A voir également:
- Probleme pour telecharger un antivirus
- Télécharger clavier arabe - Télécharger - Divers Web & Internet
- Télécharger instagram pour pc - Télécharger - Divers Communication
- Telecharger word 2013 - Télécharger - Traitement de texte
- Telecharger ccleaner - Télécharger - Nettoyage
- Télécharger opera mini pour pc - Télécharger - Navigateurs
46 réponses
Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
http://www.virustotal.com/flash/index_en.html
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\WINDOWS\system32\bcacecbad.dll
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
* Fais la même chose avec ces fichiers : C:\WINDOWS\system32\cebcbeda.dll
Note : Pour analyser un autre fichier, clique en bas sur Autre fichier.
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.
N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important
Fais analyser le(s) fichier(s) suivants sur Virustotal :
http://www.virustotal.com/flash/index_en.html
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\WINDOWS\system32\bcacecbad.dll
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
* Fais la même chose avec ces fichiers : C:\WINDOWS\system32\cebcbeda.dll
Note : Pour analyser un autre fichier, clique en bas sur Autre fichier.
excuse-moi je me suis mal exprime je voulais dire en cliquand droit et propriétés la dessus :
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
excuse-moi je me suis mal exprime je voulais dire en cliquand droit et en cliquant sur propriétés la dessus :
C:\WINDOWS\system32\bcacecbad.dll
dis-moi ca que cela indique
C:\WINDOWS\system32\bcacecbad.dll
dis-moi ca que cela indique
alors on doit avoir un resultat ce n est pas possible je reitere la procedure :
http://www.virustotal.com/flash/index_en.html
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\WINDOWS\system32\bcacecbad.dll
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
* Fais la même chose avec ces fichiers : C:\WINDOWS\system32\cebcbeda.dll
http://www.virustotal.com/flash/index_en.html
* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :
C:\WINDOWS\system32\bcacecbad.dll
* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
* Fais la même chose avec ces fichiers : C:\WINDOWS\system32\cebcbeda.dll
/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement cet ordinateur, il n'est pas transposable sur un autre ordinateur !
Toujours avec toutes les protections désactivées, fais ceci :
• Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
• Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
File::
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\cebcbeda.dll
------------------------------------------------------------------
• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
• Quitte le Bloc Notes
• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) comme sur ce lien : http://apu.mabul.org/up/apu/2008/09/06/img-2258535my8h.gif
• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici ? C:\ComboFix.txt
Toujours avec toutes les protections désactivées, fais ceci :
• Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
• Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :
----------------------------------------------------------
File::
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\cebcbeda.dll
------------------------------------------------------------------
• Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
• Quitte le Bloc Notes
• Fais un glisser/déposer de ce fichier CFScript sur le fichier C-Fix.exe (combofix) comme sur ce lien : http://apu.mabul.org/up/apu/2008/09/06/img-2258535my8h.gif
• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici ? C:\ComboFix.txt
ne tient pas compte du poste 55 j'ai reussi par un autre moyen a telecharger combofix et je te fais suivre le rapport suivant:
ComboFix 09-02-17.02 - patrice 2009-02-18 22:41:02.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.258 [GMT 1:00]
LancÚ depuis: c:\documents and settings\patrice\Bureau\ComboFix.exe
Commutateurs utilisÚs :: c:\documents and settings\patrice\Bureau\CFScript.txt
AV: Bitdefender Antivirus *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *disabled*
* Un nouveau point de restauration a ÚtÚ crÚÚ
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Conditions générales.url
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Confidentialité.url
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Désinstaller.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Website.url
c:\documents and settings\bast\Menu Démarrer\Programmes\PlayMP3z
c:\documents and settings\bast\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517C.manifest
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517O.manifest
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517P.manifest
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517S.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517C.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517O.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517P.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517S.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517C.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517O.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517P.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517S.manifest
c:\program files\outlook
c:\program files\QUAD Utilities
c:\windows\GnuHashes.ini
c:\windows\system32\bszip.dll
c:\windows\system32\d3d8caps.dat
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\GroupPolicyManifest
c:\windows\system32\GroupPolicyManifest\39.music.mp3
c:\windows\system32\GroupPolicyManifest\39.music.mp3.kwd
c:\windows\system32\GroupPolicyManifest\41.crack.zip
c:\windows\system32\GroupPolicyManifest\41.crack.zip.kwd
c:\windows\system32\GroupPolicyManifest\42.keymaker.zip
c:\windows\system32\GroupPolicyManifest\42.keymaker.zip.kwd
c:\windows\system32\GroupPolicyManifest\43.setup.zip
c:\windows\system32\GroupPolicyManifest\43.setup.zip.kwd
c:\windows\system32\GroupPolicyManifest\44.unpack.zip
c:\windows\system32\GroupPolicyManifest\44.unpack.zip.kwd
c:\windows\system32\GroupPolicyManifest\45.keygen.zip
c:\windows\system32\GroupPolicyManifest\45.keygen.zip.kwd
c:\windows\system32\GroupPolicyManifest\46.serial.zip
c:\windows\system32\GroupPolicyManifest\46.serial.zip.kwd
c:\windows\system32\GroupPolicyManifest\47.music.snd
c:\windows\system32\GroupPolicyManifest\47.music.snd.kwd
.
((((((((((((((((((((((((((((( Fichiers crÚÚs du 2009-01-18 au 2009-02-18 ))))))))))))))))))))))))))))))))))))
.
2009-02-18 22:37 . 2009-02-18 22:38 <REP> d-------- C:\32788R22FWJFW
2009-02-18 17:58 . 2009-02-18 17:58 66,048 --ahs---- c:\windows\Thumbs.db
2009-02-18 17:30 . 2009-02-18 17:30 <REP> d-------- c:\program files\CCleaner
2009-02-17 21:06 . 2009-02-18 17:58 11,776 --ahs---- c:\windows\system32\Thumbs.db
2009-02-17 17:53 . 2009-02-17 17:53 278,031 --------- c:\windows\system32\243ba5b767d87f941b3c13b8a4cac846.TMP
2009-02-16 20:43 . 2009-02-16 20:43 <REP> d-------- C:\_OTMoveIt
2009-02-15 20:01 . 2009-02-15 20:01 579,584 --a------ c:\windows\system32\dllcache\user32.dll
2009-02-15 19:59 . 2009-02-15 19:59 <REP> d-------- c:\windows\ERUNT
2009-02-15 19:41 . 2009-02-15 20:16 <REP> d-------- C:\SDFix
2009-02-14 18:35 . 2009-02-14 20:18 <REP> d-------- c:\program files\Navilog1
2009-02-14 18:13 . 2009-02-14 19:42 <REP> d-------- c:\program files\Ad-remover
2009-02-13 18:43 . 2009-02-13 18:43 <REP> d-------- C:\rsit
2009-02-13 18:43 . 2009-02-16 22:02 <REP> d-------- c:\program files\trend micro
2009-02-12 19:02 . 2009-02-12 20:19 <REP> d-------- c:\program files\FindyKill
2009-02-10 00:29 . 2009-02-10 00:29 0 --a------ c:\windows\Préférences Mini Calculatrice
2009-02-09 23:09 . 2009-02-09 23:09 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-09 23:09 . 2009-02-09 23:09 <REP> d-------- c:\documents and settings\patrice\Application Data\Malwarebytes
2009-02-09 23:09 . 2009-02-09 23:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-09 23:09 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-09 23:09 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-09 21:29 . 2009-02-09 21:29 <REP> d-------- c:\program files\Enigma Software Group
2009-02-09 20:23 . 2009-02-09 20:23 <REP> d-------- c:\program files\Personal Media Manager
2009-02-09 20:20 . 2009-02-09 20:20 <REP> d-------- c:\documents and settings\patrice\Application Data\GrabPro
2009-02-07 16:24 . 2009-02-07 16:25 5,208 --a------ c:\windows\system32\pid.PNF
2009-02-07 09:39 . 2009-02-07 16:25 12,540 --a------ c:\windows\system32\wpa.bak
2009-01-31 15:21 . 2009-01-31 15:21 <REP> d-------- c:\program files\Guitar Pro 5
2009-01-29 17:30 . 2009-01-29 17:30 <REP> d-------- c:\documents and settings\mick\Application Data\Media Player Classic
2009-01-28 14:23 . 2009-01-28 14:23 <REP> d-------- c:\documents and settings\bastien\Application Data\Desktopicon
2009-01-27 17:05 . 2009-01-29 19:15 <REP> d-------- c:\documents and settings\mick\Application Data\Orbit
2009-01-27 16:21 . 2009-02-02 17:07 <REP> d-------- c:\documents and settings\patrice\Application Data\Orbit
2009-01-27 13:27 . 2009-02-09 21:09 <REP> d-------- C:\downloads
2009-01-27 13:27 . 2009-01-27 13:27 <REP> d-------- c:\documents and settings\bastien\Application Data\GrabPro
2009-01-23 21:24 . 2009-01-23 21:24 <REP> d-------- c:\program files\Pcsx2_0.9.4
2009-01-23 17:42 . 2009-01-23 17:42 <REP> d-------- c:\documents and settings\bastien\Application Data\Nokia
2009-01-20 16:12 . 2009-02-09 21:08 <REP> d-------- C:\tmp
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-18 22:29 81,984 ----a-w c:\windows\system32\bdod.bin
2009-02-18 22:29 12,152,864 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-02-18 15:32 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-02-18 13:43 141,236 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-02-18 13:41 --------- d-----w c:\documents and settings\patrice\Application Data\LimeWire
2009-02-17 10:43 --------- d-----w c:\documents and settings\bastien\Application Data\OpenOffice.org2
2009-02-16 17:00 --------- d-----w c:\documents and settings\patrice\Application Data\OpenOffice.org2
2009-02-15 14:16 --------- d-----w c:\documents and settings\bastien\Application Data\LimeWire
2009-02-14 14:36 278,031 ------w c:\windows\system32\cebcbeda.dll
2009-02-14 14:36 278,031 ------w c:\windows\system32\bcacecbad.dll
2009-02-14 00:01 541,184 ----a-w c:\windows\Internet Logs\xDB3C.tmp
2009-02-14 00:01 2,571,264 ----a-w c:\windows\Internet Logs\xDB3D.tmp
2009-02-12 14:58 --------- d-----w c:\documents and settings\charline\Application Data\OpenOffice.org2
2009-02-09 19:52 --------- d-----w c:\program files\ma-config.com
2009-02-09 19:52 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-02-09 19:23 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-08 20:00 --------- d-----w c:\documents and settings\mick\Application Data\OpenOffice.org2
2009-02-03 15:58 --------- d-----w c:\documents and settings\mick\Application Data\LimeWire
2009-02-01 22:32 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-30 15:17 17,008,050 ----a-w c:\windows\Internet Logs\vsmon_on_demand_2009_01_30_08_58_42_full.dmp.zip
2009-01-30 07:58 211,968 ----a-w c:\windows\Internet Logs\xDB3B.tmp
2009-01-29 14:34 8,953,136 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-01-27 12:36 389,632 ----a-w c:\windows\Internet Logs\xDB3A.tmp
2009-01-16 20:15 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2009-01-09 17:39 177,152 ----a-w c:\windows\Internet Logs\xDB39.tmp
2008-12-31 15:02 157,696 ----a-w c:\windows\Internet Logs\xDB38.tmp
2008-12-24 17:48 62,464 ----a-w c:\windows\Internet Logs\xDB37.tmp
2008-12-22 18:12 100,352 ----a-w c:\windows\Internet Logs\xDB36.tmp
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ------w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ------w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ------w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ------w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ------w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
2008-12-20 15:32 415,744 ----a-w c:\windows\Internet Logs\xDB35.tmp
2008-12-19 09:11 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-10 14:02 2,368,512 ----a-w c:\windows\Internet Logs\xDB34.tmp
2008-12-06 10:55 2,357,760 ----a-w c:\windows\Internet Logs\xDB33.tmp
2008-12-06 10:55 181,248 ----a-w c:\windows\Internet Logs\xDB32.tmp
2008-12-06 10:16 2,357,248 ----a-w c:\windows\Internet Logs\xDB31.tmp
2008-11-29 10:03 137,728 ----a-w c:\windows\Internet Logs\xDB30.tmp
2008-11-25 15:23 96,768 ----a-w c:\windows\Internet Logs\xDB2F.tmp
2008-11-23 15:19 24,576 ----a-w c:\windows\Internet Logs\xDB2D.tmp
2008-11-23 15:19 2,311,680 ----a-w c:\windows\Internet Logs\xDB2E.tmp
2008-11-22 18:04 26,112 ----a-w c:\windows\Internet Logs\xDB2C.tmp
2008-11-22 16:57 544,768 ----a-w c:\windows\Internet Logs\xDB2B.tmp
2008-09-06 15:17 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090620080907\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ÚlÚments vides & les ÚlÚments initiaux lÚgitimes ne sont pas listÚs
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Widget Neuf"="c:\program files\Neuf\Widget Neuf\9widget.exe" [2008-09-29 709872]
"Neuf Media Center"="c:\program files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 1025264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 69632]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"EPSON Stylus C66 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE" [2003-11-26 99840]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 919016]
"BDMCon"="c:\progra~1\Softwin\BITDEF~1\bdmcon.exe" [2007-04-02 290816]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\documents and settings\bastien\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Outil de notification Live Search.lnk - c:\documents and settings\bastien\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-09-19 143360]
c:\documents and settings\charline\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
c:\documents and settings\mick\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2004-10-01 565309]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\bcacecbad]
2009-02-14 15:36 278031 c:\windows\system32\bcacecbad.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cebcbeda]
2009-02-14 15:36 278031 c:\windows\system32\cebcbeda.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.HFYU"= huffyuv.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v2 Smart Wizard.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG111v2 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WG111v2 Smart Wizard.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^patrice^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=c:\documents and settings\patrice\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=c:\windows\pss\OpenOffice.org 2.4.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
--a------ 2008-06-09 20:58 287984 c:\program files\Neuf\Kit\WiFi\9wifi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-05 13:00 208952 c:\windows\ime\IMJP8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-05 13:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-05 13:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-12-14 02:42 144784 c:\program files\Java\jre1.6.0_04\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATIPTA"=c:\ati technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\program files\Neuf\Media Center\httpd\httpd.exe"= c:\program files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2008-09-02 194304]
S0 85978e7feecb878e3caf66bd20117233;85978e7feecb878e3caf66bd20117233;c:\windows\system32\85978e7feecb878e3caf66bd20117233.sys --> c:\windows\system32\85978e7feecb878e3caf66bd20117233.sys [?]
S3 ovt530;Webcam Classic;c:\windows\system32\drivers\ov530vid.sys [2008-05-28 161792]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys --> c:\windows\system32\DRIVERS\wg111v3.sys [?]
--- Autres Services/Pilotes en mÚmoire ---
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - ServiceLayer
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SLService
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - vsmon
*Deregistered* - VSSERV
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WudfSvc
*Deregistered* - WZCSVC
*Deregistered* - XCOMM
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}]
\Shell\explore\Command - RavMon.exe -e
\Shell\open\Command - RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
.
.
------- Examen supplÚmentaire -------
.
FF - ProfilePath - c:\documents and settings\patrice\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-18 23:28:23
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachÚs ...
Recherche d'ÚlÚments en dÚmarrage automatique cachÚs ...
Recherche de fichiers cachÚs ...
Scan terminÚ avec succÞs
Fichiers cachÚs: 0
**************************************************************************
.
--------------------- DLLs chargÚes dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\RtlGina2.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\bcacecbad.dll
c:\windows\system32\cebcbeda.dll
.
Heure de fin: 2009-02-18 23:33:12
ComboFix-quarantined-files.txt 2009-02-18 22:33:07
Avant-CF: 59 108 413 440 octets libres
AprÞs-CF: 60,996,849,664 octets libres
289 --- E O F --- 2009-02-13 20:50:04
ComboFix 09-02-17.02 - patrice 2009-02-18 22:41:02.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.511.258 [GMT 1:00]
LancÚ depuis: c:\documents and settings\patrice\Bureau\ComboFix.exe
Commutateurs utilisÚs :: c:\documents and settings\patrice\Bureau\CFScript.txt
AV: Bitdefender Antivirus *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *disabled*
* Un nouveau point de restauration a ÚtÚ crÚÚ
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Conditions générales.url
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Confidentialité.url
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Désinstaller.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\MessengerSkinner.lnk
c:\documents and settings\All Users\Menu Démarrer\Programmes\MessengerSkinner\Website.url
c:\documents and settings\bast\Menu Démarrer\Programmes\PlayMP3z
c:\documents and settings\bast\Menu Démarrer\Programmes\PlayMP3z\Run PlayMP3z.lnk
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517C.manifest
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517O.manifest
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517P.manifest
c:\documents and settings\bastien\Application Data\[u]0/u2000000db436b2e517S.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517C.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517O.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517P.manifest
c:\documents and settings\mick\Application Data\[u]0/u2000000db436b2e517S.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517C.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517O.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517P.manifest
c:\documents and settings\patrice\Application Data\[u]0/u2000000db436b2e517S.manifest
c:\program files\outlook
c:\program files\QUAD Utilities
c:\windows\GnuHashes.ini
c:\windows\system32\bszip.dll
c:\windows\system32\d3d8caps.dat
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\GroupPolicyManifest
c:\windows\system32\GroupPolicyManifest\39.music.mp3
c:\windows\system32\GroupPolicyManifest\39.music.mp3.kwd
c:\windows\system32\GroupPolicyManifest\41.crack.zip
c:\windows\system32\GroupPolicyManifest\41.crack.zip.kwd
c:\windows\system32\GroupPolicyManifest\42.keymaker.zip
c:\windows\system32\GroupPolicyManifest\42.keymaker.zip.kwd
c:\windows\system32\GroupPolicyManifest\43.setup.zip
c:\windows\system32\GroupPolicyManifest\43.setup.zip.kwd
c:\windows\system32\GroupPolicyManifest\44.unpack.zip
c:\windows\system32\GroupPolicyManifest\44.unpack.zip.kwd
c:\windows\system32\GroupPolicyManifest\45.keygen.zip
c:\windows\system32\GroupPolicyManifest\45.keygen.zip.kwd
c:\windows\system32\GroupPolicyManifest\46.serial.zip
c:\windows\system32\GroupPolicyManifest\46.serial.zip.kwd
c:\windows\system32\GroupPolicyManifest\47.music.snd
c:\windows\system32\GroupPolicyManifest\47.music.snd.kwd
.
((((((((((((((((((((((((((((( Fichiers crÚÚs du 2009-01-18 au 2009-02-18 ))))))))))))))))))))))))))))))))))))
.
2009-02-18 22:37 . 2009-02-18 22:38 <REP> d-------- C:\32788R22FWJFW
2009-02-18 17:58 . 2009-02-18 17:58 66,048 --ahs---- c:\windows\Thumbs.db
2009-02-18 17:30 . 2009-02-18 17:30 <REP> d-------- c:\program files\CCleaner
2009-02-17 21:06 . 2009-02-18 17:58 11,776 --ahs---- c:\windows\system32\Thumbs.db
2009-02-17 17:53 . 2009-02-17 17:53 278,031 --------- c:\windows\system32\243ba5b767d87f941b3c13b8a4cac846.TMP
2009-02-16 20:43 . 2009-02-16 20:43 <REP> d-------- C:\_OTMoveIt
2009-02-15 20:01 . 2009-02-15 20:01 579,584 --a------ c:\windows\system32\dllcache\user32.dll
2009-02-15 19:59 . 2009-02-15 19:59 <REP> d-------- c:\windows\ERUNT
2009-02-15 19:41 . 2009-02-15 20:16 <REP> d-------- C:\SDFix
2009-02-14 18:35 . 2009-02-14 20:18 <REP> d-------- c:\program files\Navilog1
2009-02-14 18:13 . 2009-02-14 19:42 <REP> d-------- c:\program files\Ad-remover
2009-02-13 18:43 . 2009-02-13 18:43 <REP> d-------- C:\rsit
2009-02-13 18:43 . 2009-02-16 22:02 <REP> d-------- c:\program files\trend micro
2009-02-12 19:02 . 2009-02-12 20:19 <REP> d-------- c:\program files\FindyKill
2009-02-10 00:29 . 2009-02-10 00:29 0 --a------ c:\windows\Préférences Mini Calculatrice
2009-02-09 23:09 . 2009-02-09 23:09 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-09 23:09 . 2009-02-09 23:09 <REP> d-------- c:\documents and settings\patrice\Application Data\Malwarebytes
2009-02-09 23:09 . 2009-02-09 23:09 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-09 23:09 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-09 23:09 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-09 21:29 . 2009-02-09 21:29 <REP> d-------- c:\program files\Enigma Software Group
2009-02-09 20:23 . 2009-02-09 20:23 <REP> d-------- c:\program files\Personal Media Manager
2009-02-09 20:20 . 2009-02-09 20:20 <REP> d-------- c:\documents and settings\patrice\Application Data\GrabPro
2009-02-07 16:24 . 2009-02-07 16:25 5,208 --a------ c:\windows\system32\pid.PNF
2009-02-07 09:39 . 2009-02-07 16:25 12,540 --a------ c:\windows\system32\wpa.bak
2009-01-31 15:21 . 2009-01-31 15:21 <REP> d-------- c:\program files\Guitar Pro 5
2009-01-29 17:30 . 2009-01-29 17:30 <REP> d-------- c:\documents and settings\mick\Application Data\Media Player Classic
2009-01-28 14:23 . 2009-01-28 14:23 <REP> d-------- c:\documents and settings\bastien\Application Data\Desktopicon
2009-01-27 17:05 . 2009-01-29 19:15 <REP> d-------- c:\documents and settings\mick\Application Data\Orbit
2009-01-27 16:21 . 2009-02-02 17:07 <REP> d-------- c:\documents and settings\patrice\Application Data\Orbit
2009-01-27 13:27 . 2009-02-09 21:09 <REP> d-------- C:\downloads
2009-01-27 13:27 . 2009-01-27 13:27 <REP> d-------- c:\documents and settings\bastien\Application Data\GrabPro
2009-01-23 21:24 . 2009-01-23 21:24 <REP> d-------- c:\program files\Pcsx2_0.9.4
2009-01-23 17:42 . 2009-01-23 17:42 <REP> d-------- c:\documents and settings\bastien\Application Data\Nokia
2009-01-20 16:12 . 2009-02-09 21:08 <REP> d-------- C:\tmp
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-18 22:29 81,984 ----a-w c:\windows\system32\bdod.bin
2009-02-18 22:29 12,152,864 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-02-18 15:32 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-02-18 13:43 141,236 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-02-18 13:41 --------- d-----w c:\documents and settings\patrice\Application Data\LimeWire
2009-02-17 10:43 --------- d-----w c:\documents and settings\bastien\Application Data\OpenOffice.org2
2009-02-16 17:00 --------- d-----w c:\documents and settings\patrice\Application Data\OpenOffice.org2
2009-02-15 14:16 --------- d-----w c:\documents and settings\bastien\Application Data\LimeWire
2009-02-14 14:36 278,031 ------w c:\windows\system32\cebcbeda.dll
2009-02-14 14:36 278,031 ------w c:\windows\system32\bcacecbad.dll
2009-02-14 00:01 541,184 ----a-w c:\windows\Internet Logs\xDB3C.tmp
2009-02-14 00:01 2,571,264 ----a-w c:\windows\Internet Logs\xDB3D.tmp
2009-02-12 14:58 --------- d-----w c:\documents and settings\charline\Application Data\OpenOffice.org2
2009-02-09 19:52 --------- d-----w c:\program files\ma-config.com
2009-02-09 19:52 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-02-09 19:23 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-08 20:00 --------- d-----w c:\documents and settings\mick\Application Data\OpenOffice.org2
2009-02-03 15:58 --------- d-----w c:\documents and settings\mick\Application Data\LimeWire
2009-02-01 22:32 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-30 15:17 17,008,050 ----a-w c:\windows\Internet Logs\vsmon_on_demand_2009_01_30_08_58_42_full.dmp.zip
2009-01-30 07:58 211,968 ----a-w c:\windows\Internet Logs\xDB3B.tmp
2009-01-29 14:34 8,953,136 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-01-27 12:36 389,632 ----a-w c:\windows\Internet Logs\xDB3A.tmp
2009-01-16 20:15 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2009-01-09 17:39 177,152 ----a-w c:\windows\Internet Logs\xDB39.tmp
2008-12-31 15:02 157,696 ----a-w c:\windows\Internet Logs\xDB38.tmp
2008-12-24 17:48 62,464 ----a-w c:\windows\Internet Logs\xDB37.tmp
2008-12-22 18:12 100,352 ----a-w c:\windows\Internet Logs\xDB36.tmp
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ------w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ------w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ------w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ------w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ------w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
2008-12-20 15:32 415,744 ----a-w c:\windows\Internet Logs\xDB35.tmp
2008-12-19 09:11 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-10 14:02 2,368,512 ----a-w c:\windows\Internet Logs\xDB34.tmp
2008-12-06 10:55 2,357,760 ----a-w c:\windows\Internet Logs\xDB33.tmp
2008-12-06 10:55 181,248 ----a-w c:\windows\Internet Logs\xDB32.tmp
2008-12-06 10:16 2,357,248 ----a-w c:\windows\Internet Logs\xDB31.tmp
2008-11-29 10:03 137,728 ----a-w c:\windows\Internet Logs\xDB30.tmp
2008-11-25 15:23 96,768 ----a-w c:\windows\Internet Logs\xDB2F.tmp
2008-11-23 15:19 24,576 ----a-w c:\windows\Internet Logs\xDB2D.tmp
2008-11-23 15:19 2,311,680 ----a-w c:\windows\Internet Logs\xDB2E.tmp
2008-11-22 18:04 26,112 ----a-w c:\windows\Internet Logs\xDB2C.tmp
2008-11-22 16:57 544,768 ----a-w c:\windows\Internet Logs\xDB2B.tmp
2008-09-06 15:17 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090620080907\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ÚlÚments vides & les ÚlÚments initiaux lÚgitimes ne sont pas listÚs
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Widget Neuf"="c:\program files\Neuf\Widget Neuf\9widget.exe" [2008-09-29 709872]
"Neuf Media Center"="c:\program files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 1025264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 69632]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"EPSON Stylus C66 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE" [2003-11-26 99840]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 919016]
"BDMCon"="c:\progra~1\Softwin\BITDEF~1\bdmcon.exe" [2007-04-02 290816]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\documents and settings\bastien\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
Outil de notification Live Search.lnk - c:\documents and settings\bastien\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe [2008-09-19 143360]
c:\documents and settings\charline\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
c:\documents and settings\mick\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2004-10-01 565309]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\bcacecbad]
2009-02-14 15:36 278031 c:\windows\system32\bcacecbad.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cebcbeda]
2009-02-14 15:36 278031 c:\windows\system32\cebcbeda.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.HFYU"= huffyuv.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v2 Smart Wizard.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG111v2 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WG111v2 Smart Wizard.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^patrice^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
path=c:\documents and settings\patrice\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.4.lnk
backup=c:\windows\pss\OpenOffice.org 2.4.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
--a------ 2008-06-09 20:58 287984 c:\program files\Neuf\Kit\WiFi\9wifi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-05 13:00 208952 c:\windows\ime\IMJP8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-05 13:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-05 13:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-12-14 02:42 144784 c:\program files\Java\jre1.6.0_04\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATIPTA"=c:\ati technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\program files\Neuf\Media Center\httpd\httpd.exe"= c:\program files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2008-09-02 194304]
S0 85978e7feecb878e3caf66bd20117233;85978e7feecb878e3caf66bd20117233;c:\windows\system32\85978e7feecb878e3caf66bd20117233.sys --> c:\windows\system32\85978e7feecb878e3caf66bd20117233.sys [?]
S3 ovt530;Webcam Classic;c:\windows\system32\drivers\ov530vid.sys [2008-05-28 161792]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys --> c:\windows\system32\DRIVERS\wg111v3.sys [?]
--- Autres Services/Pilotes en mÚmoire ---
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - PolicyAgent
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - ServiceLayer
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - SLService
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - vsmon
*Deregistered* - VSSERV
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - WmiApSrv
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WudfSvc
*Deregistered* - WZCSVC
*Deregistered* - XCOMM
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}]
\Shell\explore\Command - RavMon.exe -e
\Shell\open\Command - RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
.
.
------- Examen supplÚmentaire -------
.
FF - ProfilePath - c:\documents and settings\patrice\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-18 23:28:23
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachÚs ...
Recherche d'ÚlÚments en dÚmarrage automatique cachÚs ...
Recherche de fichiers cachÚs ...
Scan terminÚ avec succÞs
Fichiers cachÚs: 0
**************************************************************************
.
--------------------- DLLs chargÚes dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\RtlGina2.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\bcacecbad.dll
c:\windows\system32\cebcbeda.dll
.
Heure de fin: 2009-02-18 23:33:12
ComboFix-quarantined-files.txt 2009-02-18 22:33:07
Avant-CF: 59 108 413 440 octets libres
AprÞs-CF: 60,996,849,664 octets libres
289 --- E O F --- 2009-02-13 20:50:04
Bonjour :
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
voici le 1er rapport,
Logfile of random's system information tool 1.05 (written by random/random)
Run by patrice at 2009-02-19 16:43:22
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 58 GB (37%) free of 156 GB
Total RAM: 511 MB (47% free)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-07 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"EPSON Stylus C66 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE [2003-11-26 99840]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016]
"BDMCon"=C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe [2007-04-02 290816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Widget Neuf"=C:\Program Files\Neuf\Widget Neuf\9widget.exe [2008-09-29 709872]
"Neuf Media Center"=C:\Program Files\Neuf\Media Center\MediaCenter.exe [2007-10-15 1025264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2008-06-09 287984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v2 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v2\WG111v2.exe [2007-05-14 1261568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^patrice^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE [2008-01-21 393216]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad]
C:\WINDOWS\system32\bcacecbad.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda]
C:\WINDOWS\system32\cebcbeda.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"="C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}]
shell\explore\command - RavMon.exe -e
shell\open\command - RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
======List of files/folders created in the last 2 months======
2009-02-19 16:38:57 ----SHD---- C:\RECYCLER
2009-02-19 16:34:54 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-18 23:33:16 ----A---- C:\ComboFix.txt
2009-02-18 22:38:27 ----A---- C:\WINDOWS\zip.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\VFIND.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWSC.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWREG.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\sed.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\grep.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\fdsv.exe
2009-02-18 22:38:16 ----D---- C:\WINDOWS\ERDNT
2009-02-18 22:38:16 ----D---- C:\Qoobox
2009-02-18 22:37:38 ----A---- C:\Bug.txt
2009-02-18 22:37:14 ----D---- C:\32788R22FWJFW
2009-02-18 17:30:28 ----D---- C:\Program Files\CCleaner
2009-02-17 17:53:29 ----N---- C:\WINDOWS\system32\243ba5b767d87f941b3c13b8a4cac846.TMP
2009-02-16 20:43:55 ----D---- C:\_OTMoveIt
2009-02-15 20:12:43 ----D---- C:\Documents and Settings\patrice\Application Data\WinRAR
2009-02-15 19:59:12 ----D---- C:\WINDOWS\ERUNT
2009-02-15 19:41:53 ----D---- C:\SDFix
2009-02-14 20:14:15 ----A---- C:\cleannavi.txt
2009-02-14 18:37:24 ----A---- C:\fixnavi.txt
2009-02-14 18:35:57 ----D---- C:\Program Files\Navilog1
2009-02-14 18:13:40 ----D---- C:\Program Files\Ad-remover
2009-02-13 18:43:27 ----D---- C:\Program Files\trend micro
2009-02-13 18:43:26 ----D---- C:\rsit
2009-02-12 20:15:15 ----A---- C:\FindyKill.txt
2009-02-12 19:02:35 ----D---- C:\Program Files\FindyKill
2009-02-11 15:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-09 23:09:51 ----D---- C:\Documents and Settings\patrice\Application Data\Malwarebytes
2009-02-09 23:09:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-09 23:09:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-09 21:29:24 ----D---- C:\Program Files\Enigma Software Group
2009-02-09 20:23:20 ----D---- C:\Program Files\Personal Media Manager
2009-02-09 20:20:44 ----D---- C:\Documents and Settings\patrice\Application Data\GrabPro
2009-02-07 15:50:23 ----D---- C:\Config.Msi
2009-02-07 09:39:46 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-06 09:33:15 ----D---- C:\Program Files\WinRAR
2009-01-31 15:21:13 ----D---- C:\Program Files\Guitar Pro 5
2009-01-27 16:21:05 ----D---- C:\Documents and Settings\patrice\Application Data\Orbit
2009-01-27 13:27:28 ----D---- C:\downloads
2009-01-23 21:24:38 ----D---- C:\Program Files\Pcsx2_0.9.4
2009-01-20 16:12:35 ----D---- C:\tmp
2009-01-15 15:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 16:37:55 ----D---- C:\ISO
2009-01-13 15:45:07 ----A---- C:\WINDOWS\4f29_appcompat.txt
2009-01-13 15:45:07 ----A---- C:\WINDOWS\4ee5_appcompat.txt
2009-01-13 15:45:07 ----A---- C:\WINDOWS\45c9_appcompat.txt
2009-01-07 18:57:01 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt
2009-01-07 17:19:47 ----D---- C:\PSP
2009-01-07 17:06:16 ----RD---- C:\Mes vidéos
2009-01-07 17:04:39 ----D---- C:\MP_ROOT
2009-01-07 14:35:32 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-07 14:35:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-07 14:35:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-01-07 14:35:25 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-01-07 14:35:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-01-07 14:35:14 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
======List of files/folders modified in the last 2 months======
2009-02-19 16:39:17 ----D---- C:\Program Files\Mozilla Firefox
2009-02-19 16:37:32 ----D---- C:\WINDOWS\Temp
2009-02-19 16:30:24 ----D---- C:\WINDOWS\Internet Logs
2009-02-19 14:27:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-19 10:59:16 ----D---- C:\WINDOWS
2009-02-19 01:39:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-18 23:33:28 ----SHD---- C:\WINDOWS\system32
2009-02-18 23:28:36 ----A---- C:\WINDOWS\system.ini
2009-02-18 22:55:59 ----D---- C:\WINDOWS\system32\drivers
2009-02-18 22:55:59 ----D---- C:\WINDOWS\AppPatch
2009-02-18 22:55:44 ----D---- C:\Program Files\Fichiers communs
2009-02-18 22:41:59 ----RD---- C:\Program Files
2009-02-18 22:38:19 ----D---- C:\WINDOWS\Prefetch
2009-02-18 17:58:27 ----RD---- C:\WINDOWS\Web
2009-02-18 17:58:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-18 17:31:55 ----D---- C:\WINDOWS\Debug
2009-02-18 17:31:54 ----D---- C:\WINDOWS\Minidump
2009-02-18 16:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-18 14:41:38 ----D---- C:\Documents and Settings\patrice\Application Data\LimeWire
2009-02-16 18:00:15 ----D---- C:\Documents and Settings\patrice\Application Data\OpenOffice.org2
2009-02-16 00:46:38 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-15 20:01:42 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-15 16:43:36 ----D---- C:\TEMP
2009-02-14 15:36:58 ----N---- C:\WINDOWS\system32\bcacecbad.dll
2009-02-14 15:36:32 ----N---- C:\WINDOWS\system32\cebcbeda.dll
2009-02-12 21:29:51 ----HD---- C:\WINDOWS\inf
2009-02-12 20:19:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-12 16:13:51 ----D---- C:\Program Files\Internet Explorer
2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-11 20:39:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-11 17:15:17 ----D---- C:\WINDOWS\system32\config
2009-02-11 17:14:51 ----D---- C:\WINDOWS\system32\wbem
2009-02-11 17:14:51 ----D---- C:\WINDOWS\Registration
2009-02-11 15:11:24 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:10:54 ----D---- C:\WINDOWS\ie7updates
2009-02-10 00:15:22 ----SHD---- C:\WINDOWS\Installer
2009-02-10 00:13:55 ----SD---- C:\Documents and Settings\patrice\Application Data\Microsoft
2009-02-09 20:52:23 ----D---- C:\Program Files\ma-config.com
2009-02-09 20:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-02-09 20:23:18 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2009-02-09 18:54:42 ----D---- C:\WINDOWS\Help
2009-02-07 15:48:45 ----D---- C:\WINDOWS\system32\Restore
2009-02-02 15:34:32 ----D---- C:\Program Files\Fichiers communs\Services
2009-02-01 23:32:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-31 15:21:15 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-07 14:35:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-07 14:35:35 ----D---- C:\WINDOWS\system32\DirectX
2009-01-07 14:35:13 ----RSD---- C:\WINDOWS\assembly
2008-12-25 10:53:00 ----D---- C:\JEUX DS
2008-12-20 23:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\occache.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\mstime.dll
2008-12-20 23:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\msrating.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 23:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 23:46:56 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 23:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 23:46:54 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 23:46:50 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 23:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 23:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 23:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-12 21035]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2006-03-02 126686]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2007-02-06 194304]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2006-03-02 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2006-03-02 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2006-03-02 1309184]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2006-03-02 180360]
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2006-03-02 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2004-10-01 163840]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-07 278528]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-10-24 462848]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by patrice at 2009-02-19 16:43:22
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 58 GB (37%) free of 156 GB
Total RAM: 511 MB (47% free)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-07 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"EPSON Stylus C66 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE [2003-11-26 99840]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016]
"BDMCon"=C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe [2007-04-02 290816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Widget Neuf"=C:\Program Files\Neuf\Widget Neuf\9widget.exe [2008-09-29 709872]
"Neuf Media Center"=C:\Program Files\Neuf\Media Center\MediaCenter.exe [2007-10-15 1025264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2008-06-09 287984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v2 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v2\WG111v2.exe [2007-05-14 1261568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^patrice^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE [2008-01-21 393216]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad]
C:\WINDOWS\system32\bcacecbad.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda]
C:\WINDOWS\system32\cebcbeda.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"="C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}]
shell\explore\command - RavMon.exe -e
shell\open\command - RavMon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\m.exe /s
======List of files/folders created in the last 2 months======
2009-02-19 16:38:57 ----SHD---- C:\RECYCLER
2009-02-19 16:34:54 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-18 23:33:16 ----A---- C:\ComboFix.txt
2009-02-18 22:38:27 ----A---- C:\WINDOWS\zip.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\VFIND.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWSC.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWREG.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\sed.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\grep.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\fdsv.exe
2009-02-18 22:38:16 ----D---- C:\WINDOWS\ERDNT
2009-02-18 22:38:16 ----D---- C:\Qoobox
2009-02-18 22:37:38 ----A---- C:\Bug.txt
2009-02-18 22:37:14 ----D---- C:\32788R22FWJFW
2009-02-18 17:30:28 ----D---- C:\Program Files\CCleaner
2009-02-17 17:53:29 ----N---- C:\WINDOWS\system32\243ba5b767d87f941b3c13b8a4cac846.TMP
2009-02-16 20:43:55 ----D---- C:\_OTMoveIt
2009-02-15 20:12:43 ----D---- C:\Documents and Settings\patrice\Application Data\WinRAR
2009-02-15 19:59:12 ----D---- C:\WINDOWS\ERUNT
2009-02-15 19:41:53 ----D---- C:\SDFix
2009-02-14 20:14:15 ----A---- C:\cleannavi.txt
2009-02-14 18:37:24 ----A---- C:\fixnavi.txt
2009-02-14 18:35:57 ----D---- C:\Program Files\Navilog1
2009-02-14 18:13:40 ----D---- C:\Program Files\Ad-remover
2009-02-13 18:43:27 ----D---- C:\Program Files\trend micro
2009-02-13 18:43:26 ----D---- C:\rsit
2009-02-12 20:15:15 ----A---- C:\FindyKill.txt
2009-02-12 19:02:35 ----D---- C:\Program Files\FindyKill
2009-02-11 15:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-09 23:09:51 ----D---- C:\Documents and Settings\patrice\Application Data\Malwarebytes
2009-02-09 23:09:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-09 23:09:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-09 21:29:24 ----D---- C:\Program Files\Enigma Software Group
2009-02-09 20:23:20 ----D---- C:\Program Files\Personal Media Manager
2009-02-09 20:20:44 ----D---- C:\Documents and Settings\patrice\Application Data\GrabPro
2009-02-07 15:50:23 ----D---- C:\Config.Msi
2009-02-07 09:39:46 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-06 09:33:15 ----D---- C:\Program Files\WinRAR
2009-01-31 15:21:13 ----D---- C:\Program Files\Guitar Pro 5
2009-01-27 16:21:05 ----D---- C:\Documents and Settings\patrice\Application Data\Orbit
2009-01-27 13:27:28 ----D---- C:\downloads
2009-01-23 21:24:38 ----D---- C:\Program Files\Pcsx2_0.9.4
2009-01-20 16:12:35 ----D---- C:\tmp
2009-01-15 15:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-14 16:37:55 ----D---- C:\ISO
2009-01-13 15:45:07 ----A---- C:\WINDOWS\4f29_appcompat.txt
2009-01-13 15:45:07 ----A---- C:\WINDOWS\4ee5_appcompat.txt
2009-01-13 15:45:07 ----A---- C:\WINDOWS\45c9_appcompat.txt
2009-01-07 18:57:01 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt
2009-01-07 17:19:47 ----D---- C:\PSP
2009-01-07 17:06:16 ----RD---- C:\Mes vidéos
2009-01-07 17:04:39 ----D---- C:\MP_ROOT
2009-01-07 14:35:32 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-07 14:35:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-07 14:35:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-01-07 14:35:25 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-01-07 14:35:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-01-07 14:35:14 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
======List of files/folders modified in the last 2 months======
2009-02-19 16:39:17 ----D---- C:\Program Files\Mozilla Firefox
2009-02-19 16:37:32 ----D---- C:\WINDOWS\Temp
2009-02-19 16:30:24 ----D---- C:\WINDOWS\Internet Logs
2009-02-19 14:27:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-19 10:59:16 ----D---- C:\WINDOWS
2009-02-19 01:39:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-18 23:33:28 ----SHD---- C:\WINDOWS\system32
2009-02-18 23:28:36 ----A---- C:\WINDOWS\system.ini
2009-02-18 22:55:59 ----D---- C:\WINDOWS\system32\drivers
2009-02-18 22:55:59 ----D---- C:\WINDOWS\AppPatch
2009-02-18 22:55:44 ----D---- C:\Program Files\Fichiers communs
2009-02-18 22:41:59 ----RD---- C:\Program Files
2009-02-18 22:38:19 ----D---- C:\WINDOWS\Prefetch
2009-02-18 17:58:27 ----RD---- C:\WINDOWS\Web
2009-02-18 17:58:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-18 17:31:55 ----D---- C:\WINDOWS\Debug
2009-02-18 17:31:54 ----D---- C:\WINDOWS\Minidump
2009-02-18 16:32:54 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-18 14:41:38 ----D---- C:\Documents and Settings\patrice\Application Data\LimeWire
2009-02-16 18:00:15 ----D---- C:\Documents and Settings\patrice\Application Data\OpenOffice.org2
2009-02-16 00:46:38 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-15 20:01:42 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-15 16:43:36 ----D---- C:\TEMP
2009-02-14 15:36:58 ----N---- C:\WINDOWS\system32\bcacecbad.dll
2009-02-14 15:36:32 ----N---- C:\WINDOWS\system32\cebcbeda.dll
2009-02-12 21:29:51 ----HD---- C:\WINDOWS\inf
2009-02-12 20:19:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-12 16:13:51 ----D---- C:\Program Files\Internet Explorer
2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-11 20:39:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-11 17:15:17 ----D---- C:\WINDOWS\system32\config
2009-02-11 17:14:51 ----D---- C:\WINDOWS\system32\wbem
2009-02-11 17:14:51 ----D---- C:\WINDOWS\Registration
2009-02-11 15:11:24 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 15:10:54 ----D---- C:\WINDOWS\ie7updates
2009-02-10 00:15:22 ----SHD---- C:\WINDOWS\Installer
2009-02-10 00:13:55 ----SD---- C:\Documents and Settings\patrice\Application Data\Microsoft
2009-02-09 20:52:23 ----D---- C:\Program Files\ma-config.com
2009-02-09 20:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-02-09 20:23:18 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2009-02-09 18:54:42 ----D---- C:\WINDOWS\Help
2009-02-07 15:48:45 ----D---- C:\WINDOWS\system32\Restore
2009-02-02 15:34:32 ----D---- C:\Program Files\Fichiers communs\Services
2009-02-01 23:32:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-31 15:21:15 ----RSD---- C:\WINDOWS\Fonts
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-07 14:35:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-07 14:35:35 ----D---- C:\WINDOWS\system32\DirectX
2009-01-07 14:35:13 ----RSD---- C:\WINDOWS\assembly
2008-12-25 10:53:00 ----D---- C:\JEUX DS
2008-12-20 23:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\occache.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\mstime.dll
2008-12-20 23:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\msrating.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 23:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 23:46:56 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 23:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 23:46:54 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 23:46:50 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 23:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 23:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 23:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-12 21035]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2006-03-02 126686]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2007-02-06 194304]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2006-03-02 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2006-03-02 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2006-03-02 1309184]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2006-03-02 180360]
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2006-03-02 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2004-10-01 163840]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-07 278528]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-10-24 462848]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
J:\m.exe
C:\Bug.txt
C:\WINDOWS\system32\243ba5b767d87f941b3c13b8a4cac846.TMP
C:\WINDOWS\4f29_appcompat.txt
C:\WINDOWS\4ee5_appcompat.txt
C:\WINDOWS\45c9_appcompat.txt
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\cebcbeda.dll
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
ensuite :
Telecharge :
-------------
https://www.clubic.com/telecharger-fiche262022-purera.html
coche tout a droite et "clean"
ensuite :
-----------
http://www.commentcamarche.net/telecharger/cleanafterme 34056612 avis opinions.php3
meme chose tu coches tout et "clean selected items"
ensuite :
redemarre et relance RSIT stp
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
J:\m.exe
C:\Bug.txt
C:\WINDOWS\system32\243ba5b767d87f941b3c13b8a4cac846.TMP
C:\WINDOWS\4f29_appcompat.txt
C:\WINDOWS\4ee5_appcompat.txt
C:\WINDOWS\45c9_appcompat.txt
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\cebcbeda.dll
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
ensuite :
Telecharge :
-------------
https://www.clubic.com/telecharger-fiche262022-purera.html
coche tout a droite et "clean"
ensuite :
-----------
http://www.commentcamarche.net/telecharger/cleanafterme 34056612 avis opinions.php3
meme chose tu coches tout et "clean selected items"
ensuite :
redemarre et relance RSIT stp
voici le rapport,
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder J:\m.exe not found.
C:\Bug.txt moved successfully.
C:\WINDOWS\system32\243ba5b767d87f941b3c13b8a4cac846.TMP moved successfully.
C:\WINDOWS\4f29_appcompat.txt moved successfully.
C:\WINDOWS\4ee5_appcompat.txt moved successfully.
C:\WINDOWS\45c9_appcompat.txt moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\bcacecbad.dll scheduled to be moved on reboot.
LoadLibrary failed for C:\WINDOWS\system32\cebcbeda.dll
C:\WINDOWS\system32\cebcbeda.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\cebcbeda.dll scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\etilqs_1M8JAajqUS0A3kxAExdF scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_8c8.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_ad0.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_b18.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\ZLT00294.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT00297.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02192009_180805
Files moved on Reboot...
LoadLibrary failed for C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\bcacecbad.dll scheduled to be moved on reboot.
LoadLibrary failed for C:\WINDOWS\system32\cebcbeda.dll
C:\WINDOWS\system32\cebcbeda.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\cebcbeda.dll scheduled to be moved on reboot.
File C:\DOCUME~1\patrice\LOCALS~1\Temp\etilqs_1M8JAajqUS0A3kxAExdF not found!
File C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_8c8.dat not found!
File C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_ad0.dat not found!
File C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_b18.dat not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\ZLT00294.TMP moved successfully.
C:\WINDOWS\temp\ZLT00297.TMP moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\XUL.mfl moved successfully.
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder J:\m.exe not found.
C:\Bug.txt moved successfully.
C:\WINDOWS\system32\243ba5b767d87f941b3c13b8a4cac846.TMP moved successfully.
C:\WINDOWS\4f29_appcompat.txt moved successfully.
C:\WINDOWS\4ee5_appcompat.txt moved successfully.
C:\WINDOWS\45c9_appcompat.txt moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\bcacecbad.dll scheduled to be moved on reboot.
LoadLibrary failed for C:\WINDOWS\system32\cebcbeda.dll
C:\WINDOWS\system32\cebcbeda.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\cebcbeda.dll scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64767a53-07fa-11dd-8307-001109749824}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b659c853-c53b-11dd-b64b-001e2a271d72}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f97449e0-ab5e-11dd-866d-001e2a271d72}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\etilqs_1M8JAajqUS0A3kxAExdF scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_8c8.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_ad0.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_b18.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\ZLT00294.TMP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT00297.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02192009_180805
Files moved on Reboot...
LoadLibrary failed for C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\bcacecbad.dll scheduled to be moved on reboot.
LoadLibrary failed for C:\WINDOWS\system32\cebcbeda.dll
C:\WINDOWS\system32\cebcbeda.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\cebcbeda.dll scheduled to be moved on reboot.
File C:\DOCUME~1\patrice\LOCALS~1\Temp\etilqs_1M8JAajqUS0A3kxAExdF not found!
File C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_8c8.dat not found!
File C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_ad0.dat not found!
File C:\DOCUME~1\patrice\LOCALS~1\Temp\Perflib_Perfdata_b18.dat not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\ZLT00294.TMP moved successfully.
C:\WINDOWS\temp\ZLT00297.TMP moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\patrice\Local Settings\Application Data\Mozilla\Firefox\Profiles\388imwm3.default\XUL.mfl moved successfully.
voici le rapport rsit,
Logfile of random's system information tool 1.05 (written by random/random)
Run by patrice at 2009-02-19 18:36:35
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 58 GB (37%) free of 156 GB
Total RAM: 511 MB (10% free)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-07 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"EPSON Stylus C66 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE [2003-11-26 99840]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016]
"BDMCon"=C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe [2007-04-02 290816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Widget Neuf"=C:\Program Files\Neuf\Widget Neuf\9widget.exe [2008-09-29 709872]
"Neuf Media Center"=C:\Program Files\Neuf\Media Center\MediaCenter.exe [2007-10-15 1025264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2008-06-09 287984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v2 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v2\WG111v2.exe [2007-05-14 1261568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^patrice^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE [2008-01-21 393216]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad]
C:\WINDOWS\system32\bcacecbad.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda]
C:\WINDOWS\system32\cebcbeda.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"="C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 2 months======
2009-02-19 18:19:58 ----A---- C:\PureRa.txt
2009-02-19 16:38:57 ----SHD---- C:\RECYCLER
2009-02-19 16:34:54 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-18 23:33:16 ----A---- C:\ComboFix.txt
2009-02-18 22:38:27 ----A---- C:\WINDOWS\zip.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\VFIND.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWSC.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWREG.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\sed.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\grep.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\fdsv.exe
2009-02-18 22:38:16 ----D---- C:\WINDOWS\ERDNT
2009-02-18 22:38:16 ----D---- C:\Qoobox
2009-02-18 22:37:14 ----D---- C:\32788R22FWJFW
2009-02-18 17:30:28 ----D---- C:\Program Files\CCleaner
2009-02-16 20:43:55 ----D---- C:\_OTMoveIt
2009-02-15 20:12:43 ----D---- C:\Documents and Settings\patrice\Application Data\WinRAR
2009-02-15 19:59:12 ----D---- C:\WINDOWS\ERUNT
2009-02-15 19:41:53 ----D---- C:\SDFix
2009-02-14 20:14:15 ----A---- C:\cleannavi.txt
2009-02-14 18:37:24 ----A---- C:\fixnavi.txt
2009-02-14 18:35:57 ----D---- C:\Program Files\Navilog1
2009-02-14 18:13:40 ----D---- C:\Program Files\Ad-remover
2009-02-13 18:43:27 ----D---- C:\Program Files\trend micro
2009-02-13 18:43:26 ----D---- C:\rsit
2009-02-12 20:15:15 ----A---- C:\FindyKill.txt
2009-02-12 19:02:35 ----D---- C:\Program Files\FindyKill
2009-02-11 15:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-09 23:09:51 ----D---- C:\Documents and Settings\patrice\Application Data\Malwarebytes
2009-02-09 23:09:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-09 23:09:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-09 21:29:24 ----D---- C:\Program Files\Enigma Software Group
2009-02-09 20:23:20 ----D---- C:\Program Files\Personal Media Manager
2009-02-09 20:20:44 ----D---- C:\Documents and Settings\patrice\Application Data\GrabPro
2009-02-07 15:50:23 ----D---- C:\Config.Msi
2009-02-07 09:39:46 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-06 09:33:15 ----D---- C:\Program Files\WinRAR
2009-01-31 15:21:13 ----D---- C:\Program Files\Guitar Pro 5
2009-01-27 16:21:05 ----D---- C:\Documents and Settings\patrice\Application Data\Orbit
2009-01-27 13:27:28 ----D---- C:\downloads
2009-01-23 21:24:38 ----D---- C:\Program Files\Pcsx2_0.9.4
2009-01-20 16:12:35 ----D---- C:\tmp
2009-01-14 16:37:55 ----D---- C:\ISO
2009-01-07 18:57:01 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt
2009-01-07 17:19:47 ----D---- C:\PSP
2009-01-07 17:06:16 ----RD---- C:\Mes vidéos
2009-01-07 17:04:39 ----D---- C:\MP_ROOT
2009-01-07 14:35:32 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-07 14:35:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-07 14:35:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-01-07 14:35:25 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-01-07 14:35:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-01-07 14:35:14 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
======List of files/folders modified in the last 2 months======
2009-02-19 18:35:32 ----D---- C:\WINDOWS\Internet Logs
2009-02-19 18:35:19 ----D---- C:\Program Files\Mozilla Firefox
2009-02-19 18:35:15 ----D---- C:\WINDOWS
2009-02-19 18:34:04 ----D---- C:\WINDOWS\Temp
2009-02-19 18:33:05 ----SHD---- C:\WINDOWS\system32
2009-02-19 18:31:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-19 18:31:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-19 18:29:43 ----D---- C:\WINDOWS\system32\config
2009-02-19 18:27:15 ----RSD---- C:\WINDOWS\Fonts
2009-02-19 18:27:12 ----D---- C:\Program Files\Movie Maker
2009-02-19 18:25:51 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-19 17:33:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-18 23:28:36 ----A---- C:\WINDOWS\system.ini
2009-02-18 22:55:59 ----D---- C:\WINDOWS\system32\drivers
2009-02-18 22:55:59 ----D---- C:\WINDOWS\AppPatch
2009-02-18 22:55:44 ----D---- C:\Program Files\Fichiers communs
2009-02-18 22:41:59 ----RD---- C:\Program Files
2009-02-18 22:38:19 ----D---- C:\WINDOWS\Prefetch
2009-02-18 17:58:27 ----RD---- C:\WINDOWS\Web
2009-02-18 17:58:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-18 17:31:55 ----D---- C:\WINDOWS\Debug
2009-02-18 17:31:54 ----D---- C:\WINDOWS\Minidump
2009-02-18 14:41:38 ----D---- C:\Documents and Settings\patrice\Application Data\LimeWire
2009-02-16 18:00:15 ----D---- C:\Documents and Settings\patrice\Application Data\OpenOffice.org2
2009-02-16 00:46:38 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-15 20:01:42 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-15 16:43:36 ----D---- C:\TEMP
2009-02-14 15:36:58 ----N---- C:\WINDOWS\system32\bcacecbad.dll
2009-02-14 15:36:32 ----N---- C:\WINDOWS\system32\cebcbeda.dll
2009-02-12 21:29:51 ----HD---- C:\WINDOWS\inf
2009-02-12 20:19:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-12 16:13:51 ----D---- C:\Program Files\Internet Explorer
2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-11 20:39:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-11 17:14:51 ----D---- C:\WINDOWS\system32\wbem
2009-02-11 17:14:51 ----D---- C:\WINDOWS\Registration
2009-02-11 15:10:54 ----D---- C:\WINDOWS\ie7updates
2009-02-10 00:15:22 ----SHD---- C:\WINDOWS\Installer
2009-02-10 00:13:55 ----SD---- C:\Documents and Settings\patrice\Application Data\Microsoft
2009-02-09 20:52:23 ----D---- C:\Program Files\ma-config.com
2009-02-09 20:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-02-09 20:23:18 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2009-02-09 18:54:42 ----D---- C:\WINDOWS\Help
2009-02-07 15:48:45 ----D---- C:\WINDOWS\system32\Restore
2009-02-02 15:34:32 ----D---- C:\Program Files\Fichiers communs\Services
2009-02-01 23:32:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-07 14:35:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-07 14:35:35 ----D---- C:\WINDOWS\system32\DirectX
2009-01-07 14:35:13 ----RSD---- C:\WINDOWS\assembly
2008-12-25 10:53:00 ----D---- C:\JEUX DS
2008-12-20 23:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\occache.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\mstime.dll
2008-12-20 23:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\msrating.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 23:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 23:46:56 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 23:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 23:46:54 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 23:46:50 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 23:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 23:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 23:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-12 21035]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2006-03-02 126686]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2007-02-06 194304]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2006-03-02 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2006-03-02 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2006-03-02 1309184]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2006-03-02 180360]
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2006-03-02 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2004-10-01 163840]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-07 278528]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-10-24 462848]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by patrice at 2009-02-19 18:36:35
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 58 GB (37%) free of 156 GB
Total RAM: 511 MB (10% free)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-07 652784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"EPSON Stylus C66 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE [2003-11-26 99840]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2007-12-13 919016]
"BDMCon"=C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe [2007-04-02 290816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Widget Neuf"=C:\Program Files\Neuf\Widget Neuf\9widget.exe [2008-09-29 709872]
"Neuf Media Center"=C:\Program Files\Neuf\Media Center\MediaCenter.exe [2007-10-15 1025264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autoconfigurateur WiFi Neuf]
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe [2008-06-09 287984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe [2007-12-14 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^NETGEAR WG111v2 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v2\WG111v2.exe [2007-05-14 1261568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^patrice^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE [2008-01-21 393216]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bcacecbad]
C:\WINDOWS\system32\bcacecbad.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cebcbeda]
C:\WINDOWS\system32\cebcbeda.dll [2009-02-14 278031]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"="C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 2 months======
2009-02-19 18:19:58 ----A---- C:\PureRa.txt
2009-02-19 16:38:57 ----SHD---- C:\RECYCLER
2009-02-19 16:34:54 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-18 23:33:16 ----A---- C:\ComboFix.txt
2009-02-18 22:38:27 ----A---- C:\WINDOWS\zip.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\VFIND.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWSC.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\SWREG.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\sed.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\NIRCMD.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\grep.exe
2009-02-18 22:38:27 ----A---- C:\WINDOWS\fdsv.exe
2009-02-18 22:38:16 ----D---- C:\WINDOWS\ERDNT
2009-02-18 22:38:16 ----D---- C:\Qoobox
2009-02-18 22:37:14 ----D---- C:\32788R22FWJFW
2009-02-18 17:30:28 ----D---- C:\Program Files\CCleaner
2009-02-16 20:43:55 ----D---- C:\_OTMoveIt
2009-02-15 20:12:43 ----D---- C:\Documents and Settings\patrice\Application Data\WinRAR
2009-02-15 19:59:12 ----D---- C:\WINDOWS\ERUNT
2009-02-15 19:41:53 ----D---- C:\SDFix
2009-02-14 20:14:15 ----A---- C:\cleannavi.txt
2009-02-14 18:37:24 ----A---- C:\fixnavi.txt
2009-02-14 18:35:57 ----D---- C:\Program Files\Navilog1
2009-02-14 18:13:40 ----D---- C:\Program Files\Ad-remover
2009-02-13 18:43:27 ----D---- C:\Program Files\trend micro
2009-02-13 18:43:26 ----D---- C:\rsit
2009-02-12 20:15:15 ----A---- C:\FindyKill.txt
2009-02-12 19:02:35 ----D---- C:\Program Files\FindyKill
2009-02-11 15:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-09 23:09:51 ----D---- C:\Documents and Settings\patrice\Application Data\Malwarebytes
2009-02-09 23:09:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-09 23:09:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-09 21:29:24 ----D---- C:\Program Files\Enigma Software Group
2009-02-09 20:23:20 ----D---- C:\Program Files\Personal Media Manager
2009-02-09 20:20:44 ----D---- C:\Documents and Settings\patrice\Application Data\GrabPro
2009-02-07 15:50:23 ----D---- C:\Config.Msi
2009-02-07 09:39:46 ----A---- C:\WINDOWS\system32\wpa.bak
2009-02-06 09:33:15 ----D---- C:\Program Files\WinRAR
2009-01-31 15:21:13 ----D---- C:\Program Files\Guitar Pro 5
2009-01-27 16:21:05 ----D---- C:\Documents and Settings\patrice\Application Data\Orbit
2009-01-27 13:27:28 ----D---- C:\downloads
2009-01-23 21:24:38 ----D---- C:\Program Files\Pcsx2_0.9.4
2009-01-20 16:12:35 ----D---- C:\tmp
2009-01-14 16:37:55 ----D---- C:\ISO
2009-01-07 18:57:01 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt
2009-01-07 17:19:47 ----D---- C:\PSP
2009-01-07 17:06:16 ----RD---- C:\Mes vidéos
2009-01-07 17:04:39 ----D---- C:\MP_ROOT
2009-01-07 14:35:32 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-07 14:35:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-07 14:35:30 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-07 14:35:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-01-07 14:35:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-01-07 14:35:25 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-01-07 14:35:22 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-01-07 14:35:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-01-07 14:35:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-01-07 14:35:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-01-07 14:35:15 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-01-07 14:35:14 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
======List of files/folders modified in the last 2 months======
2009-02-19 18:35:32 ----D---- C:\WINDOWS\Internet Logs
2009-02-19 18:35:19 ----D---- C:\Program Files\Mozilla Firefox
2009-02-19 18:35:15 ----D---- C:\WINDOWS
2009-02-19 18:34:04 ----D---- C:\WINDOWS\Temp
2009-02-19 18:33:05 ----SHD---- C:\WINDOWS\system32
2009-02-19 18:31:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-19 18:31:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-19 18:29:43 ----D---- C:\WINDOWS\system32\config
2009-02-19 18:27:15 ----RSD---- C:\WINDOWS\Fonts
2009-02-19 18:27:12 ----D---- C:\Program Files\Movie Maker
2009-02-19 18:25:51 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-19 17:33:00 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-02-18 23:28:36 ----A---- C:\WINDOWS\system.ini
2009-02-18 22:55:59 ----D---- C:\WINDOWS\system32\drivers
2009-02-18 22:55:59 ----D---- C:\WINDOWS\AppPatch
2009-02-18 22:55:44 ----D---- C:\Program Files\Fichiers communs
2009-02-18 22:41:59 ----RD---- C:\Program Files
2009-02-18 22:38:19 ----D---- C:\WINDOWS\Prefetch
2009-02-18 17:58:27 ----RD---- C:\WINDOWS\Web
2009-02-18 17:58:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-18 17:31:55 ----D---- C:\WINDOWS\Debug
2009-02-18 17:31:54 ----D---- C:\WINDOWS\Minidump
2009-02-18 14:41:38 ----D---- C:\Documents and Settings\patrice\Application Data\LimeWire
2009-02-16 18:00:15 ----D---- C:\Documents and Settings\patrice\Application Data\OpenOffice.org2
2009-02-16 00:46:38 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-15 20:01:42 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-02-15 16:43:36 ----D---- C:\TEMP
2009-02-14 15:36:58 ----N---- C:\WINDOWS\system32\bcacecbad.dll
2009-02-14 15:36:32 ----N---- C:\WINDOWS\system32\cebcbeda.dll
2009-02-12 21:29:51 ----HD---- C:\WINDOWS\inf
2009-02-12 20:19:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-12 16:13:51 ----D---- C:\Program Files\Internet Explorer
2009-02-12 05:56:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-11 20:39:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-11 17:14:51 ----D---- C:\WINDOWS\system32\wbem
2009-02-11 17:14:51 ----D---- C:\WINDOWS\Registration
2009-02-11 15:10:54 ----D---- C:\WINDOWS\ie7updates
2009-02-10 00:15:22 ----SHD---- C:\WINDOWS\Installer
2009-02-10 00:13:55 ----SD---- C:\Documents and Settings\patrice\Application Data\Microsoft
2009-02-09 20:52:23 ----D---- C:\Program Files\ma-config.com
2009-02-09 20:52:23 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-02-09 20:23:18 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2009-02-09 18:54:42 ----D---- C:\WINDOWS\Help
2009-02-07 15:48:45 ----D---- C:\WINDOWS\system32\Restore
2009-02-02 15:34:32 ----D---- C:\Program Files\Fichiers communs\Services
2009-02-01 23:32:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-16 21:15:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-01-07 14:35:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-07 14:35:35 ----D---- C:\WINDOWS\system32\DirectX
2009-01-07 14:35:13 ----RSD---- C:\WINDOWS\assembly
2008-12-25 10:53:00 ----D---- C:\JEUX DS
2008-12-20 23:47:04 ----A---- C:\WINDOWS\system32\wininet.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-12-20 23:47:03 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\occache.dll
2008-12-20 23:47:02 ----N---- C:\WINDOWS\system32\mstime.dll
2008-12-20 23:47:02 ----A---- C:\WINDOWS\system32\url.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\msrating.dll
2008-12-20 23:47:01 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-12-20 23:46:57 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-12-20 23:46:56 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-12-20 23:46:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-12-20 23:46:54 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-12-20 23:46:54 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-12-20 23:46:50 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-12-20 23:46:50 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-12-20 23:46:49 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-12-20 23:46:49 ----A---- C:\WINDOWS\system32\icardie.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-12-20 23:46:48 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-12-20 23:46:48 ----A---- C:\WINDOWS\system32\advpack.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2007-12-13 394952]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-12 21035]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-02-26 43520]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2006-03-02 126686]
R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2007-02-06 194304]
R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2006-03-02 404990]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2006-03-02 13240]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2006-03-02 1309184]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2006-03-02 180360]
S3 ovt530;Webcam Classic; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2006-03-02 95424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 bdss;BitDefender Scan Server; C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe [2004-10-01 163840]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe [2008-08-07 278528]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2007-12-13 75304]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2007-10-24 462848]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
branche tes cles usb ,
redemarre en mode sans echec , et colles ceci dans otmoveit puis reviens en normal me poster le rapport:
:processes
explorer.exe
:files
J:\m.exe
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\cebcbeda.dll
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
redemarre en mode sans echec , et colles ceci dans otmoveit puis reviens en normal me poster le rapport:
:processes
explorer.exe
:files
J:\m.exe
C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\cebcbeda.dll
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
salut, je pense enfin avoir compris la manipe c'est que je suis un impatient d'en finir et du fait un peu perdu
voici je pense le rapport que tu m'a demandé,
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder J:\m.exe not found.
LoadLibrary failed for C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\bcacecbad.dll scheduled to be moved on reboot.
LoadLibrary failed for C:\WINDOWS\system32\cebcbeda.dll
C:\WINDOWS\system32\cebcbeda.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\cebcbeda.dll scheduled to be moved on reboot.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02212009_161130
voici je pense le rapport que tu m'a demandé,
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder J:\m.exe not found.
LoadLibrary failed for C:\WINDOWS\system32\bcacecbad.dll
C:\WINDOWS\system32\bcacecbad.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\bcacecbad.dll scheduled to be moved on reboot.
LoadLibrary failed for C:\WINDOWS\system32\cebcbeda.dll
C:\WINDOWS\system32\cebcbeda.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\cebcbeda.dll scheduled to be moved on reboot.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02212009_161130
GRRRRRRRRRRRR !!!!!!!!!!!!!!!!!!!!!
renvoie le log.txt neuf de rsit stp juiste apres avoir redemarré
renvoie le log.txt neuf de rsit stp juiste apres avoir redemarré
excuse moi mais je suis a deux doigts de péter un boulon! = lol ne le jettes pas par la fenetre !!!!
redemarres et :
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
redemarres et :
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0 bytes size received / Se ha recibido un archivo vacio