JE VOUS POSTE LE RAPPORT DE HIJACCK
ROBERTRICH
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,Logfile of random's system information tool 1.06 (written by random/random)
Run by ZOA at 2009-07-17 14:50:47
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 973 MB (3%) free of 30 GB
Total RAM: 223 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:06:49, on 17/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\ZOA\wptniq.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\system32\D97CED\70CBAC.EXE
C:\WINDOWS\system32\XP-802143EC.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Documents and Settings\ZOA\Application Data\drivers\winupgro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Documents and Settings\All Users\Documents\Ma musique\SuperCopier2\SuperCopier2.exe
C:\Windows\System32\bycool\myapp.exe
C:\Documents and Settings\ZOA\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\ZOA\LOCALS~1\Temp\winhwjgw.exe
C:\DOCUME~1\ZOA\LOCALS~1\Temp\winpjxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\i.bat
D:\i.bat
C:\DOCUME~1\ZOA\LOCALS~1\Temp\asvdr.exe
C:\i.bat
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\A783D1\HX-A783D.EXE
C:\DOCUME~1\ZOA\LOCALS~1\Temp\reigd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\trend micro\ZOA.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\ZOA\wptniq.exe \o
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DRIVESYS1] C:\Windows\System32\bycool1\windo.exe
O4 - HKLM\..\Run: [DRIVESYS] C:\Windows\System32\bycool\winacces.exe
O4 - HKLM\..\Run: [xdjnv] C:\WINDOWS\system32\xdjnv.exe \j
O4 - HKLM\..\Run: [adbv] C:\WINDOWS\system32\adbv.exe \j
O4 - HKLM\..\Run: [70CBAC] C:\WINDOWS\system32\D97CED\70CBAC.EXE
O4 - HKLM\..\Run: [XP-802143EC] C:\WINDOWS\system32\XP-802143EC.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - HKCU\..\Run: [vamsoft] C:\WINDOWS\system32\vamsoft.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Documents and Settings\All Users\Documents\Ma musique\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [L08FXLRD_2669638] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\ZOA\LOCALS~1\Temp\b.exe
O4 - HKCU\..\Run: [T58] "C:\Program Files\T58KTV\T58.exe" -u
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - Startup: 70CBAC.lnk = C:\WINDOWS\system32\D97CED\70CBAC.EXE
O4 - Startup: Dos Optimizer.pif = ?
O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-802143EC.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9420 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-06-14 509592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-05-01 161352]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-08-08 145920]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-08 634880]
"STDSB"=C:\WINDOWS\system32\drivers\STDSB.exe [2003-12-17 28672]
"Icon"=C:\WINDOWS\system32\drivers\Icon.exe [2005-08-08 217088]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 229376]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-06-14 202392]
""= []
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 225280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-08-15 172032]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-03-27 53248]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 112496]
"DRIVESYS1"=C:\Windows\System32\bycool1\windo.exe [2008-08-13 1471601]
"DRIVESYS"=C:\Windows\System32\bycool\winacces.exe [2008-08-13 1211446]
"xdjnv"=C:\WINDOWS\system32\xdjnv.exe [2008-11-01 19968]
"adbv"=C:\WINDOWS\system32\adbv.exe [2008-11-01 19968]
"70CBAC"=C:\WINDOWS\system32\D97CED\70CBAC.EXE [2002-05-18 1405156]
"XP-802143EC"=C:\WINDOWS\system32\XP-802143EC.EXE [2009-07-09 1509591]
"FrameWorkService"= []
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-02-07 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-02-07 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-02-07 118784]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2008-03-04 999424]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2008-03-04 1101824]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-07-17 148856]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"kamsoft"=C:\WINDOWS\system32\kamsoft.exe [2008-11-29 182272]
"vamsoft"=C:\WINDOWS\system32\vamsoft.exe [2008-12-27 189952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2004-09-12 925704]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"cdoosoft"=C:\WINDOWS\system32\olhrwef.exe [2009-07-16 213892]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2009-07-15 5900511]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-03-18 4437232]
"SuperCopier2.exe"=C:\Documents and Settings\All Users\Documents\Ma musique\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"L08FXLRD_2669638"=C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE -m []
"Cognac"=C:\DOCUME~1\ZOA\LOCALS~1\Temp\b.exe []
"T58"=C:\Program Files\T58KTV\T58.exe -u []
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-07-01 321344]
"DriverCure"=C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []
"FrameWorkService"= []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Documents and Settings\ZOA\Menu Démarrer\Programmes\Démarrage
70CBAC.lnk - C:\WINDOWS\system32\D97CED\70CBAC.EXE
Dos Optimizer.pif
¡¡¡¡¡¡.lnk - C:\WINDOWS\system32\XP-802143EC.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{BB4C402F-882A-4526-8C08-51278EA437C1}"=C:\WINDOWS\system32\e8main2.dll [2004-08-05 78848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisallowRun"=0
"NoFolderOptions"=0
"NoRun"=0
"NoFind"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\DFH\DFH.EXE"="D:\DFH\DFH.EXE:*:Enabled:Dictionnaire français Hachette"
"D:\Zuma Deluxe!\Zuma.exe"="D:\Zuma Deluxe!\Zuma.exe:*:Enabled:Zuma Deluxe"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe:*:Enabled:Alertes et état du périphérique hp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b477b81-357b-11dd-bc43-806d6172696f}]
shell\AutoRun\command - E:\i.bat
shell\explore\command - E:\i.bat
shell\open\command - E:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b477b83-357b-11dd-bc43-806d6172696f}]
shell\AutoRun\command - D:\i.bat
shell\explore\command - D:\i.bat
shell\open\command - D:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b477b85-357b-11dd-bc43-806d6172696f}]
shell\AutoRun\command - C:\i.bat
shell\explore\command - C:\i.bat
shell\open\command - C:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21c7f6da-6628-11de-8019-000e35c75164}]
shell\1\command - I:\Recycle.exe
shell\2\command - I:\Recycle.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21f74320-6f25-11de-8045-000e35c75164}]
shell\AutoRun\command - I:\iqe68o.bat
shell\explore\command - I:\iqe68o.bat
shell\open\command - I:\iqe68o.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57ba78c2-16f7-11de-9ea5-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57ba78c3-16f7-11de-9ea5-000e35c75164}]
shell\AutoRun\command - J:\i.bat
shell\explore\command - J:\i.bat
shell\open\command - J:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{669f69b0-51a9-11de-bfd0-000e35c75164}]
shell\AutoRun\command - I:\n68mqcra.exe
shell\open\command - I:\n68mqcra.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71b15de0-59bc-11de-bff2-000e35c75164}]
shell\AutoRun\command - I:\iqe68o.bat
shell\explore\command - I:\iqe68o.bat
shell\open\command - I:\iqe68o.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74fc4bf0-11b6-11de-9e7e-000e35c75164}]
shell\AutoRun\command - I:\g1ljsm.com
shell\open\command - I:\g1ljsm.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75759816-64ec-11de-8014-000e35c75164}]
shell\AutoRun\command - I:\2nuk.com
shell\open\command - I:\2nuk.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7876fb10-0b56-11de-9e48-0040d06b7e29}]
shell\AutoRun\command - I:\gi2ky.exe
shell\open\command - I:\gi2ky.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e43b150-4aee-11de-abf1-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e43b153-4aee-11de-abf1-000e35c75164}]
shell\1\command - I:\Recycle.exe
shell\2\command - I:\Recycle.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e7cffc0-1de4-11de-9ebe-000e35c75164}]
shell\AutoRun\command - I:\gi2ky.exe
shell\open\command - I:\gi2ky.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9790b211-c11b-11dd-9dc5-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e9f1470-674a-11de-8023-000e35c75164}]
shell\1\command - I:\Recycled.exe
shell\2\command - I:\Recycled.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a102ce20-35fa-11d6-9e68-000e35c75164}]
shell\AutoRun\command - I:\uvsqfgwd.cmd
shell\open\command - I:\uvsqfgwd.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8e1ba60-352f-11d6-9e64-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfaae697-73b5-11d6-ac03-000e35c75164}]
shell\AutoRun\command - I:\n68mqcra.exe
shell\open\command - I:\n68mqcra.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f62d4e32-6c29-11dd-9d92-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6daa0f0-51a5-11de-bfcf-000e35c75164}]
shell\1\command - I:\Recycle.exe
shell\2\command - I:\Recycle.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc9e6a70-e2dc-11dd-9e1d-0040d06b7e29}]
shell\AutoRun\command - I:\iqe68o.bat
shell\explore\command - I:\iqe68o.bat
shell\open\command - I:\iqe68o.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc9e6a71-e2dc-11dd-9e1d-0040d06b7e29}]
shell\AutoRun\command - J:\iqe68o.bat
shell\explore\command - J:\iqe68o.bat
shell\open\command - J:\iqe68o.bat
======File associations======
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2009-07-17 14:34:09 ----A---- C:\WINDOWS\system32\ban_list.txt
2009-07-15 23:46:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-07-15 23:34:59 ----RSH---- C:\zPharaoh.exe
2009-07-15 23:34:57 ----D---- C:\Documents and Settings\ZOA\Application Data\tazebama
2009-07-14 22:22:32 ----D---- C:\Program Files\SystemRequirementsLab
2009-07-14 22:21:04 ----D---- C:\Documents and Settings\ZOA\Application Data\SystemRequirementsLab
2009-07-14 21:27:27 ----A---- C:\WINDOWS\system32\vuins32.dll
2009-07-14 21:27:15 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-07-14 21:13:54 ----D---- C:\Documents and Settings\ZOA\Application Data\Intel
2009-07-14 21:13:01 ----A---- C:\WINDOWS\system32\results.txt
2009-07-14 21:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-07-14 21:05:17 ----A---- C:\WINDOWS\system32\Netw2r32.dll
2009-07-14 21:05:17 ----A---- C:\WINDOWS\system32\Netw2c32.dll
2009-07-14 19:59:17 ----RSH---- C:\iqe68o.bat
2009-07-14 19:59:16 ----RSH---- C:\i.bat
2009-07-14 19:58:10 ----RSH---- C:\nkbd1v.exe
2009-07-14 19:37:33 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-07-13 18:48:48 ----A---- C:\WINDOWS\system32\HX-A783D.EXE
2009-07-13 18:48:34 ----SH---- C:\WINDOWS\system32\vt-7326.exe
2009-07-11 14:20:30 ----RSH---- C:\j39y2.bat
2009-07-10 16:13:29 ----A---- C:\Documents and Settings\ZOA\Application Data\lsass.exe
2009-07-09 19:11:00 ----A---- C:\Documents and Settings\ZOA\Application Data\svchost.exe
2009-07-09 18:58:48 ----RSH---- C:\p.exe
2009-07-09 18:56:15 ----A---- C:\WINDOWS\system32\a5.ini
2009-07-09 18:55:29 ----A---- C:\WINDOWS\system32\HV-D97CE.EXE
2009-07-09 18:55:25 ----SH---- C:\WINDOWS\system32\vt-7626.exe
2009-07-09 18:53:06 ----ASH---- C:\WINDOWS\system32\ul.dll
2009-07-09 18:53:06 ----ASH---- C:\WINDOWS\system32\og.dll
2009-07-09 18:52:54 ----RSH---- C:\WINDOWS\system32\XP-802143EC.EXE
2009-07-08 19:25:13 ----D---- C:\Documents and Settings\ZOA\Application Data\DriverCure
2009-07-08 19:24:34 ----D---- C:\Documents and Settings\All Users\Application Data\ParetoLogic
2009-07-08 19:24:34 ----D---- C:\Documents and Settings\All Users\Application Data\DriverCure
2009-07-07 11:51:16 ----RSH---- C:\q1alx.exe
2009-07-07 11:41:42 ----RSH---- C:\86l2qw.bat
2009-07-03 13:34:30 ----RSH---- C:\3j2h0tf.bat
2009-07-03 13:25:03 ----RSH---- C:\xmcckw.bat
2009-07-01 19:17:25 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-01 17:28:17 ----D---- C:\Documents and Settings\ZOA\Application Data\BitTorrent
2009-07-01 17:27:02 ----D---- C:\Program Files\DNA
2009-07-01 17:26:54 ----D---- C:\Documents and Settings\ZOA\Application Data\DNA
2009-07-01 17:26:50 ----D---- C:\Program Files\BitTorrent
2009-07-01 15:33:33 ----D---- C:\Program Files\KONAMI
2009-07-01 12:55:13 ----A---- C:\WINDOWS\system32\wcl2wbt.dll
2009-06-29 19:01:08 ----RSH---- C:\2nuk.com
2009-06-29 18:51:20 ----RSH---- C:\060ptrm.com
2009-06-27 17:28:18 ----RSH---- C:\metdgv.bat
2009-06-27 17:18:00 ----RSH---- C:\1mteolu9.com
2009-06-27 17:11:59 ----SHD---- C:\found.000
2009-06-27 11:56:51 ----D---- C:\Documents and Settings\ZOA\Application Data\Lavasoft
2009-06-24 20:52:27 ----RSH---- C:\s.exe
2009-06-24 16:28:30 ----RSH---- C:\ml.com
2009-06-23 18:42:25 ----RSH---- C:\xbvv6o.com
2009-06-22 12:29:05 ----RSH---- C:\m.com
2009-06-22 12:19:41 ----RSH---- C:\be2trf.bat
2009-06-21 19:32:35 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-06-21 19:31:59 ----D---- C:\Program Files\Google
2009-06-20 15:22:55 ----RSH---- C:\ste8.bat
2009-06-20 15:04:43 ----RSH---- C:\cahpcg.cmd
2009-06-20 15:04:12 ----RSH---- C:\WINDOWS\system32\nmdfgds2.dll
2009-06-18 18:14:03 ----RSH---- C:\xhah66s.cmd
2009-06-18 17:16:46 ----RSH---- C:\d9c.bat
======List of files/folders modified in the last 1 months======
2009-07-17 14:50:56 ----D---- C:\Program Files\trend micro
2009-07-17 14:34:09 ----D---- C:\WINDOWS\system32
2009-07-17 14:06:53 ----D---- C:\Program Files\Mozilla Firefox
2009-07-16 23:36:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-16 20:29:25 ----RSH---- C:\WINDOWS\system32\nmdfgds0.dll
2009-07-16 20:29:14 ----A---- C:\WINDOWS\system32\olhrwef.exe
2009-07-15 23:44:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-15 23:44:09 ----D---- C:\Program Files\Windows Media Player
2009-07-15 23:44:08 ----D---- C:\Program Files\Outlook Express
2009-07-15 23:44:03 ----D---- C:\Program Files\movie maker
2009-07-15 23:44:02 ----D---- C:\Program Files\Internet Explorer
2009-07-15 23:43:59 ----D---- C:\Program Files\NetMeeting
2009-07-15 23:35:23 ----D---- C:\Program Files\Windows NT
2009-07-15 23:35:12 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-15 23:34:57 ----A---- C:\WINDOWS\system.ini
2009-07-15 23:33:30 ----D---- C:\NOUVEAUTE
2009-07-15 23:14:08 ----SD---- C:\WINDOWS\Tasks
2009-07-14 21:27:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-07-14 21:18:12 ----SHD---- C:\WINDOWS\Installer
2009-07-14 21:15:03 ----D---- C:\WINDOWS\Prefetch
2009-07-14 21:04:55 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-14 18:33:06 ----D---- C:\Program Files\ma-config.com
2009-07-14 18:32:59 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-07-12 21:16:51 ----HD---- C:\WINDOWS\system32\A783D1
2009-07-12 21:16:41 ----HD---- C:\WINDOWS\system32\6DC9E4
2009-07-09 19:01:45 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-08 19:24:35 ----D---- C:\Program Files\Fichiers communs
2009-07-05 16:25:32 ----D---- C:\WINDOWS\Help
2009-07-02 18:41:41 ----D---- C:\Documents and Settings\ZOA\Application Data\Free Download Manager
2009-07-02 13:02:10 ----RSD---- C:\WINDOWS\assembly
2009-07-01 16:47:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-01 15:12:00 ----D---- C:\WINDOWS\Downloaded Installations
2009-06-29 19:00:41 ----RSH---- C:\WINDOWS\system32\nmdfgds1.dll
2009-06-27 11:19:23 ----RSH---- C:\WINDOWS\system32\vbsdfe1.dll
2009-06-27 11:19:23 ----RSH---- C:\WINDOWS\system32\gasretyw1.dll
2009-06-25 16:13:21 ----D---- C:\WINDOWS\SoftwareDistribution
2009-06-20 15:46:21 ----D---- C:\Program Files\Alwil Software
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-05 223616]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [2004-06-19 120483]
R1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [2004-12-03 26672]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-07-14 21361]
R2 MTC0003_STDSB;Scroll Bar Driver; C:\WINDOWS\system32\drivers\STDSB.sys [2003-12-15 11279]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-03-04 12288]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-01 719052]
R3 asc3360pr;asc3360pr; \??\C:\WINDOWS\system32\drivers\hfnmip.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-05 14080]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-12-04 43520]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-05 506912]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-03-27 268784]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-05 12416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 STDSB;STDSB; C:\WINDOWS\System32\DRIVERS\STDSB.sys [2003-12-15 11279]
S2 WebCamHelper;WebCamHelper; \??\C:\PROGRA~1\AV WebCam Morpher GOLD\WebCamHelper.sys []
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
S3 ad3uqece;ad3uqece; C:\WINDOWS\system32\drivers\ad3uqece.sys []
S3 ad3uqece;ad3uqece; C:\WINDOWS\system32\drivers\ad3uqece.sys []
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-10-22 660480]
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 Dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Pilote de classe Scanneur pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-05 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-17 85552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2004-03-30 52384]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2004-03-30 6032]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2004-03-30 84352]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter pour Windows XP; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-06-24 3147776]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]
S4 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S4 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S4 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S4 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\ZOA\LOCALS~1\Temp\mc21.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2008-03-04 823296]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2008-03-04 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2008-03-04 1187840]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2008-06-09 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-05-10 827392]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
-----------------EOF-----------------
Run by ZOA at 2009-07-17 14:50:47
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 973 MB (3%) free of 30 GB
Total RAM: 223 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:06:49, on 17/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\ZOA\wptniq.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\drivers\STDSB.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\system32\D97CED\70CBAC.EXE
C:\WINDOWS\system32\XP-802143EC.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Documents and Settings\ZOA\Application Data\drivers\winupgro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Documents and Settings\All Users\Documents\Ma musique\SuperCopier2\SuperCopier2.exe
C:\Windows\System32\bycool\myapp.exe
C:\Documents and Settings\ZOA\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\ZOA\LOCALS~1\Temp\winhwjgw.exe
C:\DOCUME~1\ZOA\LOCALS~1\Temp\winpjxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\i.bat
D:\i.bat
C:\DOCUME~1\ZOA\LOCALS~1\Temp\asvdr.exe
C:\i.bat
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\A783D1\HX-A783D.EXE
C:\DOCUME~1\ZOA\LOCALS~1\Temp\reigd.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\trend micro\ZOA.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\ZOA\wptniq.exe \o
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\system32\drivers\STDSB.exe
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DRIVESYS1] C:\Windows\System32\bycool1\windo.exe
O4 - HKLM\..\Run: [DRIVESYS] C:\Windows\System32\bycool\winacces.exe
O4 - HKLM\..\Run: [xdjnv] C:\WINDOWS\system32\xdjnv.exe \j
O4 - HKLM\..\Run: [adbv] C:\WINDOWS\system32\adbv.exe \j
O4 - HKLM\..\Run: [70CBAC] C:\WINDOWS\system32\D97CED\70CBAC.EXE
O4 - HKLM\..\Run: [XP-802143EC] C:\WINDOWS\system32\XP-802143EC.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - HKCU\..\Run: [vamsoft] C:\WINDOWS\system32\vamsoft.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Documents and Settings\All Users\Documents\Ma musique\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [L08FXLRD_2669638] "C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\ZOA\LOCALS~1\Temp\b.exe
O4 - HKCU\..\Run: [T58] "C:\Program Files\T58KTV\T58.exe" -u
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - Startup: 70CBAC.lnk = C:\WINDOWS\system32\D97CED\70CBAC.EXE
O4 - Startup: Dos Optimizer.pif = ?
O4 - Startup: ¡¡¡¡¡¡.lnk = C:\WINDOWS\system32\XP-802143EC.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9420 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-06-14 509592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-05-01 161352]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-08-08 145920]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-08-08 634880]
"STDSB"=C:\WINDOWS\system32\drivers\STDSB.exe [2003-12-17 28672]
"Icon"=C:\WINDOWS\system32\drivers\Icon.exe [2005-08-08 217088]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 229376]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-06-14 202392]
""= []
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 225280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-08-15 172032]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-03-27 53248]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 112496]
"DRIVESYS1"=C:\Windows\System32\bycool1\windo.exe [2008-08-13 1471601]
"DRIVESYS"=C:\Windows\System32\bycool\winacces.exe [2008-08-13 1211446]
"xdjnv"=C:\WINDOWS\system32\xdjnv.exe [2008-11-01 19968]
"adbv"=C:\WINDOWS\system32\adbv.exe [2008-11-01 19968]
"70CBAC"=C:\WINDOWS\system32\D97CED\70CBAC.EXE [2002-05-18 1405156]
"XP-802143EC"=C:\WINDOWS\system32\XP-802143EC.EXE [2009-07-09 1509591]
"FrameWorkService"= []
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-02-07 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-02-07 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-02-07 118784]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2008-03-04 999424]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2008-03-04 1101824]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-07-17 148856]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"kamsoft"=C:\WINDOWS\system32\kamsoft.exe [2008-11-29 182272]
"vamsoft"=C:\WINDOWS\system32\vamsoft.exe [2008-12-27 189952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2004-09-12 925704]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"cdoosoft"=C:\WINDOWS\system32\olhrwef.exe [2009-07-16 213892]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2009-07-15 5900511]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-03-18 4437232]
"SuperCopier2.exe"=C:\Documents and Settings\All Users\Documents\Ma musique\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"L08FXLRD_2669638"=C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE -m []
"Cognac"=C:\DOCUME~1\ZOA\LOCALS~1\Temp\b.exe []
"T58"=C:\Program Files\T58KTV\T58.exe -u []
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-07-01 321344]
"DriverCure"=C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []
"FrameWorkService"= []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Documents and Settings\ZOA\Menu Démarrer\Programmes\Démarrage
70CBAC.lnk - C:\WINDOWS\system32\D97CED\70CBAC.EXE
Dos Optimizer.pif
¡¡¡¡¡¡.lnk - C:\WINDOWS\system32\XP-802143EC.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{BB4C402F-882A-4526-8C08-51278EA437C1}"=C:\WINDOWS\system32\e8main2.dll [2004-08-05 78848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisallowRun"=0
"NoFolderOptions"=0
"NoRun"=0
"NoFind"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\DFH\DFH.EXE"="D:\DFH\DFH.EXE:*:Enabled:Dictionnaire français Hachette"
"D:\Zuma Deluxe!\Zuma.exe"="D:\Zuma Deluxe!\Zuma.exe:*:Enabled:Zuma Deluxe"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe:*:Enabled:Alertes et état du périphérique hp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b477b81-357b-11dd-bc43-806d6172696f}]
shell\AutoRun\command - E:\i.bat
shell\explore\command - E:\i.bat
shell\open\command - E:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b477b83-357b-11dd-bc43-806d6172696f}]
shell\AutoRun\command - D:\i.bat
shell\explore\command - D:\i.bat
shell\open\command - D:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b477b85-357b-11dd-bc43-806d6172696f}]
shell\AutoRun\command - C:\i.bat
shell\explore\command - C:\i.bat
shell\open\command - C:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21c7f6da-6628-11de-8019-000e35c75164}]
shell\1\command - I:\Recycle.exe
shell\2\command - I:\Recycle.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21f74320-6f25-11de-8045-000e35c75164}]
shell\AutoRun\command - I:\iqe68o.bat
shell\explore\command - I:\iqe68o.bat
shell\open\command - I:\iqe68o.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57ba78c2-16f7-11de-9ea5-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57ba78c3-16f7-11de-9ea5-000e35c75164}]
shell\AutoRun\command - J:\i.bat
shell\explore\command - J:\i.bat
shell\open\command - J:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{669f69b0-51a9-11de-bfd0-000e35c75164}]
shell\AutoRun\command - I:\n68mqcra.exe
shell\open\command - I:\n68mqcra.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71b15de0-59bc-11de-bff2-000e35c75164}]
shell\AutoRun\command - I:\iqe68o.bat
shell\explore\command - I:\iqe68o.bat
shell\open\command - I:\iqe68o.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{74fc4bf0-11b6-11de-9e7e-000e35c75164}]
shell\AutoRun\command - I:\g1ljsm.com
shell\open\command - I:\g1ljsm.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{75759816-64ec-11de-8014-000e35c75164}]
shell\AutoRun\command - I:\2nuk.com
shell\open\command - I:\2nuk.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7876fb10-0b56-11de-9e48-0040d06b7e29}]
shell\AutoRun\command - I:\gi2ky.exe
shell\open\command - I:\gi2ky.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e43b150-4aee-11de-abf1-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e43b153-4aee-11de-abf1-000e35c75164}]
shell\1\command - I:\Recycle.exe
shell\2\command - I:\Recycle.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e7cffc0-1de4-11de-9ebe-000e35c75164}]
shell\AutoRun\command - I:\gi2ky.exe
shell\open\command - I:\gi2ky.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9790b211-c11b-11dd-9dc5-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e9f1470-674a-11de-8023-000e35c75164}]
shell\1\command - I:\Recycled.exe
shell\2\command - I:\Recycled.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a102ce20-35fa-11d6-9e68-000e35c75164}]
shell\AutoRun\command - I:\uvsqfgwd.cmd
shell\open\command - I:\uvsqfgwd.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8e1ba60-352f-11d6-9e64-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dfaae697-73b5-11d6-ac03-000e35c75164}]
shell\AutoRun\command - I:\n68mqcra.exe
shell\open\command - I:\n68mqcra.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f62d4e32-6c29-11dd-9d92-000e35c75164}]
shell\AutoRun\command - I:\i.bat
shell\explore\command - I:\i.bat
shell\open\command - I:\i.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6daa0f0-51a5-11de-bfcf-000e35c75164}]
shell\1\command - I:\Recycle.exe
shell\2\command - I:\Recycle.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc9e6a70-e2dc-11dd-9e1d-0040d06b7e29}]
shell\AutoRun\command - I:\iqe68o.bat
shell\explore\command - I:\iqe68o.bat
shell\open\command - I:\iqe68o.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc9e6a71-e2dc-11dd-9e1d-0040d06b7e29}]
shell\AutoRun\command - J:\iqe68o.bat
shell\explore\command - J:\iqe68o.bat
shell\open\command - J:\iqe68o.bat
======File associations======
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2009-07-17 14:34:09 ----A---- C:\WINDOWS\system32\ban_list.txt
2009-07-15 23:46:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-07-15 23:34:59 ----RSH---- C:\zPharaoh.exe
2009-07-15 23:34:57 ----D---- C:\Documents and Settings\ZOA\Application Data\tazebama
2009-07-14 22:22:32 ----D---- C:\Program Files\SystemRequirementsLab
2009-07-14 22:21:04 ----D---- C:\Documents and Settings\ZOA\Application Data\SystemRequirementsLab
2009-07-14 21:27:27 ----A---- C:\WINDOWS\system32\vuins32.dll
2009-07-14 21:27:15 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-07-14 21:13:54 ----D---- C:\Documents and Settings\ZOA\Application Data\Intel
2009-07-14 21:13:01 ----A---- C:\WINDOWS\system32\results.txt
2009-07-14 21:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-07-14 21:05:17 ----A---- C:\WINDOWS\system32\Netw2r32.dll
2009-07-14 21:05:17 ----A---- C:\WINDOWS\system32\Netw2c32.dll
2009-07-14 19:59:17 ----RSH---- C:\iqe68o.bat
2009-07-14 19:59:16 ----RSH---- C:\i.bat
2009-07-14 19:58:10 ----RSH---- C:\nkbd1v.exe
2009-07-14 19:37:33 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-07-13 18:48:48 ----A---- C:\WINDOWS\system32\HX-A783D.EXE
2009-07-13 18:48:34 ----SH---- C:\WINDOWS\system32\vt-7326.exe
2009-07-11 14:20:30 ----RSH---- C:\j39y2.bat
2009-07-10 16:13:29 ----A---- C:\Documents and Settings\ZOA\Application Data\lsass.exe
2009-07-09 19:11:00 ----A---- C:\Documents and Settings\ZOA\Application Data\svchost.exe
2009-07-09 18:58:48 ----RSH---- C:\p.exe
2009-07-09 18:56:15 ----A---- C:\WINDOWS\system32\a5.ini
2009-07-09 18:55:29 ----A---- C:\WINDOWS\system32\HV-D97CE.EXE
2009-07-09 18:55:25 ----SH---- C:\WINDOWS\system32\vt-7626.exe
2009-07-09 18:53:06 ----ASH---- C:\WINDOWS\system32\ul.dll
2009-07-09 18:53:06 ----ASH---- C:\WINDOWS\system32\og.dll
2009-07-09 18:52:54 ----RSH---- C:\WINDOWS\system32\XP-802143EC.EXE
2009-07-08 19:25:13 ----D---- C:\Documents and Settings\ZOA\Application Data\DriverCure
2009-07-08 19:24:34 ----D---- C:\Documents and Settings\All Users\Application Data\ParetoLogic
2009-07-08 19:24:34 ----D---- C:\Documents and Settings\All Users\Application Data\DriverCure
2009-07-07 11:51:16 ----RSH---- C:\q1alx.exe
2009-07-07 11:41:42 ----RSH---- C:\86l2qw.bat
2009-07-03 13:34:30 ----RSH---- C:\3j2h0tf.bat
2009-07-03 13:25:03 ----RSH---- C:\xmcckw.bat
2009-07-01 19:17:25 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-01 17:28:17 ----D---- C:\Documents and Settings\ZOA\Application Data\BitTorrent
2009-07-01 17:27:02 ----D---- C:\Program Files\DNA
2009-07-01 17:26:54 ----D---- C:\Documents and Settings\ZOA\Application Data\DNA
2009-07-01 17:26:50 ----D---- C:\Program Files\BitTorrent
2009-07-01 15:33:33 ----D---- C:\Program Files\KONAMI
2009-07-01 12:55:13 ----A---- C:\WINDOWS\system32\wcl2wbt.dll
2009-06-29 19:01:08 ----RSH---- C:\2nuk.com
2009-06-29 18:51:20 ----RSH---- C:\060ptrm.com
2009-06-27 17:28:18 ----RSH---- C:\metdgv.bat
2009-06-27 17:18:00 ----RSH---- C:\1mteolu9.com
2009-06-27 17:11:59 ----SHD---- C:\found.000
2009-06-27 11:56:51 ----D---- C:\Documents and Settings\ZOA\Application Data\Lavasoft
2009-06-24 20:52:27 ----RSH---- C:\s.exe
2009-06-24 16:28:30 ----RSH---- C:\ml.com
2009-06-23 18:42:25 ----RSH---- C:\xbvv6o.com
2009-06-22 12:29:05 ----RSH---- C:\m.com
2009-06-22 12:19:41 ----RSH---- C:\be2trf.bat
2009-06-21 19:32:35 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-06-21 19:31:59 ----D---- C:\Program Files\Google
2009-06-20 15:22:55 ----RSH---- C:\ste8.bat
2009-06-20 15:04:43 ----RSH---- C:\cahpcg.cmd
2009-06-20 15:04:12 ----RSH---- C:\WINDOWS\system32\nmdfgds2.dll
2009-06-18 18:14:03 ----RSH---- C:\xhah66s.cmd
2009-06-18 17:16:46 ----RSH---- C:\d9c.bat
======List of files/folders modified in the last 1 months======
2009-07-17 14:50:56 ----D---- C:\Program Files\trend micro
2009-07-17 14:34:09 ----D---- C:\WINDOWS\system32
2009-07-17 14:06:53 ----D---- C:\Program Files\Mozilla Firefox
2009-07-16 23:36:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-16 20:29:25 ----RSH---- C:\WINDOWS\system32\nmdfgds0.dll
2009-07-16 20:29:14 ----A---- C:\WINDOWS\system32\olhrwef.exe
2009-07-15 23:44:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-15 23:44:09 ----D---- C:\Program Files\Windows Media Player
2009-07-15 23:44:08 ----D---- C:\Program Files\Outlook Express
2009-07-15 23:44:03 ----D---- C:\Program Files\movie maker
2009-07-15 23:44:02 ----D---- C:\Program Files\Internet Explorer
2009-07-15 23:43:59 ----D---- C:\Program Files\NetMeeting
2009-07-15 23:35:23 ----D---- C:\Program Files\Windows NT
2009-07-15 23:35:12 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-15 23:34:57 ----A---- C:\WINDOWS\system.ini
2009-07-15 23:33:30 ----D---- C:\NOUVEAUTE
2009-07-15 23:14:08 ----SD---- C:\WINDOWS\Tasks
2009-07-14 21:27:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-07-14 21:18:12 ----SHD---- C:\WINDOWS\Installer
2009-07-14 21:15:03 ----D---- C:\WINDOWS\Prefetch
2009-07-14 21:04:55 ----D---- C:\WINDOWS\system32\CatRoot
2009-07-14 18:33:06 ----D---- C:\Program Files\ma-config.com
2009-07-14 18:32:59 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-07-12 21:16:51 ----HD---- C:\WINDOWS\system32\A783D1
2009-07-12 21:16:41 ----HD---- C:\WINDOWS\system32\6DC9E4
2009-07-09 19:01:45 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-08 19:24:35 ----D---- C:\Program Files\Fichiers communs
2009-07-05 16:25:32 ----D---- C:\WINDOWS\Help
2009-07-02 18:41:41 ----D---- C:\Documents and Settings\ZOA\Application Data\Free Download Manager
2009-07-02 13:02:10 ----RSD---- C:\WINDOWS\assembly
2009-07-01 16:47:09 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-01 15:12:00 ----D---- C:\WINDOWS\Downloaded Installations
2009-06-29 19:00:41 ----RSH---- C:\WINDOWS\system32\nmdfgds1.dll
2009-06-27 11:19:23 ----RSH---- C:\WINDOWS\system32\vbsdfe1.dll
2009-06-27 11:19:23 ----RSH---- C:\WINDOWS\system32\gasretyw1.dll
2009-06-25 16:13:21 ----D---- C:\WINDOWS\SoftwareDistribution
2009-06-20 15:46:21 ----D---- C:\Program Files\Alwil Software
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 Tcpip6;Pilote du protocole IPv6 Microsoft; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-05 223616]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [2004-06-19 120483]
R1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [2004-12-03 26672]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-07-14 21361]
R2 MTC0003_STDSB;Scroll Bar Driver; C:\WINDOWS\system32\drivers\STDSB.sys [2003-12-15 11279]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-03-04 12288]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-01 719052]
R3 asc3360pr;asc3360pr; \??\C:\WINDOWS\system32\drivers\hfnmip.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-05 14080]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-12-04 43520]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-06 210128]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-05 506912]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-23 6912]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-03-27 268784]
R3 tunmp;Pilote de carte miniport Tun Microsoft; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-05 12416]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 STDSB;STDSB; C:\WINDOWS\System32\DRIVERS\STDSB.sys [2003-12-15 11279]
S2 WebCamHelper;WebCamHelper; \??\C:\PROGRA~1\AV WebCam Morpher GOLD\WebCamHelper.sys []
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
S3 ad3uqece;ad3uqece; C:\WINDOWS\system32\drivers\ad3uqece.sys []
S3 ad3uqece;ad3uqece; C:\WINDOWS\system32\drivers\ad3uqece.sys []
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-10-22 660480]
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 Dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Pilote de classe Scanneur pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-01-15 41984]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-05 15360]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-06 1290760]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-05 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 RecAgent;recagent; \??\C:\WINDOWS\system32\DRIVERS\RecAgent.sys []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-17 85552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2004-03-30 52384]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2004-03-30 6032]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2004-03-30 84352]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 w22n51;Pilote Intel(R) PRO/Wireless 2200 Adapter pour Windows XP; C:\WINDOWS\system32\DRIVERS\w22n51.sys [2004-06-24 3147776]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]
S4 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S4 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S4 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys []
S4 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\ZOA\LOCALS~1\Temp\mc21.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Service d'application d'assistance IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2008-03-04 823296]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2008-03-04 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2008-03-04 1187840]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-05-29 234864]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2008-06-09 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-05-10 827392]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
-----------------EOF-----------------
Configuration: Windows XP Firefox 3.0.11
A voir également:
- JE VOUS POSTE LE RAPPORT DE HIJACCK
- Plan rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Numéro 952 la poste - Forum SFR
- Tablette offerte avec abonnement magazine la poste ✓ - Forum Consommation & Internet
1 réponse
Salut ,
• Télécharge et install UsbFix par Chiquitine29
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
• Double clic sur le raccourci UsbFix présent sur ton bureau .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
• Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
• Laisse travailler l'outil.
• Ensuite post le rapport UsbFix.txt qui apparaitra.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
• Télécharge et install UsbFix par Chiquitine29
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
• Double clic sur le raccourci UsbFix présent sur ton bureau .
• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
• Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
• Laisse travailler l'outil.
• Ensuite post le rapport UsbFix.txt qui apparaitra.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
