C:\Program Files\ntdll.dll 2008-02-02 14:05:11 0 d-------- C:\WINDOWS\system32\AlertModule 2008-02-02 14:05:07 40960 --a------ C:\WINDOWS\system32\FTRTSVC.exe <Not Verified; France Telecom; FTRTSVC NT Service> 2008-02-02 14:04:54 41068 -----n--- C:\WINDOWS\system32\ActPanel.dll 2008-02-02 14:04:53 0 d-------- C:\Program Files\Java 2008-02-02 14:04:53 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-02-02 14:04:51 0 d-------- C:\Program Files\Fichiers communs\InstallShield 2008-02-02 14:04:42 32768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll <Not Verified; Forefront, Incorporated; ffJmpWeb Dynamic Link Library> 2008-02-02 14:04:41 0 d-------- C:\Program Files\Wanadoo Messager 2008-02-02 14:03:53 0 d-------- C:\Program Files\Wanadoo 2008-02-02 13:54:31 0 d--hs---- C:\WINDOWS\Installer 2008-02-02 13:54:30 0 d-------- C:\Program Files\Fichiers communs\ODBC 2008-02-02 13:54:28 0 dr------- C:\Program Files 2008-02-02 13:54:28 0 d-------- C:\Program Files\Fichiers communs 2008-02-02 13:54:28 0 d-------- C:\Program Files\Fichiers communs\SpeechEngines 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Voisinage réseau 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Voisinage d'impression 2008-02-02 13:54:10 0 dr-h----- C:\Documents and Settings\Default User\SendTo 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Recent 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Modèles 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\Default User\Mes documents 2008-02-02 13:54:10 0 dr------- C:\Documents and Settings\Default User\Menu Démarrer 2008-02-02 13:54:10 0 dr-h----- C:\Documents and Settings\Default User\Local Settings 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\Default User\Favoris 2008-02-02 13:54:10 0 d---s---- C:\Documents and Settings\Default User\Cookies 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\Default User\Bureau 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\All Users\Modèles 2008-02-02 13:54:10 0 dr------- C:\Documents and Settings\All Users\Menu Démarrer 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\All Users\Favoris 2008-02-02 13:54:10 0 dr------- C:\Documents and Settings\All Users\Documents 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\All Users\Bureau 2008-02-02 13:54:01 0 d-------- C:\WINDOWS\system32\CatRoot2 2008-02-02 13:54:01 0 d-------- C:\WINDOWS\system32\CatRoot 2008-02-02 13:53:56 0 dr-h----- C:\Documents and Settings\Default User\Application Data 2008-02-02 13:53:56 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft 2008-02-02 13:53:56 0 dr-h----- C:\Documents and Settings\All Users\Application Data 2008-02-02 13:53:56 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-02-02 13:53:36 0 d--hs---- C:\System Volume Information 2008-02-02 13:53:36 0 d-------- C:\Documents and Settings 2008-02-02 13:41:19 0 d-------- C:\WINDOWS 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\WinSxS 2008-02-02 13:41:19 0 dr------- C:\WINDOWS\Web 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\twain_32 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\wins 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\wbem 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\usmt 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\spool 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\ShellExt 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\Setup 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\ras 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\oobe 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\npp 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\mui 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\inetsrv 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\IME 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\icsxml 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\ias 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\export 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\drivers 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\drivers\etc 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\drivers\disdn 2008-02-02 13:41:19 0 dr-hs--c- C:\WINDOWS\system32\dllcache 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\dhcp 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\config 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\3com_dmi 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\3076 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\2052 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1054 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1042 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1041 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1037 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1036 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1033 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1031 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1028 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1025 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\security 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Resources 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\repair 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Provisioning 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\PeerNet 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\pchealth 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\mui 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\msapps 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\msagent 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Media 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\java 2008-02-02 13:41:19 0 d--h----- C:\WINDOWS\inf 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\ime 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Help 2008-02-02 13:41:19 0 dr--s---- C:\WINDOWS\Fonts 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\ehome 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Driver Cache 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\dell 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Debug 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Cursors 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Connection Wizard 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Config 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\AppPatch 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\addins 2008-02-02 13:23:04 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Identities 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Voisinage réseau 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Voisinage d'impression 2008-02-02 13:22:58 0 dr-h----- C:\Documents and Settings\SIMOTHE\SendTo 2008-02-02 13:22:58 1835008 --ah----- C:\Documents and Settings\SIMOTHE\NTUSER.DAT 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Modèles 2008-02-02 13:22:58 0 dr------- C:\Documents and Settings\SIMOTHE\Mes documents 2008-02-02 13:22:58 0 dr------- C:\Documents and Settings\SIMOTHE\Menu Démarrer 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Local Settings 2008-02-02 13:22:58 0 dr------- C:\Documents and Settings\SIMOTHE\Favoris 2008-02-02 13:22:58 0 d--hs---- C:\Documents and Settings\SIMOTHE\Cookies 2008-02-02 13:22:58 0 d-------- C:\Documents and Settings\SIMOTHE\Bureau 2008-02-02 13:22:58 0 dr-h----- C:\Documents and Settings\SIMOTHE\Application Data 2008-02-02 13:21:57 0 d-------- C:\WINDOWS\SoftwareDistribution 2008-02-02 13:21:56 0 d-------- C:\WINDOWS\Prefetch 2008-02-02 13:21:55 0 d---s---- C:\WINDOWS\system32\Microsoft 2008-02-02 13:21:54 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT 2008-02-02 13:21:54 0 d--h----- C:\Documents and Settings\LocalService\Local Settings 2008-02-02 13:21:54 0 d--hs---- C:\Documents and Settings\LocalService\Cookies 2008-02-02 13:21:54 0 d-------- C:\Documents and Settings\LocalService\Application Data 2008-02-02 13:21:54 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft 2008-02-02 13:04:03 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT 2008-02-02 13:04:03 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings 2008-02-02 13:04:03 0 d---s---- C:\Documents and Settings\NetworkService\Cookies 2008-02-02 13:04:03 0 d-------- C:\Documents and Settings\NetworkService\Application Data 2008-02-02 13:04:03 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft 2008-02-02 13:02:20 0 d-------- C:\WINDOWS\system32\xircom 2008-02-02 13:02:20 0 d-------- C:\Program Files\microsoft frontpage 2008-02-02 13:02:13 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT 2008-02-02 13:02:13 0 d-------- C:\DELL 2008-02-02 13:02:06 0 d--h----- C:\WINDOWS\$hf_mig$ 2008-02-02 13:01:53 0 -rahs---- C:\MSDOS.SYS 2008-02-02 13:01:53 0 -rahs---- C:\IO.SYS 2008-02-02 13:01:53 0 --a------ C:\CONFIG.SYS 2008-02-02 13:01:53 0 --a------ C:\AUTOEXEC.BAT 2008-02-02 13:01:12 0 d--hs---- C:\Documents and Settings\All Users\DRM 2008-02-02 13:01:06 0 dr------- C:\WINDOWS\Offline Web Pages 2008-02-02 13:01:06 0 d---s---- C:\WINDOWS\Downloaded Program Files 2008-02-02 13:01:00 0 d--h----- C:\Program Files\WindowsUpdate 2008-02-02 13:00:57 0 d-------- C:\Program Files\Services en ligne 2008-02-02 13:00:46 0 d-------- C:\WINDOWS\system32\DirectX 2008-02-02 13:00:23 0 d---s---- C:\WINDOWS\Tasks 2008-02-02 13:00:22 0 d-------- C:\Program Files\Fichiers communs\MSSoap 2008-02-02 13:00:20 0 d-------- C:\WINDOWS\srchasst 2008-02-02 13:00:19 0 d-------- C:\WINDOWS\system32\Macromed 2008-02-02 13:00:14 0 d-------- C:\Program Files\Movie Maker 2008-02-02 13:00:09 0 d-------- C:\WINDOWS\system32\Restore 2008-02-02 12:59:41 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-02-02 12:59:26 0 d-------- C:\WINDOWS\Registration 2008-02-02 12:59:19 0 d-------- C:\Program Files\Online Services 2008-02-02 12:59:15 0 d-------- C:\Program Files\Messenger 2008-02-02 12:59:12 0 d-------- C:\Program Files\MSN Gaming Zone 2008-02-02 12:58:47 0 d-------- C:\Program Files\Windows NT 2008-02-02 12:58:45 0 d-------- C:\WINDOWS\system32\MsDtc 2008-02-02 12:58:44 0 d-------- C:\WINDOWS\system32\Com -- Find3M Report --------------------------------------------------------------- 2008-02-03 11:35:36 368076 --a------ C:\WINDOWS\system32\perfh00C.dat 2008-02-03 11:35:36 48856 --a------ C:\WINDOWS\system32\perfc00C.dat 2008-02-02 13:54:10 62 --ahs---- C:\Documents and Settings\SIMOTHE\Application Data\desktop.ini 2008-01-04 22:58:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-01-04 22:57:22 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2008-01-04 22:57:22 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-01-04 22:57:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2008-01-04 22:57:10 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2008-01-04 22:57:10 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2008-01-04 22:57:10 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2008-01-04 22:56:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [23/08/2004 14:49] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [14/10/2004 16:55] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [01/06/2007 17:19] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 14:00] "RTHDCPL"="RTHDCPL.EXE" [28/05/2007 16:32 C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [03/05/2005 18:43 C:\WINDOWS\Alcmtr.exe] "tsnp2std"="C:\WINDOWS\tsnp2std.exe" [19/06/2006 13:37] "snp2std"="C:\WINDOWS\vsnp2std.exe" [15/05/2006 15:52] "AGEIA PhysX SysTray"="C:\Program Files\AGEIA Technologies\TrayIcon.exe" [20/03/2006 20:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 11:00] "WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [14/10/2004 16:55] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:55] -- End of Deckard's System Scanner: finished at 2008-02-07 20:20:17 ------------ EXTRA.TXT : Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professionnel (build 2600) SP 2.0 Architecture: X86; Language: French CPU 0: Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz CPU 1: Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz Percentage of Memory in Use: 22% Physical Memory (total/avail): 2046.1 MiB / 1583.93 MiB Pagefile Memory (total/avail): 3938.98 MiB / 3583.41 MiB Virtual Memory (total/avail): 2047.88 MiB / 1897.02 MiB C: is Fixed (NTFS) - 295.03 GiB total, 263.8 GiB free. D: is Removable (No Media) E: is Removable (No Media) F: is Removable (No Media) G: is Removable (No Media) H: is CDROM (No Media) \\.\PHYSICALDRIVE0 - SAMSUNG HD321KJ - 298.09 GiB - 3 partitions \PARTITION0 - Unknown - 54.88 MiB \PARTITION1 (bootable) - Système de fichiers installable - 295.03 GiB - C: \PARTITION2 - Unknown - 3 GiB \\.\PHYSICALDRIVE1 - TEAC USB HS-CF Card USB Device \\.\PHYSICALDRIVE3 - TEAC USB HS-MS Card USB Device \\.\PHYSICALDRIVE4 - TEAC USB HS-SD Card USB Device \\.\PHYSICALDRIVE2 - TEAC USB HS-xD/SM USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FirstRunDisabled is set. AntivirusOverride is set. FirewallOverride is set. FW: BitDefender Internet Security v10 v7.2 (Softwin) Disabled AV: BitDefender Internet Security v10 v7.2 (Softwin) Disabled Outdated AV: avast! antivirus 4.7.1098 [VPS 080206-0] v4.7.1098 (ALWIL Software) Disabled [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\SIMOTHE\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=ORDI_DE_KEVIN ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\SIMOTHE LOGONSERVER=\\ORDI_DE_KEVIN NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Intel\DMIX PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f0b ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\SIMOTHE\LOCALS~1\Temp TMP=C:\DOCUME~1\SIMOTHE\LOCALS~1\Temp USERDOMAIN=ORDI_DE_KEVIN USERNAME=SIMOTHE USERPROFILE=C:\Documents and Settings\SIMOTHE windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- SIMOTHE (admin) Administrateur (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER --> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 1.3Mega USB2.0 PC Cam --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\Setup.exe" -l0x9 a-squared Anti-Malware 3.1 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe" Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe AGEIA PhysX v2.3.3 --> "C:\Program Files\AGEIA Technologies\uninstall.exe" avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup Barre d'outils MSN --> C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\mtbs.exe c CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Correctif pour Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe" Correctif Windows XP - KB839210 --> Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Dell Resource CD --> MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021} DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN eMule --> "C:\Program Files\eMule\Uninstall.exe" Everest Poker (Remove Only) --> C:\Program Files\Everest Poker\cstart.exe /uninstall Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe Gestionnaire Internet --> C:\PROGRA~1\Wanadoo\uninstall.exe Ghost Recon Advanced Warfighter --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}\setup.exe" -l0x40c High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" Intel(R) PRO Network Connections 12.1.12.0 --> MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1 Java 2 Runtime Environment, SE v1.4.0_03 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe" Anytext Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912812) --> Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" Navigateur Orange --> C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI Outil de connexion Wanadoo --> C:\PROGRA~1\Wanadoo\MessageDesinstallation.exe Wanadoo Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly Wanadoo Messager --> C:\PROGRA~1\WANADO~1\UNWISE.EXE C:\PROGRA~1\WANADO~1\INSTALL.LOG Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} ZTE ZXDSL852 --> "c:\program files\zte corporation\zxdsl852\setup.exe" -u -- Application Event Log ------------------------------------------------------- Event Record #/Type364 / Error Event Submitted/Written: 02/07/2008 08:14:56 PM Event ID/Source: 1002 / Application Hang Event Description: Application bloquée dss.exe, version 3.2.8.1, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Event Record #/Type363 / Error Event Submitted/Written: 02/07/2008 08:14:45 PM Event ID/Source: 1002 / Application Hang Event Description: Application bloquée GestionnaireInternet.exe, version 5.9.1.3, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Event Record #/Type362 / Error Event Submitted/Written: 02/07/2008 08:14:11 PM Event ID/Source: 1002 / Application Hang Event Description: Application bloquée GestionnaireInternet.exe, version 5.9.1.3, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Event Record #/Type361 / Error Event Submitted/Written: 02/07/2008 08:13:08 PM Event ID/Source: 1000 / Application Error Event Description: Application défaillante explorer.exe, version 6.0.2900.3156, module défaillant ntdll.dll, version 5.1.2600.2180, adresse de défaillance 0x00018fea. Traitement de l'événement propre au support pour [explorer.exe!ws!] Event Record #/Type342 / Success Event Submitted/Written: 02/07/2008 06:49:07 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type1459 / Warning Event Submitted/Written: 02/07/2008 04:51:35 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées. Event Record #/Type1436 / Warning Event Submitted/Written: 02/07/2008 03:04:01 PM Event ID/Source: 36 / W32Time Event Description: Le service de temps n'a pas pu synchroniser l'heure système de 49152 secondes car aucun fournisseur de temps n'a pu fournir de datage utilisable. L'horloge système n'est pas synchronisée. Event Record #/Type1435 / Warning Event Submitted/Written: 02/06/2008 09:09:54 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées. Event Record #/Type1408 / Error Event Submitted/Written: 02/06/2008 09:03:27 PM Event ID/Source: 7000 / Service Control Manager Event Description: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur : %%2 Event Record #/Type1407 / Error Event Submitted/Written: 02/06/2008 09:03:27 PM Event ID/Source: 7000 / Service Control Manager Event Description: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur : %%2 -- End of Deckard's System Scanner: finished at 2008-02-07 20:20:17 ------------ Merci d'avance. Revenir en haut de page Angeldark Equipe Sécurité Inscrit le: 23 Mai 2007 Message(s): 113 Posté le: 07 Fév 2008 21:56    Sujet du message: Tu as désinstallé Bitdefender ? Revenir en haut de page leoufdelife Newbie Inscrit le: 07 Fév 2008 Message(s): 10 Posté le: 07 Fév 2008 22:06    Sujet du message: Oui bitdefender etait désinstallé lorsque j'ai effectuer l'analyse avec Deckard's System Scanner. Merci d'avance. Revenir en haut de page Angeldark Equipe Sécurité Inscrit le: 23 Mai 2007 Message(s): 113 Posté le: 08 Fév 2008 20:21    Sujet du message: Tu as combien d'antivirus ? Revenir en haut de page leoufdelife Newbie Inscrit le: 07 Fév 2008 Message(s): 10 Posté le: 09 Fév 2008 1:24    Sujet du message: En temps normal j'ai avast, mais vu que je croyais avoir un virus j'en est téléchargé un autre pour voir si il trouvais quelque chose. Le fait est que dimanche j'ai formaté mon pc a cause de la meme chose et maintenant ça me refait exactement pareil Donc je sais plus quoi faire !! Merci d'avance. Revenir en haut de page Angeldark Equipe Sécurité Inscrit le: 23 Mai 2007 Message(s): 113 Posté le: 09 Fév 2008 13:41    Sujet du message: Ne garde qu'un antivirus puis refais un scan Hijackthis Revenir en haut de page leoufdelife Newbie Inscrit le: 07 Fév 2008 Message(s): 10 Posté le: 09 Fév 2008 15:26    Sujet du message: CE COUP CI JE N'EST EU QU'UN SEUL FICHIER (MAIN.TXT) Deckard's System Scanner v20071014.68 Run by SIMOTHE on 2008-02-09 14:24:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as SIMOTHE.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:24:24, on 09/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\AGEIA Technologies\TrayIcon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Wanadoo\GestionnaireInternet.exe C:\Program Files\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Wanadoo\Watch.exe C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe C:\Program Files\eMule\emule.exe H:\CAR STEREO DECODERS\DECODE\DEALZ4WHEELZ DECODERS UPDATED\MULTI\MULTI DECODER DEALZ4WHEELZ.exe C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Documents and Settings\SIMOTHE\Bureau\Fichiers téléchargés\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\SIMOTHE.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201959633031 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{02815B30-4017-45E2-A9DA-0F2FAD367739}: NameServer = 80.10.246.1 81.253.149.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{02815B30-4017-45E2-A9DA-0F2FAD367739}: NameServer = 80.10.246.1 81.253.149.2 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6706 bytes -- Files created between 2008-01-09 and 2008-02-09 ----------------------------- 2008-02-09 14:20:09 0 d-------- C:\Program Files\Trend Micro 2008-02-09 12:16:22 0 d-------- C:\Program Files\Attack on Pearl Harbor Demo 2008-02-09 12:06:39 0 d-------- C:\Alien Arena 2007 2008-02-07 20:16:06 81984 --a------ C:\WINDOWS\system32\bdod.bin 2008-02-07 20:02:55 0 d-------- C:\Program Files\Bit Defender - Internet Security v10+Serial 2008-02-07 16:55:56 0 dr-h----- C:\Documents and Settings\SIMOTHE\Recent 2008-02-07 16:50:13 0 d-------- C:\Program Files\Nouveau dossier 2008-02-07 16:34:55 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\DivX 2008-02-07 16:34:17 0 d-------- C:\Program Files\DivX 2008-02-06 21:03:23 36864 --a------ C:\WINDOWS\system32\IfHelper.dll <Not Verified; France Télécom R&D; IfHelper> 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression 2008-02-06 20:38:44 0 dr-h----- C:\Documents and Settings\Administrateur\SendTo 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Recent 2008-02-06 20:38:44 524288 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Modèles 2008-02-06 20:38:44 0 d-------- C:\Documents and Settings\Administrateur\Mes documents 2008-02-06 20:38:44 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer 2008-02-06 20:38:44 0 d--h----- C:\Documents and Settings\Administrateur\Local Settings 2008-02-06 20:38:44 0 d-------- C:\Documents and Settings\Administrateur\Favoris 2008-02-06 20:38:44 0 d--hs---- C:\Documents and Settings\Administrateur\Cookies 2008-02-06 20:38:44 0 d-------- C:\Documents and Settings\Administrateur\Bureau 2008-02-06 20:38:44 0 dr-h----- C:\Documents and Settings\Administrateur\Application Data 2008-02-06 20:38:44 0 d---s---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2008-02-06 19:43:22 0 d-------- C:\Program Files\a-squared Anti-Malware 2008-02-06 19:21:44 507904 --a------ C:\WINDOWS\TMUPDATE.DLL <Not Verified; Trend Micro Inc.; ActiveUpdate Module> 2008-02-06 19:21:43 69689 --a------ C:\WINDOWS\UNZIP.DLL <Not Verified; Trend Micro Inc.; Trend Active Update 1.32> 2008-02-06 19:21:43 286720 --a------ C:\WINDOWS\PATCH.EXE <Not Verified; Trend Micro Inc.; ActiveUpdate Module> 2008-02-06 17:19:32 0 d-------- C:\Program Files\Foxit Software 2008-02-05 16:59:41 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Help 2008-02-05 16:50:13 94208 --a------ C:\WINDOWS\system32\W32n50.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> 2008-02-05 16:50:13 16128 -----n--- C:\WINDOWS\system32\PCANDIS5.SYS <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> 2008-02-04 19:19:06 0 d--h----- C:\WINDOWS\PIF 2008-02-03 12:44:17 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; > 2008-02-03 12:42:03 0 d-------- C:\WINDOWS\system32\ageia 2008-02-03 12:42:03 0 d-------- C:\Program Files\AGEIA Technologies 2008-02-03 12:38:25 0 d-------- C:\Program Files\Ubisoft 2008-02-03 11:38:17 94208 --a------ C:\WINDOWS\amcap.exe <Not Verified; Microsoft Corporation; DirectX 8.1 Sample> 2008-02-03 11:38:12 262144 --a------ C:\WINDOWS\tsnp2std.exe <Not Verified; ; tsnp2std> 2008-02-03 11:38:10 147456 --a------ C:\WINDOWS\rsnp2std.dll <Not Verified; ; ResourceDLL> 2008-02-03 11:38:10 0 d-------- C:\Program Files\Fichiers communs\snp2std 2008-02-03 10:54:31 0 d-------- C:\WINDOWS\system32\fr-fr 2008-02-03 10:52:39 0 d-------- C:\WINDOWS\network diagnostic 2008-02-02 23:52:02 0 d-------- C:\WINDOWS\system32\PreInstall 2008-02-02 22:19:24 0 d-------- C:\Program Files\Everest Poker 2008-02-02 22:18:23 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2008-02-02 15:17:50 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Adobe 2008-02-02 15:16:05 0 d-------- C:\WINDOWS\system32\Lang 2008-02-02 15:16:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-02-02 15:14:53 49152 --a------ C:\WINDOWS\system32\ChCfg.exe 2008-02-02 15:14:41 0 d-------- C:\WINDOWS\system32\RTCOM 2008-02-02 15:14:10 0 d-------- C:\Program Files\Realtek 2008-02-02 15:14:02 520192 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library> 2008-02-02 15:14:02 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-02-02 15:02:53 0 d-------- C:\Program Files\eMule 2008-02-02 14:56:01 0 d-------- C:\Program Files\Windows Live 2008-02-02 14:56:01 0 d-------- C:\Program Files\Messenger Plus! Live 2008-02-02 14:51:03 0 d-------- C:\Program Files\MSN Apps 2008-02-02 14:49:45 0 d-------- C:\Documents and Settings\SIMOTHE\Contacts 2008-02-02 14:40:27 0 d--hs---- C:\Documents and Settings\SIMOTHE\UserData 2008-02-02 14:38:14 0 d-------- C:\Program Files\Alwil Software 2008-02-02 14:36:14 0 d-------- C:\Program Files\MSN Messenger 2008-02-02 14:22:19 0 d------c- C:\WINDOWS\system32\DRVSTORE 2008-02-02 14:22:12 0 d-------- C:\Intel 2008-02-02 14:21:37 0 d-------- C:\Program Files\Intel 2008-02-02 14:19:34 0 d-------- C:\WINDOWS\system32\vmm32 2008-02-02 14:19:34 0 d-------- C:\Program Files\Dell 2008-02-02 14:11:51 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Macromedia 2008-02-02 14:07:45 32768 --a------ C:\WINDOWS\system32\WooDial2000.dll <Not Verified; France Télécom R&D; Kit de Connexion et de Services> 2008-02-02 14:05:37 0 d-------- C:\Program Files\Zhongxing 2008-02-02 14:05:32 0 d-------- C:\WINDOWS\system32\ReinstallBackups 2008-02-02 14:05:13 0 d-------- C:\Program Files\ZXDSL852 2008-02-02 14:05:13 0 d-------- C:\Program Files\ntdll.dll 2008-02-02 14:05:11 0 d-------- C:\WINDOWS\system32\AlertModule 2008-02-02 14:05:07 40960 --a------ C:\WINDOWS\system32\FTRTSVC.exe <Not Verified; France Telecom; FTRTSVC NT Service> 2008-02-02 14:04:54 41068 -----n--- C:\WINDOWS\system32\ActPanel.dll 2008-02-02 14:04:53 0 d-------- C:\Program Files\Java 2008-02-02 14:04:53 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-02-02 14:04:51 0 d-------- C:\Program Files\Fichiers communs\InstallShield 2008-02-02 14:04:42 32768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll <Not Verified; Forefront, Incorporated; ffJmpWeb Dynamic Link Library> 2008-02-02 14:04:41 0 d-------- C:\Program Files\Wanadoo Messager 2008-02-02 14:03:53 0 d-------- C:\Program Files\Wanadoo 2008-02-02 13:54:31 0 d--hs---- C:\WINDOWS\Installer 2008-02-02 13:54:30 0 d-------- C:\Program Files\Fichiers communs\ODBC 2008-02-02 13:54:28 0 dr------- C:\Program Files 2008-02-02 13:54:28 0 d-------- C:\Program Files\Fichiers communs 2008-02-02 13:54:28 0 d-------- C:\Program Files\Fichiers communs\SpeechEngines 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Voisinage réseau 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Voisinage d'impression 2008-02-02 13:54:10 0 dr-h----- C:\Documents and Settings\Default User\SendTo 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Recent 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\Default User\Modèles 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\Default User\Mes documents 2008-02-02 13:54:10 0 dr------- C:\Documents and Settings\Default User\Menu Démarrer 2008-02-02 13:54:10 0 dr-h----- C:\Documents and Settings\Default User\Local Settings 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\Default User\Favoris 2008-02-02 13:54:10 0 d---s---- C:\Documents and Settings\Default User\Cookies 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\Default User\Bureau 2008-02-02 13:54:10 0 d--h----- C:\Documents and Settings\All Users\Modèles 2008-02-02 13:54:10 0 dr------- C:\Documents and Settings\All Users\Menu Démarrer 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\All Users\Favoris 2008-02-02 13:54:10 0 dr------- C:\Documents and Settings\All Users\Documents 2008-02-02 13:54:10 0 d-------- C:\Documents and Settings\All Users\Bureau 2008-02-02 13:54:01 0 d-------- C:\WINDOWS\system32\CatRoot2 2008-02-02 13:54:01 0 d-------- C:\WINDOWS\system32\CatRoot 2008-02-02 13:53:56 0 dr-h----- C:\Documents and Settings\Default User\Application Data 2008-02-02 13:53:56 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft 2008-02-02 13:53:56 0 dr-h----- C:\Documents and Settings\All Users\Application Data 2008-02-02 13:53:56 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-02-02 13:53:36 0 d--hs---- C:\System Volume Information 2008-02-02 13:53:36 0 d-------- C:\Documents and Settings 2008-02-02 13:41:19 0 d-------- C:\WINDOWS 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\WinSxS 2008-02-02 13:41:19 0 dr------- C:\WINDOWS\Web 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\twain_32 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\wins 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\wbem 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\usmt 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\spool 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\ShellExt 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\Setup 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\ras 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\oobe 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\npp 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\mui 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\inetsrv 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\IME 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\icsxml 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\ias 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\export 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\drivers 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\drivers\etc 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\drivers\disdn 2008-02-02 13:41:19 0 dr-hs--c- C:\WINDOWS\system32\dllcache 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\dhcp 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\config 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\3com_dmi 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\3076 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\2052 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1054 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1042 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1041 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1037 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1036 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1033 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1031 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1028 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system32\1025 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\system 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\security 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Resources 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\repair 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Provisioning 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\PeerNet 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\pchealth 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\mui 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\msapps 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\msagent 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Media 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\java 2008-02-02 13:41:19 0 d--h----- C:\WINDOWS\inf 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\ime 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Help 2008-02-02 13:41:19 0 dr--s---- C:\WINDOWS\Fonts 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\ehome 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Driver Cache 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\dell 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Debug 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Cursors 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Connection Wizard 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\Config 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\AppPatch 2008-02-02 13:41:19 0 d-------- C:\WINDOWS\addins 2008-02-02 13:23:04 0 d-------- C:\Documents and Settings\SIMOTHE\Application Data\Identities 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Voisinage réseau 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Voisinage d'impression 2008-02-02 13:22:58 0 dr-h----- C:\Documents and Settings\SIMOTHE\SendTo 2008-02-02 13:22:58 1835008 --ah----- C:\Documents and Settings\SIMOTHE\NTUSER.DAT 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Modèles 2008-02-02 13:22:58 0 dr------- C:\Documents and Settings\SIMOTHE\Mes documents 2008-02-02 13:22:58 0 dr------- C:\Documents and Settings\SIMOTHE\Menu Démarrer 2008-02-02 13:22:58 0 d--h----- C:\Documents and Settings\SIMOTHE\Local Settings 2008-02-02 13:22:58 0 dr------- C:\Documents and Settings\SIMOTHE\Favoris 2008-02-02 13:22:58 0 d--hs---- C:\Documents and Settings\SIMOTHE\Cookies 2008-02-02 13:22:58 0 d-------- C:\Documents and Settings\SIMOTHE\Bureau 2008-02-02 13:22:58 0 dr-h----- C:\Documents and Settings\SIMOTHE\Application Data 2008-02-02 13:21:57 0 d-------- C:\WINDOWS\SoftwareDistribution 2008-02-02 13:21:56 0 d-------- C:\WINDOWS\Prefetch 2008-02-02 13:21:55 0 d---s---- C:\WINDOWS\system32\Microsoft 2008-02-02 13:21:54 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT 2008-02-02 13:21:54 0 d--h----- C:\Documents and Settings\LocalService\Local Settings 2008-02-02 13:21:54 0 d--hs---- C:\Documents and Settings\LocalService\Cookies 2008-02-02 13:21:54 0 d-------- C:\Documents and Settings\LocalService\Application Data 2008-02-02 13:21:54 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft 2008-02-02 13:04:03 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT 2008-02-02 13:04:03 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings 2008-02-02 13:04:03 0 d---s---- C:\Documents and Settings\NetworkService\Cookies 2008-02-02 13:04:03 0 d-------- C:\Documents and Settings\NetworkService\Application Data 2008-02-02 13:04:03 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft 2008-02-02 13:02:20 0 d-------- C:\WINDOWS\system32\xircom 2008-02-02 13:02:20 0 d-------- C:\Program Files\microsoft frontpage 2008-02-02 13:02:13 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT 2008-02-02 13:02:13 0 d-------- C:\DELL 2008-02-02 13:02:06 0 d--h----- C:\WINDOWS\$hf_mig$ 2008-02-02 13:01:53 0 -rahs---- C:\MSDOS.SYS 2008-02-02 13:01:53 0 -rahs---- C:\IO.SYS 2008-02-02 13:01:53 0 --a------ C:\CONFIG.SYS 2008-02-02 13:01:53 0 --a------ C:\AUTOEXEC.BAT 2008-02-02 13:01:12 0 d--hs---- C:\Documents and Settings\All Users\DRM 2008-02-02 13:01:06 0 dr------- C:\WINDOWS\Offline Web Pages 2008-02-02 13:01:06 0 d---s---- C:\WINDOWS\Downloaded Program Files 2008-02-02 13:01:00 0 d--h----- C:\Program Files\WindowsUpdate 2008-02-02 13:00:57 0 d-------- C:\Program Files\Services en ligne 2008-02-02 13:00:46 0 d-------- C:\WINDOWS\system32\DirectX 2008-02-02 13:00:23 0 d---s---- C:\WINDOWS\Tasks 2008-02-02 13:00:22 0 d-------- C:\Program Files\Fichiers communs\MSSoap 2008-02-02 13:00:20 0 d-------- C:\WINDOWS\srchasst 2008-02-02 13:00:19 0 d-------- C:\WINDOWS\system32\Macromed 2008-02-02 13:00:14 0 d-------- C:\Program Files\Movie Maker 2008-02-02 13:00:09 0 d-------- C:\WINDOWS\system32\Restore 2008-02-02 12:59:41 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-02-02 12:59:26 0 d-------- C:\WINDOWS\Registration 2008-02-02 12:59:19 0 d-------- C:\Program Files\Online Services 2008-02-02 12:59:15 0 d-------- C:\Program Files\Messenger 2008-02-02 12:59:12 0 d-------- C:\Program Files\MSN Gaming Zone 2008-02-02 12:58:47 0 d-------- C:\Program Files\Windows NT 2008-02-02 12:58:45 0 d-------- C:\WINDOWS\system32\MsDtc 2008-02-02 12:58:44 0 d-------- C:\WINDOWS\system32\Com -- Find3M Report --------------------------------------------------------------- 2008-02-03 11:35:36 368076 --a------ C:\WINDOWS\system32\perfh00C.dat 2008-02-03 11:35:36 48856 --a------ C:\WINDOWS\system32\perfc00C.dat 2008-02-02 13:54:10 62 --ahs---- C:\Documents and Settings\SIMOTHE\Application Data\desktop.ini 2008-01-04 22:58:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-01-04 22:57:22 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100> 2008-01-04 22:57:22 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100> 2008-01-04 22:57:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®> 2008-01-04 22:57:10 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?> 2008-01-04 22:57:10 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®> 2008-01-04 22:57:10 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®> 2008-01-04 22:56:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [23/08/2004 14:49] "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [14/10/2004 16:55] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [01/06/2007 17:19] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 14:00] "RTHDCPL"="RTHDCPL.EXE" [28/05/2007 16:32 C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [03/05/2005 18:43 C:\WINDOWS\Alcmtr.exe] "tsnp2std"="C:\WINDOWS\tsnp2std.exe" [19/06/2006 13:37] "snp2std"="C:\WINDOWS\vsnp2std.exe" [15/05/2006 15:52] "AGEIA PhysX SysTray"="C:\Program Files\AGEIA Technologies\TrayIcon.exe" [20/03/2006 20:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 11:00] "WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [14/10/2004 16:55] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:55] -- End of Deckard's System Scanner: finished at 2008-02-09 14:24:54 ------------ MERCI Revenir en haut de page Angeldark Equipe Sécurité Inscrit le: 23 Mai 2007 Message(s): 113 Posté le: 10 Fév 2008 13:07    Sujet du message: Re, Désinstalle correctement Avast! pour le remplacer par AntiVir. Pourquoi changer ? Avast! vs AntiVir Fais un scan complet puis poste le rapport en fin d'analyse. AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic Revenir en haut de page leoufdelife Newbie Inscrit le: 07 Fév 2008 Message(s): 10 Posté le: 10 Fév 2008 13:42    Sujet du message: scan antivir VOICI LE SCAN ANTIVIR : AntiVir PersonalEdition Classic Report file date: dimanche 10 février 2008 12:27 Scanning for 1096761 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: SYSTEM Computer name: ORDI_DE_KEVIN Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 11:27:22 ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 11:27:22 ANTIVIR3.VDF : 7.0.2.114 2048 Bytes 08/02/2008 11:27:22 AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 10/02/2008 11:27:23 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 10/02/2008 11:27:23 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personale