A voir également:
- Bagle et autres virus (?)
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Softonic virus ✓ - Forum Virus
- Virus mcafee - Accueil - Piratage
67 réponses
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 20:48
3 janv. 2009 à 20:48
MBAM fait son scan. Il y a deja 11 elements infectes trouvés, mais ca va durer longtemps !
J'ai supprimer manuellement le dossier Eorezo.
J'ai supprimer manuellement le dossier Eorezo.
Utilisateur anonyme
3 janv. 2009 à 20:53
3 janv. 2009 à 20:53
Re,
Cela dépend pour la durée de malwarebyte.
Por eorezo on verra sa .....
Cela dépend pour la durée de malwarebyte.
Por eorezo on verra sa .....
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 21:35
3 janv. 2009 à 21:35
Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1602
Windows 5.1.2600 Service Pack 2
03/01/2009 21:36:38
mbam-log-2009-01-03 (21-36-38).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 290628
Temps écoulé: 1 hour(s), 52 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 11
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\PATCH\Adobe PhotoShop CS3 Extended Keygen + Activation.exe (Trojan.Horst) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP237\A0061508.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP257\A0064575.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0070650.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0070676.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0070939.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0072084.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0072826.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0072935.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Bureau\ProgDVB_v4_85_1_Elecard_Edition_Bilingual_Incl_Keygen-ViRiLiTY\ProgDVB.v4.85.1.Elecard.Edition.Bilingual.Incl.Keygen-ViRiLiTY\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Mes documents\aaaaaaaaaaaaaaaaaaaaa\Nouveau dossier (6)\Adobe_PhotoShop_CS3_Extended_Keygen_+_Activation\Adobe PhotoShop CS3 Extended Keygen + Activation.exe (Trojan.Horst) -> Quarantined and deleted successfully.
Version de la base de données: 1602
Windows 5.1.2600 Service Pack 2
03/01/2009 21:36:38
mbam-log-2009-01-03 (21-36-38).txt
Type de recherche: Examen complet (C:\|)
Eléments examinés: 290628
Temps écoulé: 1 hour(s), 52 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 11
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\PATCH\Adobe PhotoShop CS3 Extended Keygen + Activation.exe (Trojan.Horst) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP237\A0061508.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP257\A0064575.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0070650.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0070676.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0070939.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0072084.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0072826.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{32266830-72AB-4604-A512-F068B952947D}\RP264\A0072935.exe (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Bureau\ProgDVB_v4_85_1_Elecard_Edition_Bilingual_Incl_Keygen-ViRiLiTY\ProgDVB.v4.85.1.Elecard.Edition.Bilingual.Incl.Keygen-ViRiLiTY\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Mes documents\aaaaaaaaaaaaaaaaaaaaa\Nouveau dossier (6)\Adobe_PhotoShop_CS3_Extended_Keygen_+_Activation\Adobe PhotoShop CS3 Extended Keygen + Activation.exe (Trojan.Horst) -> Quarantined and deleted successfully.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
3 janv. 2009 à 21:36
3 janv. 2009 à 21:36
Re,
OKI.
Redémarre ton pc et refait un log avec RSIT.
Poste le rapport RSIT en trois fois STP.
OKI.
Redémarre ton pc et refait un log avec RSIT.
Poste le rapport RSIT en trois fois STP.
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 21:39
3 janv. 2009 à 21:39
------- Logfile of AD-Remover 1.0.8.4 by C_XX | ONLY XP/VISTA -------
# START at: 21:40:25 | Sam 03/01/2009 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: PAPA | USER: Administrateur ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.5730.13
# RUNNING PROCESSES: 44
+-----------------------| Boonty/Boonty Games Elements found :
.
.
+-----------------------| Eorezo Elements found :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Administrateur\Application Data\EoRezo
C:\Documents and Settings\Administrateur\Application Data\EoRezo\cache
C:\Documents and Settings\Administrateur\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\db
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoStats
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\towns.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoStats\eoStats.txt
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\EoWeather.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\67_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\67_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\69_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\69_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\70_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\70_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\78_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\78_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\82_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\82_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\83_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\83_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\84_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\84_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\85_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\85_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\89_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\89_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\back.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_1.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_1days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_2days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_7days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\backPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\band.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\band_small.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\close.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\closePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\earth.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\fonds_‚cran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\help.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\minimise.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\next.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\option.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\small_background.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\about.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\back.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\close.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_‚cran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\help.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\next.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\option.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
+-----------------------| Everest Poker Elements found :
.
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
.
.
+-----------------------| It's TV Elements found :
HKCU\SOFTWARE\ItsLabel
.
C:\Documents and Settings\Administrateur\Application Data\ItsLabel
C:\Documents and Settings\Administrateur\Application Data\ItsLabel\ItsTV
C:\Documents and Settings\Administrateur\Application Data\ItsLabel\ItsTV\itsTV.xml
+-----------------------| Sweetim Elements found :
.
.
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
..\2yf90odo.default\prefs.js :
~~~~ Mozilla FireFox version 2.0.0.14 ~~~~
* Browser Startup HomePage: "https://www.orange.fr/portail"
.
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.wanadoo.fr/
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~13317 bytes] - "C:\AD-report-Scan-03.01.2009.log"
# END at: 21:40:39 | 03/01/2009 - Time elapsed: 13.5 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 159 lines ]
+---------------------------------------------------------------------------+
# START at: 21:40:25 | Sam 03/01/2009 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: PAPA | USER: Administrateur ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.5730.13
# RUNNING PROCESSES: 44
+-----------------------| Boonty/Boonty Games Elements found :
.
.
+-----------------------| Eorezo Elements found :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Administrateur\Application Data\EoRezo
C:\Documents and Settings\Administrateur\Application Data\EoRezo\cache
C:\Documents and Settings\Administrateur\Application Data\EoRezo\cmhost.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\ConfMedia.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\db
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoStats
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\host.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\towns.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\user.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\db\cat.cyp
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop\config.xml
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Administrateur\Application Data\EoRezo\eoStats\eoStats.txt
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\EoWeather.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\EoWeatherVal_02EC282.cfg
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\67_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\67_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\69_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\69_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\70_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\70_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\78_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\78_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\82_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\82_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\83_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\83_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\84_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\84_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\85_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\85_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\89_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\89_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\back.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_1.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_1days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_2days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\background_7days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\backPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\band.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\band_small.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\close.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\closePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionBackground.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\dayPrevisionClose.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\earth.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\fonds_‚cran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\help.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\helpPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\minimise.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\minimisePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\next.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\nextPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\option.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\optionPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\reflet_ecran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\small_background.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_classic\Thumbs.db
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\67_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\67_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\69_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\69_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\70_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\70_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\78_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\78_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\82_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\82_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\83_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\83_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\84_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\84_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\85_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\85_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\89_day.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\89_night.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\about.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\back.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_1.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_1days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_2days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\background_7days.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\backPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\close.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\closePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionBackground.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\dayPrevisionClose.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\earth.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\fonds_‚cran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\help.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\helpPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\minimise.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\minimisePressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\next.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\nextPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\option.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\optionPressed.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\reflet_ecran.png
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\Thumbs.db
C:\Documents and Settings\Administrateur\Application Data\EoRezo\EoWeather\images_station_meteo\txt_14x13.png
+-----------------------| Everest Poker Elements found :
.
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements found :
.
.
+-----------------------| It's TV Elements found :
HKCU\SOFTWARE\ItsLabel
.
C:\Documents and Settings\Administrateur\Application Data\ItsLabel
C:\Documents and Settings\Administrateur\Application Data\ItsLabel\ItsTV
C:\Documents and Settings\Administrateur\Application Data\ItsLabel\ItsTV\itsTV.xml
+-----------------------| Sweetim Elements found :
.
.
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
..\2yf90odo.default\prefs.js :
~~~~ Mozilla FireFox version 2.0.0.14 ~~~~
* Browser Startup HomePage: "https://www.orange.fr/portail"
.
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.wanadoo.fr/
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~13317 bytes] - "C:\AD-report-Scan-03.01.2009.log"
# END at: 21:40:39 | 03/01/2009 - Time elapsed: 13.5 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 159 lines ]
+---------------------------------------------------------------------------+
Utilisateur anonyme
3 janv. 2009 à 21:41
3 janv. 2009 à 21:41
Re,
Tu as était plus vite que moi pour AD-REMOVER!!
Maintenant:
▶ /!\ Déconnectes toi et fermes toutes applications en cours /!\
▶ Relances "Ad-remover" : au menu principal choisi l'option "B" .
http://apu.mabul.org/up/apu/2008/11/19/img-221318q2g03.jpg
▶ Ensuite coche:
EoRezo
It's TV
▶ Puis "S"
▶ le programme va travailler ...
▶ Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
Tu as était plus vite que moi pour AD-REMOVER!!
Maintenant:
▶ /!\ Déconnectes toi et fermes toutes applications en cours /!\
▶ Relances "Ad-remover" : au menu principal choisi l'option "B" .
http://apu.mabul.org/up/apu/2008/11/19/img-221318q2g03.jpg
▶ Ensuite coche:
EoRezo
It's TV
▶ Puis "S"
▶ le programme va travailler ...
▶ Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 21:46
3 janv. 2009 à 21:46
Du coup je ne fais pas le RSIT ? La je l'ai eteint pour qu'il redemarre.
Utilisateur anonyme
3 janv. 2009 à 21:47
3 janv. 2009 à 21:47
Re,
Tu fait AD-REMOVER option B et ensuite tu me poste le rapport générer et ensuite tu redémarre ton pc et tu refait
un log avec RSIT.
Aussi dit moi comment va ton PC ?
Tu fait AD-REMOVER option B et ensuite tu me poste le rapport générer et ensuite tu redémarre ton pc et tu refait
un log avec RSIT.
Aussi dit moi comment va ton PC ?
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:05
3 janv. 2009 à 22:05
J'ai appuyé sur S, mais la fenetre se ferme et puis meme 10 min apres rien ne s'ouvre ! Je fais comment ?
Le PC semble mieux!
Le PC semble mieux!
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:24
3 janv. 2009 à 22:24
J'ai du tout coché, sinon ca ne marchait pas.
Il indique "Nettoyage des fichiers temporaires"
Il indique "Nettoyage des fichiers temporaires"
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:26
3 janv. 2009 à 22:26
------- Logfile of AD-Remover 1.0.8.4 by C_XX | ONLY XP/VISTA -------
*** Limited to ***
Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
It's TV
Sweetim
******************
# START at: 22:22:51 | Sam 03/01/2009 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: PAPA | USER: Administrateur ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.5730.13
# RUNNING PROCESSES: 45
(!) ---- IE start pages reset
+-----------------------| Boonty/Boonty Games Elements Deleted :
.
.
+-----------------------| Eorezo Elements Deleted :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Administrateur\Application Data\EoRezo
+-----------------------| Everest Poker Elements Deleted :
.
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :
.
.
+-----------------------| It's TV Elements Deleted :
HKCU\SOFTWARE\ItsLabel
.
C:\Documents and Settings\Administrateur\Application Data\ItsLabel
+-----------------------| Sweetim Elements Deleted :
.
.
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
..\2yf90odo.default\prefs.js :
~~~~ Mozilla FireFox version 2.0.0.14 ~~~~
* Browser Startup HomePage: "https://www.orange.fr/portail"
.
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~2345 bytes] - "C:\AD-report-Clean-03.01.2009.log"
[~13653 bytes] - "C:\AD-report-Scan-03.01.2009.log"
# END at: 22:27:30 | 03/01/2009 - Time elapsed: 4 minutes, 38 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 60 lines ]
+---------------------------------------------------------------------------+
*** Limited to ***
Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
It's TV
Sweetim
******************
# START at: 22:22:51 | Sam 03/01/2009 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: PAPA | USER: Administrateur ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
# Internet Explorer v7.0.5730.13
# RUNNING PROCESSES: 45
(!) ---- IE start pages reset
+-----------------------| Boonty/Boonty Games Elements Deleted :
.
.
+-----------------------| Eorezo Elements Deleted :
.
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
.
C:\Documents and Settings\Administrateur\Application Data\EoRezo
+-----------------------| Everest Poker Elements Deleted :
.
.
+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :
.
.
+-----------------------| It's TV Elements Deleted :
HKCU\SOFTWARE\ItsLabel
.
C:\Documents and Settings\Administrateur\Application Data\ItsLabel
+-----------------------| Sweetim Elements Deleted :
.
.
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+-----------------------| ADDED SCAN :
+---------- Scanning prefs.js ... ( # Mozilla User Preferences )
..\2yf90odo.default\prefs.js :
~~~~ Mozilla FireFox version 2.0.0.14 ~~~~
* Browser Startup HomePage: "https://www.orange.fr/portail"
.
+---------------------------------------------------------------------------+
+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]
Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]
Start Page : hxxp://fr.msn.com/
+---------------------------------------------------------------------------+
[~2345 bytes] - "C:\AD-report-Clean-03.01.2009.log"
[~13653 bytes] - "C:\AD-report-Scan-03.01.2009.log"
# END at: 22:27:30 | 03/01/2009 - Time elapsed: 4 minutes, 38 seconds
+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 60 lines ]
+---------------------------------------------------------------------------+
Utilisateur anonyme
3 janv. 2009 à 22:28
3 janv. 2009 à 22:28
Re,
OK merci pour l'info.
Refait un log avec RSIT.=>poste le en trois fois;
OK merci pour l'info.
Refait un log avec RSIT.=>poste le en trois fois;
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:33
3 janv. 2009 à 22:33
Comment ca en trois fois je le coupe en plusieurs parties !?
A chaque redemarrage, je dois reappuyer sur le bouton Power, car il se bloque toujours sur "Fermeture de Windows" !
A chaque redemarrage, je dois reappuyer sur le bouton Power, car il se bloque toujours sur "Fermeture de Windows" !
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:34
3 janv. 2009 à 22:34
Logfile of random's system information tool 1.05 (written by random/random)
Run by Administrateur at 2009-01-03 22:34:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 82 GB (27%) free of 305 GB
Total RAM: 1023 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:26, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FMZilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://photosgalerie.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - http://www.cig.canon-europe.com/ph/fr_FR/st/download/ddup/CNIMGUP_01_210102F.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.agelia.com/consulter/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Run by Administrateur at 2009-01-03 22:34:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 82 GB (27%) free of 305 GB
Total RAM: 1023 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:26, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrateur.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FMZilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://photosgalerie.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - http://www.cig.canon-europe.com/ph/fr_FR/st/download/ddup/CNIMGUP_01_210102F.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.agelia.com/consulter/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:35
3 janv. 2009 à 22:35
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2006-09-22 817976]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"mRouterConfig"=C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"OrangePlayer"=c:\program files\orange\player orange\Orange Player.exe [2007-07-06 45056]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1211176]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
ProfileReminder.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
FMZilla.lnk - C:\Program Files\Free Music Zilla\FMZilla.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MacDrive-iTunes compatibility]
C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll [2003-11-07 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2006-03-02 240128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\UBISOFT\SCRABBLE® Interactif EDITION 2007\Scrabble2007.exe"="C:\Program Files\UBISOFT\SCRABBLE® Interactif EDITION 2007\Scrabble2007.exe:*:Enabled:SCRABBLE® Interactif EDITION 2007"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Program Files\Sony Ericsson\Update Service\ma3platform.exe"="C:\Program Files\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform"
"C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe"="C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Documents and Settings\Administrateur\Mes documents\installer-38284-845-Open-Office-complet-en-francais-French.exe"="C:\Documents and Settings\Administrateur\Mes documents\installer-38284-845-Open-Office-complet-en-francais-French.exe:*:Enabled:installer-38284-845-Open-Office-complet-en-francais-French"
"C:\Documents and Settings\Administrateur\Mes documents\open office\installer-38284-845-Open-Office-complet-en-francais-French.exe"="C:\Documents and Settings\Administrateur\Mes documents\open office\installer-38284-845-Open-Office-complet-en-francais-French.exe:*:Enabled:installer-38284-845-Open-Office-complet-en-francais-French"
"C:\PVSW\Bin\w3dbsmgr.exe"="C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager"
"C:\Program Files\TribalWeb\tribalweb.exe"="C:\Program Files\TribalWeb\tribalweb.exe:*:Enabled:tribalweb"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\ProgDVBjanvier2008\ProgDvbNet.exe"="C:\Program Files\ProgDVBjanvier2008\ProgDvbNet.exe:*:Enabled:ProgDvbNet"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla Module"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\DMV\MaxTV\MaxTV.exe"="C:\Program Files\DMV\MaxTV\MaxTV.exe:*:Enabled:MaxTV"
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe"="C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Disabled:Orb Application"
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Disabled:Orb"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\PVSW\Bin\w3dbsmgr.exe"="C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2009-01-03 21:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-03 21:56:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-03 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-03 21:54:26 ----A---- C:\WINDOWS\imsins.BAK
2009-01-03 21:39:54 ----D---- C:\Program Files\Ad-remover
2009-01-03 20:31:29 ----SHD---- C:\RECYCLER
2009-01-03 19:12:26 ----A---- C:\UsbFix.txt
2009-01-03 18:40:28 ----D---- C:\Program Files\UsbFix
2009-01-03 18:28:26 ----D---- C:\rsit
2009-01-03 18:23:22 ----D---- C:\WINDOWS\temp
2009-01-03 18:23:17 ----A---- C:\ComboFix.txt
2009-01-03 18:02:19 ----RASHD---- C:\cmdcons
2009-01-03 18:00:01 ----A---- C:\WINDOWS\zip.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\VFIND.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\SWSC.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\SWREG.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\sed.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\grep.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\fdsv.exe
2009-01-03 17:59:55 ----D---- C:\WINDOWS\ERDNT
2009-01-03 17:59:55 ----D---- C:\Qoobox
2009-01-03 17:27:11 ----A---- C:\FindyKill.txt
2009-01-03 17:12:49 ----D---- C:\Avenger
2009-01-03 15:35:30 ----D---- C:\Program Files\Trend Micro
2009-01-03 15:08:10 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-01-03 15:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-03 15:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-03 15:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-03 15:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-03 15:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-03 15:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-03 15:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-03 15:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
2009-01-03 15:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-03 15:03:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-03 15:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-03 15:03:24 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-03 15:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-03 15:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-03 15:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-03 15:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-03 15:02:28 ----D---- C:\Program Files\MSXML 4.0
2009-01-03 15:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-01-03 13:57:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-01-03 13:57:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-03 13:57:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-03 13:37:05 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2009-01-03 13:37:02 ----A---- C:\WINDOWS\gmer.exe
2009-01-03 13:10:51 ----D---- C:\Program Files\FindyKill
2009-01-03 00:28:07 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-30 01:33:02 ----D---- C:\Documents and Settings\Administrateur\Application Data\com.orange.clip2mobile.0B79F3AA8BA7B28571920BBC33ADF06D54740292.1
2008-12-30 01:32:50 ----D---- C:\Program Files\Clip2Mobile
2008-12-30 01:32:40 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2008-12-25 00:32:31 ----A---- C:\WINDOWS\GraphiSoftware Uninstaller.exe
2008-12-25 00:29:25 ----D---- C:\Program Files\GraphiSoftware
2008-12-19 00:06:11 ----A---- C:\SIGNATURES.txt
2008-12-18 23:39:59 ----D---- C:\Cut FTP pro
2008-12-18 23:30:51 ----A---- C:\Crack.exe
2008-12-18 22:59:43 ----D---- C:\CuteFTP.Pro.v8.3.2.Build.09.02.2008.1-NoPE
2008-12-17 23:02:42 ----D---- C:\Program Files\Fichiers communs\Ciel
2008-12-14 00:02:55 ----D---- C:\Program Files\Fichiers communs\FontLab
2008-12-14 00:02:54 ----D---- C:\Program Files\FontLab
2008-12-13 00:21:24 ----D---- C:\PATCH
2008-12-12 23:38:44 ----A---- C:\Kernel.dll
2008-12-12 23:14:29 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2008-12-12 23:14:29 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\px.dll
2008-12-08 22:44:54 ----D---- C:\Program Files\Extensis
2008-12-05 00:29:49 ----D---- C:\WINDOWS\system32\QuickTime
2008-12-04 22:45:03 ----D---- C:\Documents and Settings\All Users\Application Data\Quark
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2006-09-22 817976]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"mRouterConfig"=C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"OrangePlayer"=c:\program files\orange\player orange\Orange Player.exe [2007-07-06 45056]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1211176]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
ProfileReminder.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
FMZilla.lnk - C:\Program Files\Free Music Zilla\FMZilla.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MacDrive-iTunes compatibility]
C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll [2003-11-07 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2006-03-02 240128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\UBISOFT\SCRABBLE® Interactif EDITION 2007\Scrabble2007.exe"="C:\Program Files\UBISOFT\SCRABBLE® Interactif EDITION 2007\Scrabble2007.exe:*:Enabled:SCRABBLE® Interactif EDITION 2007"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\Program Files\Sony Ericsson\Update Service\ma3platform.exe"="C:\Program Files\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform"
"C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe"="C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe:*:Enabled:DXP SyncML Module"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:Partage de l'application RTC"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix"
"C:\Documents and Settings\Administrateur\Mes documents\installer-38284-845-Open-Office-complet-en-francais-French.exe"="C:\Documents and Settings\Administrateur\Mes documents\installer-38284-845-Open-Office-complet-en-francais-French.exe:*:Enabled:installer-38284-845-Open-Office-complet-en-francais-French"
"C:\Documents and Settings\Administrateur\Mes documents\open office\installer-38284-845-Open-Office-complet-en-francais-French.exe"="C:\Documents and Settings\Administrateur\Mes documents\open office\installer-38284-845-Open-Office-complet-en-francais-French.exe:*:Enabled:installer-38284-845-Open-Office-complet-en-francais-French"
"C:\PVSW\Bin\w3dbsmgr.exe"="C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager"
"C:\Program Files\TribalWeb\tribalweb.exe"="C:\Program Files\TribalWeb\tribalweb.exe:*:Enabled:tribalweb"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\ProgDVBjanvier2008\ProgDvbNet.exe"="C:\Program Files\ProgDVBjanvier2008\ProgDvbNet.exe:*:Enabled:ProgDvbNet"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Free Music Zilla\FMZilla.exe"="C:\Program Files\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla Module"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\DMV\MaxTV\MaxTV.exe"="C:\Program Files\DMV\MaxTV\MaxTV.exe:*:Enabled:MaxTV"
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe"="C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Disabled:Orb Application"
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Disabled:Orb"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\PVSW\Bin\w3dbsmgr.exe"="C:\PVSW\Bin\w3dbsmgr.exe:*:Enabled:Database Service Manager"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2009-01-03 21:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-03 21:56:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-03 21:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-03 21:54:26 ----A---- C:\WINDOWS\imsins.BAK
2009-01-03 21:39:54 ----D---- C:\Program Files\Ad-remover
2009-01-03 20:31:29 ----SHD---- C:\RECYCLER
2009-01-03 19:12:26 ----A---- C:\UsbFix.txt
2009-01-03 18:40:28 ----D---- C:\Program Files\UsbFix
2009-01-03 18:28:26 ----D---- C:\rsit
2009-01-03 18:23:22 ----D---- C:\WINDOWS\temp
2009-01-03 18:23:17 ----A---- C:\ComboFix.txt
2009-01-03 18:02:19 ----RASHD---- C:\cmdcons
2009-01-03 18:00:01 ----A---- C:\WINDOWS\zip.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\VFIND.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\SWSC.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\SWREG.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\sed.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\NIRCMD.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\grep.exe
2009-01-03 18:00:01 ----A---- C:\WINDOWS\fdsv.exe
2009-01-03 17:59:55 ----D---- C:\WINDOWS\ERDNT
2009-01-03 17:59:55 ----D---- C:\Qoobox
2009-01-03 17:27:11 ----A---- C:\FindyKill.txt
2009-01-03 17:12:49 ----D---- C:\Avenger
2009-01-03 15:35:30 ----D---- C:\Program Files\Trend Micro
2009-01-03 15:08:10 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-01-03 15:04:37 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-03 15:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-03 15:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-03 15:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-01-03 15:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-03 15:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-03 15:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-03 15:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
2009-01-03 15:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-03 15:03:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-03 15:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-03 15:03:24 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-03 15:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-03 15:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-03 15:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-03 15:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-03 15:02:28 ----D---- C:\Program Files\MSXML 4.0
2009-01-03 15:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-01-03 13:57:31 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
2009-01-03 13:57:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-03 13:57:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-03 13:37:05 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2009-01-03 13:37:02 ----A---- C:\WINDOWS\gmer.exe
2009-01-03 13:10:51 ----D---- C:\Program Files\FindyKill
2009-01-03 00:28:07 ----D---- C:\WINDOWS\BDOSCAN8
2008-12-30 01:33:02 ----D---- C:\Documents and Settings\Administrateur\Application Data\com.orange.clip2mobile.0B79F3AA8BA7B28571920BBC33ADF06D54740292.1
2008-12-30 01:32:50 ----D---- C:\Program Files\Clip2Mobile
2008-12-30 01:32:40 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2008-12-25 00:32:31 ----A---- C:\WINDOWS\GraphiSoftware Uninstaller.exe
2008-12-25 00:29:25 ----D---- C:\Program Files\GraphiSoftware
2008-12-19 00:06:11 ----A---- C:\SIGNATURES.txt
2008-12-18 23:39:59 ----D---- C:\Cut FTP pro
2008-12-18 23:30:51 ----A---- C:\Crack.exe
2008-12-18 22:59:43 ----D---- C:\CuteFTP.Pro.v8.3.2.Build.09.02.2008.1-NoPE
2008-12-17 23:02:42 ----D---- C:\Program Files\Fichiers communs\Ciel
2008-12-14 00:02:55 ----D---- C:\Program Files\Fichiers communs\FontLab
2008-12-14 00:02:54 ----D---- C:\Program Files\FontLab
2008-12-13 00:21:24 ----D---- C:\PATCH
2008-12-12 23:38:44 ----A---- C:\Kernel.dll
2008-12-12 23:14:29 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2008-12-12 23:14:29 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-12-12 23:14:28 ----N---- C:\WINDOWS\system32\px.dll
2008-12-08 22:44:54 ----D---- C:\Program Files\Extensis
2008-12-05 00:29:49 ----D---- C:\WINDOWS\system32\QuickTime
2008-12-04 22:45:03 ----D---- C:\Documents and Settings\All Users\Application Data\Quark
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:36
3 janv. 2009 à 22:36
======List of files/folders modified in the last 1 months======
2009-01-03 22:33:59 ----D---- C:\Program Files\Free Music Zilla
2009-01-03 22:33:51 ----D---- C:\WINDOWS
2009-01-03 22:30:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-03 22:20:38 ----D---- C:\WINDOWS\system32\NtmsData
2009-01-03 22:20:28 ----D---- C:\WINDOWS\system32
2009-01-03 22:08:59 ----D---- C:\downloads
2009-01-03 21:57:04 ----HD---- C:\WINDOWS\inf
2009-01-03 21:57:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-03 21:56:40 ----D---- C:\Program Files\Internet Explorer
2009-01-03 21:56:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-03 21:56:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-03 21:54:19 ----D---- C:\Program Files\Orb Networks
2009-01-03 21:53:57 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-01-03 21:53:40 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-03 21:49:23 ----D---- C:\Program Files\GetRight
2009-01-03 21:39:54 ----RD---- C:\Program Files
2009-01-03 19:31:45 ----HD---- C:\WINDOWS\system32\drivers
2009-01-03 19:13:16 ----D---- C:\WINDOWS\Prefetch
2009-01-03 18:15:31 ----A---- C:\WINDOWS\system.ini
2009-01-03 18:05:28 ----D---- C:\WINDOWS\system32\config
2009-01-03 18:04:50 ----D---- C:\WINDOWS\AppPatch
2009-01-03 18:04:50 ----D---- C:\Program Files\Fichiers communs
2009-01-03 18:04:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-03 18:02:25 ----RASH---- C:\boot.ini
2009-01-03 17:47:00 ----D---- C:\WINDOWS\Minidump
2009-01-03 17:47:00 ----D---- C:\WINDOWS\Debug
2009-01-03 17:44:34 ----D---- C:\Program Files\CCleaner
2009-01-03 17:34:52 ----D---- C:\QuarkXPress73installer_Win
2009-01-03 17:34:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-03 15:12:45 ----SHD---- C:\WINDOWS\Installer
2009-01-03 15:12:45 ----SHD---- C:\Config.Msi
2009-01-03 15:12:43 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-03 15:04:38 ----D---- C:\Program Files\Messenger
2009-01-03 15:03:24 ----D---- C:\WINDOWS\WinSxS
2009-01-03 14:20:28 ----D---- C:\WINDOWS\Help
2009-01-03 13:04:50 ----A---- C:\WINDOWS\win.ini
2008-12-30 01:32:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-30 01:31:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2008-12-22 01:38:38 ----D---- C:\TELEX2
2008-12-21 13:58:16 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-19 23:54:04 ----D---- C:\MARIE
2008-12-19 00:42:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\LimeWire
2008-12-18 22:09:55 ----D---- C:\Données Ciel
2008-12-17 22:31:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 23:59:36 ----D---- C:\Video Center
2008-12-12 23:14:10 ----D---- C:\Program Files\Adobe
2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-08 23:59:26 ----D---- C:\Program Files\AVS4YOU
2008-12-08 23:41:38 ----D---- C:\Program Files\Movies2iPhone
2008-12-08 22:44:54 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-05 00:28:58 ----D---- C:\Program Files\Quark
2008-12-04 22:47:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\Quark
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320]
R1 MDFSYSNT;MDFSYSNT; C:\WINDOWS\system32\drivers\MDFSYSNT.sys [2005-11-07 209152]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2003-09-15 9728]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R2 PDIHWCTL;PDIHWCTL; \??\C:\WINDOWS\system32\drivers\pdihwctl.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2003-03-28 3840]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-03-11 35936]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-01-16 10368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-08-31 21760]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SAA7146n;TT DVB-PCI driver (SAA7146n); C:\WINDOWS\system32\DRIVERS\saa7146n.sys [2004-09-13 65840]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TTLOOPHE;Virtual DVB-S/-C/-T Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\ttloophe.sys [2004-11-08 39284]
R3 USB_RNDIS;Inventel Gateway; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2006-03-02 12672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2006-03-02 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2006-03-02 100992]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 catchme;catchme; \??\C:\killbagle\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hideproc;hideproc; \??\C:\WINDOWS\system32\Drivers\hideproc.sys []
S3 i1;i1 Pro; C:\WINDOWS\System32\Drivers\i1.sys [2003-11-27 26045]
S3 i1display;i1 Display; C:\WINDOWS\System32\Drivers\i1display.sys [2004-10-15 44344]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2006-03-02 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2006-03-02 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2006-03-02 11136]
S3 sonypvs1;Sony Digital Imaging Video2; C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 102220]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2006-03-02 15360]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2004-08-03 12672]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-02 32128]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2006-07-25 66656]
S3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2006-07-25 53408]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2006-07-25 9264]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2006-07-25 100640]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2006-07-25 100672]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2006-07-25 84960]
S4 Imagedrv;Imagedrv; C:\WINDOWS\system32\DRIVERS\imagedrv.sys [2003-03-29 89184]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-09 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 EBP Pervasive.SQL;EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [2006-12-07 32768]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2003-12-05 73728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-05-15 79400]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
R2 PDFCreatorMessages;PDFCreatorMessages; C:\WINDOWS\system32\PDFCreatorMessages.exe [2003-12-09 139264]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow\ScsiAccess.exe []
S2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2006-03-02 14336]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-12-27 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-25 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2006-12-27 68096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
-----------------EOF-----------------
2009-01-03 22:33:59 ----D---- C:\Program Files\Free Music Zilla
2009-01-03 22:33:51 ----D---- C:\WINDOWS
2009-01-03 22:30:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-03 22:20:38 ----D---- C:\WINDOWS\system32\NtmsData
2009-01-03 22:20:28 ----D---- C:\WINDOWS\system32
2009-01-03 22:08:59 ----D---- C:\downloads
2009-01-03 21:57:04 ----HD---- C:\WINDOWS\inf
2009-01-03 21:57:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-03 21:56:40 ----D---- C:\Program Files\Internet Explorer
2009-01-03 21:56:36 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-03 21:56:29 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-03 21:54:19 ----D---- C:\Program Files\Orb Networks
2009-01-03 21:53:57 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-01-03 21:53:40 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-03 21:49:23 ----D---- C:\Program Files\GetRight
2009-01-03 21:39:54 ----RD---- C:\Program Files
2009-01-03 19:31:45 ----HD---- C:\WINDOWS\system32\drivers
2009-01-03 19:13:16 ----D---- C:\WINDOWS\Prefetch
2009-01-03 18:15:31 ----A---- C:\WINDOWS\system.ini
2009-01-03 18:05:28 ----D---- C:\WINDOWS\system32\config
2009-01-03 18:04:50 ----D---- C:\WINDOWS\AppPatch
2009-01-03 18:04:50 ----D---- C:\Program Files\Fichiers communs
2009-01-03 18:04:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-03 18:02:25 ----RASH---- C:\boot.ini
2009-01-03 17:47:00 ----D---- C:\WINDOWS\Minidump
2009-01-03 17:47:00 ----D---- C:\WINDOWS\Debug
2009-01-03 17:44:34 ----D---- C:\Program Files\CCleaner
2009-01-03 17:34:52 ----D---- C:\QuarkXPress73installer_Win
2009-01-03 17:34:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-03 15:12:45 ----SHD---- C:\WINDOWS\Installer
2009-01-03 15:12:45 ----SHD---- C:\Config.Msi
2009-01-03 15:12:43 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-03 15:04:38 ----D---- C:\Program Files\Messenger
2009-01-03 15:03:24 ----D---- C:\WINDOWS\WinSxS
2009-01-03 14:20:28 ----D---- C:\WINDOWS\Help
2009-01-03 13:04:50 ----A---- C:\WINDOWS\win.ini
2008-12-30 01:32:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-30 01:31:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe
2008-12-22 01:38:38 ----D---- C:\TELEX2
2008-12-21 13:58:16 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-19 23:54:04 ----D---- C:\MARIE
2008-12-19 00:42:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\LimeWire
2008-12-18 22:09:55 ----D---- C:\Données Ciel
2008-12-17 22:31:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2008-12-13 07:37:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 23:59:36 ----D---- C:\Video Center
2008-12-12 23:14:10 ----D---- C:\Program Files\Adobe
2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-08 23:59:26 ----D---- C:\Program Files\AVS4YOU
2008-12-08 23:41:38 ----D---- C:\Program Files\Movies2iPhone
2008-12-08 22:44:54 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-05 00:28:58 ----D---- C:\Program Files\Quark
2008-12-04 22:47:11 ----D---- C:\Documents and Settings\Administrateur\Application Data\Quark
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40320]
R1 MDFSYSNT;MDFSYSNT; C:\WINDOWS\system32\drivers\MDFSYSNT.sys [2005-11-07 209152]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2003-09-15 9728]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R2 PDIHWCTL;PDIHWCTL; \??\C:\WINDOWS\system32\drivers\pdihwctl.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2003-03-28 3840]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-03-11 35936]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-01-16 10368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-08-31 21760]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SAA7146n;TT DVB-PCI driver (SAA7146n); C:\WINDOWS\system32\DRIVERS\saa7146n.sys [2004-09-13 65840]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TTLOOPHE;Virtual DVB-S/-C/-T Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\ttloophe.sys [2004-11-08 39284]
R3 USB_RNDIS;Inventel Gateway; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2006-03-02 12672]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-02 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-02 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-03-02 17024]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2006-03-02 17024]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2006-03-02 100992]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 catchme;catchme; \??\C:\killbagle\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hideproc;hideproc; \??\C:\WINDOWS\system32\Drivers\hideproc.sys []
S3 i1;i1 Pro; C:\WINDOWS\System32\Drivers\i1.sys [2003-11-27 26045]
S3 i1display;i1 Display; C:\WINDOWS\System32\Drivers\i1display.sys [2004-10-15 44344]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2006-03-02 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2006-03-02 59648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2006-03-02 11136]
S3 sonypvs1;Sony Digital Imaging Video2; C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 102220]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2006-03-02 15360]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2004-08-03 12672]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
S3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-03-02 32128]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2006-07-25 66656]
S3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2006-07-25 53408]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2006-07-25 9264]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2006-07-25 100640]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2006-07-25 100672]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2006-07-25 84960]
S4 Imagedrv;Imagedrv; C:\WINDOWS\system32\DRIVERS\imagedrv.sys [2003-03-29 89184]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-09 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 EBP Pervasive.SQL;EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [2006-12-07 32768]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [2003-12-05 73728]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2007-05-15 79400]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
R2 PDFCreatorMessages;PDFCreatorMessages; C:\WINDOWS\system32\PDFCreatorMessages.exe [2003-12-09 139264]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow\ScsiAccess.exe []
S2 UxTuneUp;Extension de conception TuneUp; C:\WINDOWS\System32\svchost.exe [2006-03-02 14336]
S2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-12-27 72704]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-12-25 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2006-12-27 68096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
-----------------EOF-----------------
lilibiscuit
Messages postés
50
Date d'inscription
dimanche 9 mars 2008
Statut
Membre
Dernière intervention
9 juin 2013
3 janv. 2009 à 22:37
3 janv. 2009 à 22:37
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:00, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FMZilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://photosgalerie.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - http://www.cig.canon-europe.com/ph/fr_FR/st/download/ddup/CNIMGUP_01_210102F.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.agelia.com/consulter/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Scan saved at 22:39:00, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FMZilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://photosgalerie.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - http://www.cig.canon-europe.com/ph/fr_FR/st/download/ddup/CNIMGUP_01_210102F.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.agelia.com/consulter/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Utilisateur anonyme
3 janv. 2009 à 22:42
3 janv. 2009 à 22:42
Re,
Tu installe un antivirus:
▶ D'installer cet Antivirus:
ANTIVIR
▶ Aide toi du tutoriel pour bien le configuré.
Tu fait le premier scan en mode sans échec
Choisit le mode expert et coche la case recherche de rootkits.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
En mode sans échec aussi
▶ Relance hijack et clique sur "Do a system scan only"
▶ Ensuite recherche ces lignes et coches les cases
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
▶ Ensuite clique sur "Fix checked"
Tu installe un antivirus:
▶ D'installer cet Antivirus:
ANTIVIR
▶ Aide toi du tutoriel pour bien le configuré.
Tu fait le premier scan en mode sans échec
Choisit le mode expert et coche la case recherche de rootkits.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
En mode sans échec aussi
▶ Relance hijack et clique sur "Do a system scan only"
▶ Ensuite recherche ces lignes et coches les cases
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
▶ Ensuite clique sur "Fix checked"
