Virus
Résolu
lolotte813
Messages postés
115
Date d'inscription
Statut
Membre
Dernière intervention
-
lolotte813 Messages postés 115 Date d'inscription Statut Membre Dernière intervention -
lolotte813 Messages postés 115 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
Je pense avoir un virus sur mon ordi.
Cela se traduit par une fenêtre DOS qui revient régulièrement, titrée "c\windows\temp\install.exe".
Dans certains cas, les recherches Google m'envoient sur des liens qui n'ont rien à voir.
De plus, impossible de lancer mon Norton 360 pour faire une analyse.
Si quelqu'un à une idée. Merci.
Ps : Norton me propose de réparer en ligne via un forfait de 99€, résultat garanti : qu'en pensez-vous ?
Une intervention d'un autre technicien ne sera-t-elle pas aussi chère ?
Je pense avoir un virus sur mon ordi.
Cela se traduit par une fenêtre DOS qui revient régulièrement, titrée "c\windows\temp\install.exe".
Dans certains cas, les recherches Google m'envoient sur des liens qui n'ont rien à voir.
De plus, impossible de lancer mon Norton 360 pour faire une analyse.
Si quelqu'un à une idée. Merci.
Ps : Norton me propose de réparer en ligne via un forfait de 99€, résultat garanti : qu'en pensez-vous ?
Une intervention d'un autre technicien ne sera-t-elle pas aussi chère ?
A voir également:
- Virus
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Softonic virus ✓ - Forum Logiciels
63 réponses
@ lolotte813 : c'est facile de savoir a qui faire faire confiance dans ce cas si :
- clic sur chaqu'un de nos pseudo a OBAID44 (qui ce prend pour hacker) et moi (plopus)
- tu verras le nombre de message que nous avons poster en clicquant sur le nombre tu auras les sujet ou nous avons poster et les reponses apporté ainsi que les sujet résolu
bref OBAID avec 6 reponses n'est pas trés convaiquant surtout avec ce qu'il dit
lolotte poste le RSIT stp
@ OBAID44 : explique moi comment tu arrive a pirater quelqu'un avec un RSIT ?
- clic sur chaqu'un de nos pseudo a OBAID44 (qui ce prend pour hacker) et moi (plopus)
- tu verras le nombre de message que nous avons poster en clicquant sur le nombre tu auras les sujet ou nous avons poster et les reponses apporté ainsi que les sujet résolu
bref OBAID avec 6 reponses n'est pas trés convaiquant surtout avec ce qu'il dit
lolotte poste le RSIT stp
@ OBAID44 : explique moi comment tu arrive a pirater quelqu'un avec un RSIT ?
salut
Télécharge Random's System Information Tool (RSIT) de Random/Random, et enregistre le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Télécharge Random's System Information Tool (RSIT) de Random/Random, et enregistre le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur "Continue" à l'écran Disclaimer.
• Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
• Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés stp
Voici le rapport 1 :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-07-31 11:27:27
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (48% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
myBar BHO - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL [2004-08-15 245760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - My &Search Bar - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL [2004-08-15 245760]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoClose"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e02a268-a53a-11dd-833f-effe6ad206b3}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
======List of files/folders created in the last 1 months======
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 18:38:43 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
======List of files/folders modified in the last 1 months======
2009-07-31 11:27:27 ----D---- C:\Program Files
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-31 10:59:15 ----D---- C:\WINDOWS\Temp
2009-07-31 09:12:45 ----AD---- C:\WINDOWS\system32
2009-07-30 17:35:38 ----D---- C:\WINDOWS\Prefetch
2009-07-30 13:44:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-30 12:21:38 ----D---- C:\WINDOWS\system32\drivers
2009-07-30 12:21:37 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-07-30 12:20:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:17:01 ----D---- C:\WINDOWS
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-07-31 11:27:27
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (48% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}]
myBar BHO - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL [2004-08-15 245760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - My &Search Bar - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL [2004-08-15 245760]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoClose"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e02a268-a53a-11dd-833f-effe6ad206b3}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
======List of files/folders created in the last 1 months======
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 18:38:43 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
======List of files/folders modified in the last 1 months======
2009-07-31 11:27:27 ----D---- C:\Program Files
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-31 10:59:15 ----D---- C:\WINDOWS\Temp
2009-07-31 09:12:45 ----AD---- C:\WINDOWS\system32
2009-07-30 17:35:38 ----D---- C:\WINDOWS\Prefetch
2009-07-30 13:44:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-30 12:21:38 ----D---- C:\WINDOWS\system32\drivers
2009-07-30 12:21:37 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-07-30 12:20:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:17:01 ----D---- C:\WINDOWS
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Voici le rapport 2 :
Record Number: 5
Source Name: ccProxy
Time Written: 20090709123455.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 35
Message: Le service 'ccEvtMgr' a démarré.
Record Number: 4
Source Name: ccSvcHst
Time Written: 20090709123455.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 34
Message: Le service 'ccEvtMgr' démarre.
Record Number: 3
Source Name: ccSvcHst
Time Written: 20090709123454.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 35
Message: Le service 'ccSetMgr' a démarré.
Record Number: 2
Source Name: ccSvcHst
Time Written: 20090709123454.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 34
Message: Le service 'ccSetMgr' démarre.
Record Number: 1
Source Name: ccSvcHst
Time Written: 20090709123454.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ATI-CPanel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
Record Number: 5
Source Name: ccProxy
Time Written: 20090709123455.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 35
Message: Le service 'ccEvtMgr' a démarré.
Record Number: 4
Source Name: ccSvcHst
Time Written: 20090709123455.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 34
Message: Le service 'ccEvtMgr' démarre.
Record Number: 3
Source Name: ccSvcHst
Time Written: 20090709123454.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 35
Message: Le service 'ccSetMgr' a démarré.
Record Number: 2
Source Name: ccSvcHst
Time Written: 20090709123454.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: PCJEHANNO
Event Code: 34
Message: Le service 'ccSetMgr' démarre.
Record Number: 1
Source Name: ccSvcHst
Time Written: 20090709123454.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\ATI-CPanel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
re
donc tu es infecté par plusieurs choses dont une toolbar infectieuse pense toujours a decocher leur installation quand tu installe un programme :
* Télécharge ToolbarSD (de Team IDN) sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2 Suppression. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
ensuite infection USB TOUTES tes clefs USB sont infectés :
* Telecharge UsbFix de C_XX & Chiquitine29
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
* Lance l installation avec les parametres par default
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix sur ton bureau
* Choisi l'option 2 suppression
* Laisse travailler l'outil
* Ensuite post le rapport UsbFix.txt qui apparaîtra
* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus
ensuite
tu telecharge HIJACKTHIS sur ton bureau (ne le lance pas)
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
et après avoir telechargé hijackthis, tu relance RSIT et poste le nouveau rapport
donc tu es infecté par plusieurs choses dont une toolbar infectieuse pense toujours a decocher leur installation quand tu installe un programme :
* Télécharge ToolbarSD (de Team IDN) sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2 Suppression. Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
ensuite infection USB TOUTES tes clefs USB sont infectés :
* Telecharge UsbFix de C_XX & Chiquitine29
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
* Lance l installation avec les parametres par default
* Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d'avoir été infectés sans les ouvrir
* Double clic sur le raccourci UsbFix sur ton bureau
* Choisi l'option 2 suppression
* Laisse travailler l'outil
* Ensuite post le rapport UsbFix.txt qui apparaîtra
* Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
* Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus
ensuite
tu telecharge HIJACKTHIS sur ton bureau (ne le lance pas)
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
et après avoir telechargé hijackthis, tu relance RSIT et poste le nouveau rapport
Voici déjà le rapport de ToolbarSD :
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.60GHz )
BIOS : 4.06 Rev. 1.01.1675
USER : famille jehanno ( Administrator )
BOOT : Normal boot
Antivirus : Norton 360 2007 (Activated)
Firewall : Norton 360 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:8 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 31/07/2009|12:18 )
C:\WINDOWS\smdat32a.sys
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\Myway\myBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\buttons
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\contexts
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\SimpleUpdate
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\BrowserSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Button_6
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Button_7
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Button_8
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Configurator
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\ErrorSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Layouts
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Manager
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Paroles
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Radio_FR
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Recherche_de_musique
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\RelatedSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Telechargement
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Toolbar
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\ToolbarLogo
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\ToolbarSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\TravelSearch
Supprime! - C:\Program Files\Starware370\bin
Supprime! - C:\Program Files\Starware370\brand.bmp
Supprime! - C:\Program Files\Starware370\icons
Supprime! - C:\Program Files\Starware370\Starware370Config.xml
Supprime! - C:\Program Files\Starware370\Starware370Uninstall.exe
Supprime! - C:\DOCUME~1\FAMILL~1\Cookies\famille_jehanno@7search[2].txt
Supprime! - C:\WINDOWS\smdat32a.sys
Supprime! - C:\Program Files\Myway
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370
Supprime! - C:\Program Files\Starware370
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.meteofrance.com/previsions-meteo-france/bretagne/regin05"
"Search Page"="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2fbr%2faccess%2fallinone.asp%3f"
"Search Bar"="https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\FAMILL~1\Mes documents\mark\FLYFF\Sound\PcSkillD-Burstcrack.wav
1 - "C:\ToolBar SD\TB_1.txt" - 31/07/2009|12:27 - Option : [2]
-----------\\ Fin du rapport a 12:27:47,34
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.60GHz )
BIOS : 4.06 Rev. 1.01.1675
USER : famille jehanno ( Administrator )
BOOT : Normal boot
Antivirus : Norton 360 2007 (Activated)
Firewall : Norton 360 2007 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:8 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 31/07/2009|12:18 )
C:\WINDOWS\smdat32a.sys
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\Myway\myBar
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\buttons
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\contexts
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370\SimpleUpdate
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\BrowserSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Button_6
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Button_7
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Button_8
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Configurator
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\ErrorSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Layouts
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Manager
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Paroles
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Radio_FR
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Recherche_de_musique
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\RelatedSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Telechargement
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\Toolbar
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\ToolbarLogo
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\ToolbarSearch
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370\TravelSearch
Supprime! - C:\Program Files\Starware370\bin
Supprime! - C:\Program Files\Starware370\brand.bmp
Supprime! - C:\Program Files\Starware370\icons
Supprime! - C:\Program Files\Starware370\Starware370Config.xml
Supprime! - C:\Program Files\Starware370\Starware370Uninstall.exe
Supprime! - C:\DOCUME~1\FAMILL~1\Cookies\famille_jehanno@7search[2].txt
Supprime! - C:\WINDOWS\smdat32a.sys
Supprime! - C:\Program Files\Myway
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware370
Supprime! - C:\DOCUME~1\FAMILL~1\APPLIC~1\Starware370
Supprime! - C:\Program Files\Starware370
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.meteofrance.com/previsions-meteo-france/bretagne/regin05"
"Search Page"="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2fbr%2faccess%2fallinone.asp%3f"
"Search Bar"="https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\FAMILL~1\Mes documents\mark\FLYFF\Sound\PcSkillD-Burstcrack.wav
1 - "C:\ToolBar SD\TB_1.txt" - 31/07/2009|12:27 - Option : [2]
-----------\\ Fin du rapport a 12:27:47,34
ok passe a la suite jte repondrai une fois tous les rapport posté
Ci-après le rapport concernant mon disk dur externe.
Je n'utilise pas de clé USB.
############################## | UsbFix V6.012 |
User : famille jehanno (Administrateurs) # PCJEHANNO
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 13:09:38 | 31/07/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007
C:\ -> Disque fixe local # 74,53 Go (8,86 Go free) [53_03_02] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 596,17 Go (490,59 Go free) [Keops640] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Rundll32.EXE
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
# HKLM\software\microsoft\security center "AntiVirusOverride" # -> Reset sucessfully !
# HKLM\software\microsoft\security center "FirewallOverride" # -> Reset sucessfully !
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{3e02a268-a53a-11dd-833f-effe6ad206b3}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[06/12/2003 10:39|--a------|3] -> C:\00.dat
[21/10/2003 13:25|--a------|0] -> C:\AUTOEXEC.BAT
[22/06/2005 13:39|-rahs----|216] -> C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] -> C:\Bootfont.bin
[18/09/2008 21:33|--a------|562290] -> C:\CanalPlus.Vod.log
[21/10/2003 13:25|--a------|0] -> C:\CONFIG.SYS
[27/01/2004 21:38|--a------|39] -> C:\CTJINI.INI
[21/10/2003 13:37|--ah-----|499] -> C:\DRVlog.dat
[27/01/2004 21:39|--a------|677] -> C:\drvpnp.dat
[10/09/2008 07:48|--a------|184] -> C:\drwtsn32.log
[21/10/2003 13:42|--ah-----|26] -> C:\fastboot.txt
[02/07/2003 08:49|--a------|520192] -> C:\FirstSteps.exe
[?|?|?] -> C:\hiberfil.sys
[30/07/2009 10:17|--a------|523] -> C:\hpfr3420.xml
[30/07/2009 10:17|--a------|460530] -> C:\hpfr3425.log
[04/06/2005 18:04|--a------|1120] -> C:\INSTALL.LOG
[21/10/2003 13:25|-rahs----|0] -> C:\IO.SYS
[06/12/2003 10:01|--a------|116] -> C:\ispInfo.dat
[06/12/2003 10:01|--a------|131] -> C:\ispInst.dat
[21/10/2003 13:25|-rahs----|0] -> C:\MSDOS.SYS
[31/10/2004 09:53|-rahs----|47564] -> C:\NTDETECT.COM
[02/10/2008 23:03|-rahs----|252240] -> C:\ntldr
[18/08/2001 14:00|--a------|2] -> C:\oem.tag
[?|?|?] -> C:\pagefile.sys
[21/09/2008 08:55|--a------|65716] -> C:\playground.log
[27/01/2004 21:39|--a------|552] -> C:\pnpID.dat
[17/10/2007 08:33|--ah-----|232] -> C:\sqmdata00.sqm
[04/11/2007 12:37|--ah-----|268] -> C:\sqmdata01.sqm
[19/12/2007 18:54|--ah-----|268] -> C:\sqmdata02.sqm
[27/05/2008 19:47|--ah-----|232] -> C:\sqmdata03.sqm
[03/07/2008 18:21|--ah-----|232] -> C:\sqmdata04.sqm
[03/07/2008 19:22|--ah-----|232] -> C:\sqmdata05.sqm
[03/07/2008 19:28|--ah-----|232] -> C:\sqmdata06.sqm
[04/07/2008 21:24|--ah-----|232] -> C:\sqmdata07.sqm
[05/07/2008 18:06|--ah-----|232] -> C:\sqmdata08.sqm
[22/08/2008 18:28|--ah-----|268] -> C:\sqmdata09.sqm
[29/12/2008 21:14|--ah-----|232] -> C:\sqmdata10.sqm
[04/01/2009 15:03|--ah-----|268] -> C:\sqmdata11.sqm
[21/01/2009 00:34|--ah-----|268] -> C:\sqmdata12.sqm
[22/01/2009 08:02|--ah-----|268] -> C:\sqmdata13.sqm
[23/01/2009 18:18|--ah-----|268] -> C:\sqmdata14.sqm
[17/10/2007 08:33|--ah-----|244] -> C:\sqmnoopt00.sqm
[04/11/2007 12:37|--ah-----|244] -> C:\sqmnoopt01.sqm
[19/12/2007 18:54|--ah-----|244] -> C:\sqmnoopt02.sqm
[27/05/2008 19:47|--ah-----|244] -> C:\sqmnoopt03.sqm
[03/07/2008 18:21|--ah-----|244] -> C:\sqmnoopt04.sqm
[03/07/2008 19:22|--ah-----|244] -> C:\sqmnoopt05.sqm
[03/07/2008 19:28|--ah-----|244] -> C:\sqmnoopt06.sqm
[04/07/2008 21:24|--ah-----|244] -> C:\sqmnoopt07.sqm
[05/07/2008 18:06|--ah-----|244] -> C:\sqmnoopt08.sqm
[22/08/2008 18:28|--ah-----|244] -> C:\sqmnoopt09.sqm
[29/12/2008 21:14|--ah-----|244] -> C:\sqmnoopt10.sqm
[04/01/2009 15:03|--ah-----|244] -> C:\sqmnoopt11.sqm
[21/01/2009 00:34|--ah-----|244] -> C:\sqmnoopt12.sqm
[22/01/2009 08:02|--ah-----|244] -> C:\sqmnoopt13.sqm
[23/01/2009 18:18|--ah-----|244] -> C:\sqmnoopt14.sqm
[31/07/2009 12:27|--a------|4014] -> C:\TB.txt
[21/10/2003 13:36|--a------|185] -> C:\temp.log
[21/10/2003 13:36|--a------|172] -> C:\temp1.log
[24/05/2001 12:59|--a------|162304] -> C:\UNWISE.EXE
[31/07/2009 13:33|--a------|5641] -> C:\UsbFix.txt
[21/10/2003 13:42|--a------|0] -> C:\_fsc_temp.log
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.012 ! |
Je n'utilise pas de clé USB.
############################## | UsbFix V6.012 |
User : famille jehanno (Administrateurs) # PCJEHANNO
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 13:09:38 | 31/07/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007
C:\ -> Disque fixe local # 74,53 Go (8,86 Go free) [53_03_02] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque fixe local # 596,17 Go (490,59 Go free) [Keops640] # NTFS
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Rundll32.EXE
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
# HKLM\software\microsoft\security center "AntiVirusOverride" # -> Reset sucessfully !
# HKLM\software\microsoft\security center "FirewallOverride" # -> Reset sucessfully !
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\{3e02a268-a53a-11dd-833f-effe6ad206b3}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[06/12/2003 10:39|--a------|3] -> C:\00.dat
[21/10/2003 13:25|--a------|0] -> C:\AUTOEXEC.BAT
[22/06/2005 13:39|-rahs----|216] -> C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] -> C:\Bootfont.bin
[18/09/2008 21:33|--a------|562290] -> C:\CanalPlus.Vod.log
[21/10/2003 13:25|--a------|0] -> C:\CONFIG.SYS
[27/01/2004 21:38|--a------|39] -> C:\CTJINI.INI
[21/10/2003 13:37|--ah-----|499] -> C:\DRVlog.dat
[27/01/2004 21:39|--a------|677] -> C:\drvpnp.dat
[10/09/2008 07:48|--a------|184] -> C:\drwtsn32.log
[21/10/2003 13:42|--ah-----|26] -> C:\fastboot.txt
[02/07/2003 08:49|--a------|520192] -> C:\FirstSteps.exe
[?|?|?] -> C:\hiberfil.sys
[30/07/2009 10:17|--a------|523] -> C:\hpfr3420.xml
[30/07/2009 10:17|--a------|460530] -> C:\hpfr3425.log
[04/06/2005 18:04|--a------|1120] -> C:\INSTALL.LOG
[21/10/2003 13:25|-rahs----|0] -> C:\IO.SYS
[06/12/2003 10:01|--a------|116] -> C:\ispInfo.dat
[06/12/2003 10:01|--a------|131] -> C:\ispInst.dat
[21/10/2003 13:25|-rahs----|0] -> C:\MSDOS.SYS
[31/10/2004 09:53|-rahs----|47564] -> C:\NTDETECT.COM
[02/10/2008 23:03|-rahs----|252240] -> C:\ntldr
[18/08/2001 14:00|--a------|2] -> C:\oem.tag
[?|?|?] -> C:\pagefile.sys
[21/09/2008 08:55|--a------|65716] -> C:\playground.log
[27/01/2004 21:39|--a------|552] -> C:\pnpID.dat
[17/10/2007 08:33|--ah-----|232] -> C:\sqmdata00.sqm
[04/11/2007 12:37|--ah-----|268] -> C:\sqmdata01.sqm
[19/12/2007 18:54|--ah-----|268] -> C:\sqmdata02.sqm
[27/05/2008 19:47|--ah-----|232] -> C:\sqmdata03.sqm
[03/07/2008 18:21|--ah-----|232] -> C:\sqmdata04.sqm
[03/07/2008 19:22|--ah-----|232] -> C:\sqmdata05.sqm
[03/07/2008 19:28|--ah-----|232] -> C:\sqmdata06.sqm
[04/07/2008 21:24|--ah-----|232] -> C:\sqmdata07.sqm
[05/07/2008 18:06|--ah-----|232] -> C:\sqmdata08.sqm
[22/08/2008 18:28|--ah-----|268] -> C:\sqmdata09.sqm
[29/12/2008 21:14|--ah-----|232] -> C:\sqmdata10.sqm
[04/01/2009 15:03|--ah-----|268] -> C:\sqmdata11.sqm
[21/01/2009 00:34|--ah-----|268] -> C:\sqmdata12.sqm
[22/01/2009 08:02|--ah-----|268] -> C:\sqmdata13.sqm
[23/01/2009 18:18|--ah-----|268] -> C:\sqmdata14.sqm
[17/10/2007 08:33|--ah-----|244] -> C:\sqmnoopt00.sqm
[04/11/2007 12:37|--ah-----|244] -> C:\sqmnoopt01.sqm
[19/12/2007 18:54|--ah-----|244] -> C:\sqmnoopt02.sqm
[27/05/2008 19:47|--ah-----|244] -> C:\sqmnoopt03.sqm
[03/07/2008 18:21|--ah-----|244] -> C:\sqmnoopt04.sqm
[03/07/2008 19:22|--ah-----|244] -> C:\sqmnoopt05.sqm
[03/07/2008 19:28|--ah-----|244] -> C:\sqmnoopt06.sqm
[04/07/2008 21:24|--ah-----|244] -> C:\sqmnoopt07.sqm
[05/07/2008 18:06|--ah-----|244] -> C:\sqmnoopt08.sqm
[22/08/2008 18:28|--ah-----|244] -> C:\sqmnoopt09.sqm
[29/12/2008 21:14|--ah-----|244] -> C:\sqmnoopt10.sqm
[04/01/2009 15:03|--ah-----|244] -> C:\sqmnoopt11.sqm
[21/01/2009 00:34|--ah-----|244] -> C:\sqmnoopt12.sqm
[22/01/2009 08:02|--ah-----|244] -> C:\sqmnoopt13.sqm
[23/01/2009 18:18|--ah-----|244] -> C:\sqmnoopt14.sqm
[31/07/2009 12:27|--a------|4014] -> C:\TB.txt
[21/10/2003 13:36|--a------|185] -> C:\temp.log
[21/10/2003 13:36|--a------|172] -> C:\temp1.log
[24/05/2001 12:59|--a------|162304] -> C:\UNWISE.EXE
[31/07/2009 13:33|--a------|5641] -> C:\UsbFix.txt
[21/10/2003 13:42|--a------|0] -> C:\_fsc_temp.log
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.012 ! |
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re
une fouis hijackthis telecharger sur ton BUREAU c'est RSIt qui doit deja ce trouvé sur ton bureau que tu lance ;)
concernant l'ipod, oui il serait preferable de repasser USBfix avec celui ci branché ainsi que des appareil photo que tu connecte au PC ou camera etc... tout ce que tu branche au PC, tu en branche le max et recommence si tu doit
en attente du RSIT
une fouis hijackthis telecharger sur ton BUREAU c'est RSIt qui doit deja ce trouvé sur ton bureau que tu lance ;)
concernant l'ipod, oui il serait preferable de repasser USBfix avec celui ci branché ainsi que des appareil photo que tu connecte au PC ou camera etc... tout ce que tu branche au PC, tu en branche le max et recommence si tu doit
en attente du RSIT
par contre tu as fait quel option ?
poste le rapport de USbfix que tu as fait
et poursuit la procedure
poste le rapport de USbfix que tu as fait
et poursuit la procedure
Voici le rapport usbfix sur l'IPOD :
Je lance RSIT
############################## | UsbFix V6.012 |
User : famille jehanno (Administrateurs) # PCJEHANNO
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 18:54:26 | 31/07/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007
C:\ -> Disque fixe local # 74,53 Go (9,05 Go free) [53_03_02] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 7,42 Go (4,42 Go free) [IPOD LAURE-] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
Je lance RSIT
############################## | UsbFix V6.012 |
User : famille jehanno (Administrateurs) # PCJEHANNO
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 18:54:26 | 31/07/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007
C:\ -> Disque fixe local # 74,53 Go (9,05 Go free) [53_03_02] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 7,42 Go (4,42 Go free) [IPOD LAURE-] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
Voici le dernier rapport RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-07-31 21:32:03
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
======List of files/folders modified in the last 1 months======
2009-07-31 19:40:39 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:30 ----D---- C:\WINDOWS\Temp
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 18:32:39 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-07-31 18:30:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-31 13:39:31 ----AD---- C:\WINDOWS\system32
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 12:22:28 ----D---- C:\Program Files
2009-07-31 12:20:30 ----D---- C:\WINDOWS
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 13:44:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-30 12:21:38 ----D---- C:\WINDOWS\system32\drivers
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-07-31 21:32:03
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
======List of files/folders modified in the last 1 months======
2009-07-31 19:40:39 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:30 ----D---- C:\WINDOWS\Temp
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 18:32:39 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-07-31 18:30:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-31 13:39:31 ----AD---- C:\WINDOWS\system32
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 12:22:28 ----D---- C:\Program Files
2009-07-31 12:20:30 ----D---- C:\WINDOWS
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 13:44:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-30 12:21:38 ----D---- C:\WINDOWS\system32\drivers
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
il manque la fin du rapport
tu peut le retrouver dans C:\usbfix.txt
tu peut le retrouver dans C:\usbfix.txt
Je renvoie le rapport USBFIX :
############################## | UsbFix V6.012 |
User : famille jehanno (Administrateurs) # PCJEHANNO
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 18:54:26 | 31/07/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007
C:\ -> Disque fixe local # 74,53 Go (9,05 Go free) [53_03_02] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 7,42 Go (4,42 Go free) [IPOD LAURE-] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
################## | Registre # Mountpoints2 |
################## | Listing des fichiers présent |
[06/12/2003 10:39|--a------|3] -> C:\00.dat
[21/10/2003 13:25|--a------|0] -> C:\AUTOEXEC.BAT
[22/06/2005 13:39|-rahs----|216] -> C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] -> C:\Bootfont.bin
[18/09/2008 21:33|--a------|562290] -> C:\CanalPlus.Vod.log
[21/10/2003 13:25|--a------|0] -> C:\CONFIG.SYS
[27/01/2004 21:38|--a------|39] -> C:\CTJINI.INI
[21/10/2003 13:37|--ah-----|499] -> C:\DRVlog.dat
[27/01/2004 21:39|--a------|677] -> C:\drvpnp.dat
[10/09/2008 07:48|--a------|184] -> C:\drwtsn32.log
[21/10/2003 13:42|--ah-----|26] -> C:\fastboot.txt
[02/07/2003 08:49|--a------|520192] -> C:\FirstSteps.exe
[?|?|?] -> C:\hiberfil.sys
[30/07/2009 10:17|--a------|523] -> C:\hpfr3420.xml
[30/07/2009 10:17|--a------|460530] -> C:\hpfr3425.log
[04/06/2005 18:04|--a------|1120] -> C:\INSTALL.LOG
[21/10/2003 13:25|-rahs----|0] -> C:\IO.SYS
[06/12/2003 10:01|--a------|116] -> C:\ispInfo.dat
[06/12/2003 10:01|--a------|131] -> C:\ispInst.dat
[21/10/2003 13:25|-rahs----|0] -> C:\MSDOS.SYS
[31/10/2004 09:53|-rahs----|47564] -> C:\NTDETECT.COM
[02/10/2008 23:03|-rahs----|252240] -> C:\ntldr
[18/08/2001 14:00|--a------|2] -> C:\oem.tag
[?|?|?] -> C:\pagefile.sys
[21/09/2008 08:55|--a------|65716] -> C:\playground.log
[27/01/2004 21:39|--a------|552] -> C:\pnpID.dat
[17/10/2007 08:33|--ah-----|232] -> C:\sqmdata00.sqm
[04/11/2007 12:37|--ah-----|268] -> C:\sqmdata01.sqm
[19/12/2007 18:54|--ah-----|268] -> C:\sqmdata02.sqm
[27/05/2008 19:47|--ah-----|232] -> C:\sqmdata03.sqm
[03/07/2008 18:21|--ah-----|232] -> C:\sqmdata04.sqm
[03/07/2008 19:22|--ah-----|232] -> C:\sqmdata05.sqm
[03/07/2008 19:28|--ah-----|232] -> C:\sqmdata06.sqm
[04/07/2008 21:24|--ah-----|232] -> C:\sqmdata07.sqm
[05/07/2008 18:06|--ah-----|232] -> C:\sqmdata08.sqm
[22/08/2008 18:28|--ah-----|268] -> C:\sqmdata09.sqm
[29/12/2008 21:14|--ah-----|232] -> C:\sqmdata10.sqm
[04/01/2009 15:03|--ah-----|268] -> C:\sqmdata11.sqm
[21/01/2009 00:34|--ah-----|268] -> C:\sqmdata12.sqm
[22/01/2009 08:02|--ah-----|268] -> C:\sqmdata13.sqm
[23/01/2009 18:18|--ah-----|268] -> C:\sqmdata14.sqm
[17/10/2007 08:33|--ah-----|244] -> C:\sqmnoopt00.sqm
[04/11/2007 12:37|--ah-----|244] -> C:\sqmnoopt01.sqm
[19/12/2007 18:54|--ah-----|244] -> C:\sqmnoopt02.sqm
[27/05/2008 19:47|--ah-----|244] -> C:\sqmnoopt03.sqm
[03/07/2008 18:21|--ah-----|244] -> C:\sqmnoopt04.sqm
[03/07/2008 19:22|--ah-----|244] -> C:\sqmnoopt05.sqm
[03/07/2008 19:28|--ah-----|244] -> C:\sqmnoopt06.sqm
[04/07/2008 21:24|--ah-----|244] -> C:\sqmnoopt07.sqm
[05/07/2008 18:06|--ah-----|244] -> C:\sqmnoopt08.sqm
[22/08/2008 18:28|--ah-----|244] -> C:\sqmnoopt09.sqm
[29/12/2008 21:14|--ah-----|244] -> C:\sqmnoopt10.sqm
[04/01/2009 15:03|--ah-----|244] -> C:\sqmnoopt11.sqm
[21/01/2009 00:34|--ah-----|244] -> C:\sqmnoopt12.sqm
[22/01/2009 08:02|--ah-----|244] -> C:\sqmnoopt13.sqm
[23/01/2009 18:18|--ah-----|244] -> C:\sqmnoopt14.sqm
[31/07/2009 12:27|--a------|4014] -> C:\TB.txt
[21/10/2003 13:36|--a------|185] -> C:\temp.log
[21/10/2003 13:36|--a------|172] -> C:\temp1.log
[24/05/2001 12:59|--a------|162304] -> C:\UNWISE.EXE
[31/07/2009 19:18|--a------|5319] -> C:\UsbFix.txt
[21/10/2003 13:42|--a------|0] -> C:\_fsc_temp.log
[17/10/2063 22:35|---------|0] -> J:\.metadata_never_index
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.012 ! |
############################## | UsbFix V6.012 |
User : famille jehanno (Administrateurs) # PCJEHANNO
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 18:54:26 | 31/07/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Intel(R) Pentium(R) 4 CPU 2.60GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Disabled
AV : Norton 360 2007 [ Enabled | Updated ]
FW : Norton 360[ Enabled ]2007
C:\ -> Disque fixe local # 74,53 Go (9,05 Go free) [53_03_02] # NTFS
D:\ -> Disque CD-ROM
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible # 7,42 Go (4,42 Go free) [IPOD LAURE-] # FAT32
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés Run infectieuses |
################## | Registre # Mountpoints2 |
################## | Listing des fichiers présent |
[06/12/2003 10:39|--a------|3] -> C:\00.dat
[21/10/2003 13:25|--a------|0] -> C:\AUTOEXEC.BAT
[22/06/2005 13:39|-rahs----|216] -> C:\boot.ini
[30/08/2002 14:00|-rahs----|4952] -> C:\Bootfont.bin
[18/09/2008 21:33|--a------|562290] -> C:\CanalPlus.Vod.log
[21/10/2003 13:25|--a------|0] -> C:\CONFIG.SYS
[27/01/2004 21:38|--a------|39] -> C:\CTJINI.INI
[21/10/2003 13:37|--ah-----|499] -> C:\DRVlog.dat
[27/01/2004 21:39|--a------|677] -> C:\drvpnp.dat
[10/09/2008 07:48|--a------|184] -> C:\drwtsn32.log
[21/10/2003 13:42|--ah-----|26] -> C:\fastboot.txt
[02/07/2003 08:49|--a------|520192] -> C:\FirstSteps.exe
[?|?|?] -> C:\hiberfil.sys
[30/07/2009 10:17|--a------|523] -> C:\hpfr3420.xml
[30/07/2009 10:17|--a------|460530] -> C:\hpfr3425.log
[04/06/2005 18:04|--a------|1120] -> C:\INSTALL.LOG
[21/10/2003 13:25|-rahs----|0] -> C:\IO.SYS
[06/12/2003 10:01|--a------|116] -> C:\ispInfo.dat
[06/12/2003 10:01|--a------|131] -> C:\ispInst.dat
[21/10/2003 13:25|-rahs----|0] -> C:\MSDOS.SYS
[31/10/2004 09:53|-rahs----|47564] -> C:\NTDETECT.COM
[02/10/2008 23:03|-rahs----|252240] -> C:\ntldr
[18/08/2001 14:00|--a------|2] -> C:\oem.tag
[?|?|?] -> C:\pagefile.sys
[21/09/2008 08:55|--a------|65716] -> C:\playground.log
[27/01/2004 21:39|--a------|552] -> C:\pnpID.dat
[17/10/2007 08:33|--ah-----|232] -> C:\sqmdata00.sqm
[04/11/2007 12:37|--ah-----|268] -> C:\sqmdata01.sqm
[19/12/2007 18:54|--ah-----|268] -> C:\sqmdata02.sqm
[27/05/2008 19:47|--ah-----|232] -> C:\sqmdata03.sqm
[03/07/2008 18:21|--ah-----|232] -> C:\sqmdata04.sqm
[03/07/2008 19:22|--ah-----|232] -> C:\sqmdata05.sqm
[03/07/2008 19:28|--ah-----|232] -> C:\sqmdata06.sqm
[04/07/2008 21:24|--ah-----|232] -> C:\sqmdata07.sqm
[05/07/2008 18:06|--ah-----|232] -> C:\sqmdata08.sqm
[22/08/2008 18:28|--ah-----|268] -> C:\sqmdata09.sqm
[29/12/2008 21:14|--ah-----|232] -> C:\sqmdata10.sqm
[04/01/2009 15:03|--ah-----|268] -> C:\sqmdata11.sqm
[21/01/2009 00:34|--ah-----|268] -> C:\sqmdata12.sqm
[22/01/2009 08:02|--ah-----|268] -> C:\sqmdata13.sqm
[23/01/2009 18:18|--ah-----|268] -> C:\sqmdata14.sqm
[17/10/2007 08:33|--ah-----|244] -> C:\sqmnoopt00.sqm
[04/11/2007 12:37|--ah-----|244] -> C:\sqmnoopt01.sqm
[19/12/2007 18:54|--ah-----|244] -> C:\sqmnoopt02.sqm
[27/05/2008 19:47|--ah-----|244] -> C:\sqmnoopt03.sqm
[03/07/2008 18:21|--ah-----|244] -> C:\sqmnoopt04.sqm
[03/07/2008 19:22|--ah-----|244] -> C:\sqmnoopt05.sqm
[03/07/2008 19:28|--ah-----|244] -> C:\sqmnoopt06.sqm
[04/07/2008 21:24|--ah-----|244] -> C:\sqmnoopt07.sqm
[05/07/2008 18:06|--ah-----|244] -> C:\sqmnoopt08.sqm
[22/08/2008 18:28|--ah-----|244] -> C:\sqmnoopt09.sqm
[29/12/2008 21:14|--ah-----|244] -> C:\sqmnoopt10.sqm
[04/01/2009 15:03|--ah-----|244] -> C:\sqmnoopt11.sqm
[21/01/2009 00:34|--ah-----|244] -> C:\sqmnoopt12.sqm
[22/01/2009 08:02|--ah-----|244] -> C:\sqmnoopt13.sqm
[23/01/2009 18:18|--ah-----|244] -> C:\sqmnoopt14.sqm
[31/07/2009 12:27|--a------|4014] -> C:\TB.txt
[21/10/2003 13:36|--a------|185] -> C:\temp.log
[21/10/2003 13:36|--a------|172] -> C:\temp1.log
[24/05/2001 12:59|--a------|162304] -> C:\UNWISE.EXE
[31/07/2009 19:18|--a------|5319] -> C:\UsbFix.txt
[21/10/2003 13:42|--a------|0] -> C:\_fsc_temp.log
[17/10/2063 22:35|---------|0] -> J:\.metadata_never_index
################## | Vaccination |
# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# J:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # UsbFix V6.012 ! |
re
passe a RSIT
passe a RSIT
Rapport RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-07-31 22:31:04
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (59% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
======List of files/folders modified in the last 1 months======
2009-07-31 21:38:11 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:30 ----D---- C:\WINDOWS\Temp
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 18:32:39 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-07-31 18:30:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-31 13:39:31 ----AD---- C:\WINDOWS\system32
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 12:22:28 ----D---- C:\Program Files
2009-07-31 12:20:30 ----D---- C:\WINDOWS
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 13:44:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-30 12:21:38 ----D---- C:\WINDOWS\system32\drivers
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-07-31 22:31:04
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (59% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
======List of files/folders modified in the last 1 months======
2009-07-31 21:38:11 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:30 ----D---- C:\WINDOWS\Temp
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 18:32:39 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-07-31 18:30:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-31 13:39:31 ----AD---- C:\WINDOWS\system32
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 12:22:28 ----D---- C:\Program Files
2009-07-31 12:20:30 ----D---- C:\WINDOWS
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 13:44:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-30 12:21:38 ----D---- C:\WINDOWS\system32\drivers
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
ok il en reste dont un reconnaissable le adware Gator que tu as installé TOI avec un programme, TOUJOURS LIRE et DECOCHER et/ou refuser l'installation de sponsor/toolbar/etc...
Fait un scan en ligne ici et poste le rapport en entier avec les lignes :
http://www.bitdefender.fr/scan_fr/scan8/ie.html?affil=3540
puis
* Télécharge Malwarebytes
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
* Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
après tous tu utilise CCleaner comme indiqué ici, si tu ne l'as pas il y a le telechargement dans le tuto :
https://www.malekal.com/tutoriel-ccleaner/
tu nettoie ton registre et tes fichier temporaire plusieurs fois jusqu'a trouver 0erreur
puis ensuite lance hijackthis et poste le rapport et lance RSIT et poste le rapport aussi
Fait un scan en ligne ici et poste le rapport en entier avec les lignes :
http://www.bitdefender.fr/scan_fr/scan8/ie.html?affil=3540
puis
* Télécharge Malwarebytes
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
* Fais la mise à jour du logiciel (elle se fait normalement à l'installation)
* Lance une analyse complète en cliquant sur "Exécuter un examen complet"
* Sélectionnes les disques que tu veux analyser et cliques sur "Lancer l'examen"
* L'analyse peut durer un bon moment.....
* Une fois l'analyse terminée, cliques sur "OK" puis sur "Afficher les résultats"
* Vérifies que tout est bien coché et cliques sur "Supprimer la sélection" => et ensuite sur "OK"
* Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum
* Il se pourrait que certains fichiers devront être supprimés au redémarrage du PC... Faites le en cliquant sur "oui" à la question posée
après tous tu utilise CCleaner comme indiqué ici, si tu ne l'as pas il y a le telechargement dans le tuto :
https://www.malekal.com/tutoriel-ccleaner/
tu nettoie ton registre et tes fichier temporaire plusieurs fois jusqu'a trouver 0erreur
puis ensuite lance hijackthis et poste le rapport et lance RSIT et poste le rapport aussi
Passe a malwarebyte et supprime la selection et ensuite tu réessaye le scan en ligne sachant qu'il faut le faire avec internet explorer et si sa marche toujours pas essaye ici : https://www.kaspersky.fr/downloads
et tu clic sur "online scan"
Fait donc malwarebyte avant supprime ce qu'il trouve te poste le rapport et epasse au scan en ligne
et tu clic sur "online scan"
Fait donc malwarebyte avant supprime ce qu'il trouve te poste le rapport et epasse au scan en ligne
tu as l'icone malwarebyte qui s'est installé sur le bureau ??
si oui clic dessus va dans l'onglet mise a jour et clic sur rechercher
ensuite va dans l'onglet Recherche clic selectionne examen complet et clic sur rechercher ne bas
le scan ce lance attends al fin et fait ce qui est dit dans mes explication + haut pour supprimer les virus
si oui clic dessus va dans l'onglet mise a jour et clic sur rechercher
ensuite va dans l'onglet Recherche clic selectionne examen complet et clic sur rechercher ne bas
le scan ce lance attends al fin et fait ce qui est dit dans mes explication + haut pour supprimer les virus
ok bon dans ce cas tu lance hijackthis et me poste le rapport
et tu lance RSIt et me poste le rapport
et tu lance RSIt et me poste le rapport
Quand je lance Hijackthis.exe qui est sur le bureau une fenêtre DOS s'ouvre et se referme et je ne trouve pas de log.
J'ai lancé RSIT après, voici le rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-08-01 12:41:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-08-01 10:40:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-01 10:40:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
======List of files/folders modified in the last 1 months======
2009-08-01 10:57:28 ----D---- C:\WINDOWS\Prefetch
2009-08-01 10:56:25 ----D---- C:\WINDOWS\Temp
2009-08-01 10:56:06 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-08-01 10:53:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-01 10:43:18 ----D---- C:\WINDOWS\system32\drivers
2009-08-01 10:40:40 ----D---- C:\Program Files
2009-07-31 23:34:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 13:39:31 ----AD---- C:\WINDOWS\system32
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 12:20:30 ----D---- C:\WINDOWS
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:14:03 ----D---- C:\Program Files\EA GAMES
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
J'ai lancé RSIT après, voici le rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-08-01 12:41:30
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (60% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"Windows Update Service"=C:\WINDOWS\msupdate32.exe [2009-07-27 60978]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]
C:\Program Files\Fichiers communs\CMEII\CMESys.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk]
C:\Program Files\Fichiers communs\GMT\GMT.exe /startup []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-08-01 10:40:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-01 10:40:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-28 11:53:56 ----RSH---- C:\WINDOWS\msupdate32.exe
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
======List of files/folders modified in the last 1 months======
2009-08-01 10:57:28 ----D---- C:\WINDOWS\Prefetch
2009-08-01 10:56:25 ----D---- C:\WINDOWS\Temp
2009-08-01 10:56:06 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-08-01 10:53:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-01 10:43:18 ----D---- C:\WINDOWS\system32\drivers
2009-08-01 10:40:40 ----D---- C:\Program Files
2009-07-31 23:34:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 13:39:31 ----AD---- C:\WINDOWS\system32
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 12:20:30 ----D---- C:\WINDOWS
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:14:03 ----D---- C:\Program Files\EA GAMES
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:14:06 ----HD---- C:\WINDOWS\inf
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
ok fait ceci :
affiche les fichiers caché a l'aide de ceci : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
ensuite
- clic ici https://www.virustotal.com/gui/
- clic sur parcourir en milieu de page
- dans la nouvelle fenetre va cherche le fichier ci dessous et clic sur ouvrir
- le lien s'inscrit dans la page internet clic sur analyser
- si le fichier a deja ete analyser clic sur réanalyser
- un rapport va s'etablir copie colle le rapport en entier + copie colle l'url qui ce trouve en haut de ton navigateur quand tu es sur la page du rapport
Fait ce qui a au dessus pour ces fichiers et poste les rapports avec leurs noms en entete:
C:\WINDOWS\msupdate32.exe
C:\WINDOWS\system32\msxm192z.dll
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe
ensuite pour réessayer une chose :
- clic droit sur l'icone de hijackthis et choisit RENOMMER
- appel le comme tu veux " HJT" par exemple
Fait pareil avec malwarebyte tu RENOMME LE FICHIER "mbam" par un autre nom en clic droit dessus et renommer appel le MM par exemple
tu peut retrouver ce fichier dans C:\programmefile/malwarebyte antimalware/mbam.exe (l'exetnsion n'est peut etre pas visible)
donc renomme ces 2 fichiers et retente de faire les scans (mbam + hijackthis+scan en ligne après) en faisant une mise a jour avec malwarebyte avant et poste les rapports
affiche les fichiers caché a l'aide de ceci : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
ensuite
- clic ici https://www.virustotal.com/gui/
- clic sur parcourir en milieu de page
- dans la nouvelle fenetre va cherche le fichier ci dessous et clic sur ouvrir
- le lien s'inscrit dans la page internet clic sur analyser
- si le fichier a deja ete analyser clic sur réanalyser
- un rapport va s'etablir copie colle le rapport en entier + copie colle l'url qui ce trouve en haut de ton navigateur quand tu es sur la page du rapport
Fait ce qui a au dessus pour ces fichiers et poste les rapports avec leurs noms en entete:
C:\WINDOWS\msupdate32.exe
C:\WINDOWS\system32\msxm192z.dll
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe
ensuite pour réessayer une chose :
- clic droit sur l'icone de hijackthis et choisit RENOMMER
- appel le comme tu veux " HJT" par exemple
Fait pareil avec malwarebyte tu RENOMME LE FICHIER "mbam" par un autre nom en clic droit dessus et renommer appel le MM par exemple
tu peut retrouver ce fichier dans C:\programmefile/malwarebyte antimalware/mbam.exe (l'exetnsion n'est peut etre pas visible)
donc renomme ces 2 fichiers et retente de faire les scans (mbam + hijackthis+scan en ligne après) en faisant une mise a jour avec malwarebyte avant et poste les rapports
Sans réponse de ta part je t'envoie 3 courriers. Voici le 1er :
Fichier analysé :
C:\WINDOWS\msupdate32.exe
URL de la page :
http://www.virustotal.com/fr/analisis/b1b1c7e95b5cc637b144da5a3b3d4214872d3b1696a980a91eca36ba3a3d6bfc-1249136461
Impression des résultats Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 Virus.Win32.CeeInject!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 TR/Buzus.bqrr
Antiy-AVL 2.0.3.7 2009.07.31 Trojan/Win32.Buzus.gen
Authentium 5.1.2.4 2009.08.01 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 IRC/BackDoor.SdBot4.MSM
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1836 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 BackDoor.IRC.Sdbot.4939
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.01 -
F-Secure 8.0.14470.0 2009.07.31 Trojan.Win32.Buzus.bqqi
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 Virus.Win32.CeeInject
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 Trojan.Win32.Buzus.bqqi
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 Trojan.Buzus.bqrr
Microsoft 1.4903 2009.08.01 VirTool:Win32/CeeInject.gen!AA
NOD32 4296 2009.08.01 IRC/SdBot
Norman 6.01.09 2009.07.31 W32/Buzus.SEX
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 Trj/CI.A
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 Bulk Trojan
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 Trojan.Win32.Buzus.bqrr
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 60978 bytes
MD5...: aae683d3442752bb73c738cd403c0ee5
SHA1..: bd6aa2344a783870c697879f882f4578444af06d
SHA256: b1b1c7e95b5cc637b144da5a3b3d4214872d3b1696a980a91eca36ba3a3d6bfc
ssdeep: 768:04+/SyRlz24qKLw8k0/Zww86BGWo6gSuRaMfh9YFmTqXTWd2VvQraI5:04+/
Sy3z24qKpxg6B7HuRRTLT86A4rp5
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1a40
timedatestamp.....: 0x4a6e2055 (Mon Jul 27 21:47:01 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xbd2 0x1000 5.22 e318582b05de91e698331f459f72a646
.rdata 0x2000 0x2bc 0x1000 1.11 c7e61e1a8c5a382347a0a65961d4e230
.data 0x3000 0x6f0 0x1000 3.51 fed14c96c5b3d044c98f15a1ba4ff86c
.rsrc 0x4000 0x3380 0x4000 3.23 007c83be1bf916a54ecc5d0ba6972a78
( 4 imports )
> KERNEL32.dll: GlobalAlloc, LoadLibraryA, GetProcAddress, GetLastError, GetModuleHandleA, GetStartupInfoA
> USER32.dll: MessageBoxA
> MSVCRT.dll: srand, rand, _exit, _XcptFilter, exit, _acmdln, __getmainargs, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _initterm
> WS2_32.dll: -
( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Antiy-AVL): Armadillo 1.71
Fichier analysé :
C:\WINDOWS\msupdate32.exe
URL de la page :
http://www.virustotal.com/fr/analisis/b1b1c7e95b5cc637b144da5a3b3d4214872d3b1696a980a91eca36ba3a3d6bfc-1249136461
Impression des résultats Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 Virus.Win32.CeeInject!IK
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 TR/Buzus.bqrr
Antiy-AVL 2.0.3.7 2009.07.31 Trojan/Win32.Buzus.gen
Authentium 5.1.2.4 2009.08.01 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 IRC/BackDoor.SdBot4.MSM
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1836 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 BackDoor.IRC.Sdbot.4939
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.01 -
F-Secure 8.0.14470.0 2009.07.31 Trojan.Win32.Buzus.bqqi
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 Virus.Win32.CeeInject
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 Trojan.Win32.Buzus.bqqi
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 Trojan.Buzus.bqrr
Microsoft 1.4903 2009.08.01 VirTool:Win32/CeeInject.gen!AA
NOD32 4296 2009.08.01 IRC/SdBot
Norman 6.01.09 2009.07.31 W32/Buzus.SEX
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 Trj/CI.A
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 Bulk Trojan
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 Trojan.Win32.Buzus.bqrr
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 60978 bytes
MD5...: aae683d3442752bb73c738cd403c0ee5
SHA1..: bd6aa2344a783870c697879f882f4578444af06d
SHA256: b1b1c7e95b5cc637b144da5a3b3d4214872d3b1696a980a91eca36ba3a3d6bfc
ssdeep: 768:04+/SyRlz24qKLw8k0/Zww86BGWo6gSuRaMfh9YFmTqXTWd2VvQraI5:04+/
Sy3z24qKpxg6B7HuRRTLT86A4rp5
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1a40
timedatestamp.....: 0x4a6e2055 (Mon Jul 27 21:47:01 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xbd2 0x1000 5.22 e318582b05de91e698331f459f72a646
.rdata 0x2000 0x2bc 0x1000 1.11 c7e61e1a8c5a382347a0a65961d4e230
.data 0x3000 0x6f0 0x1000 3.51 fed14c96c5b3d044c98f15a1ba4ff86c
.rsrc 0x4000 0x3380 0x4000 3.23 007c83be1bf916a54ecc5d0ba6972a78
( 4 imports )
> KERNEL32.dll: GlobalAlloc, LoadLibraryA, GetProcAddress, GetLastError, GetModuleHandleA, GetStartupInfoA
> USER32.dll: MessageBoxA
> MSVCRT.dll: srand, rand, _exit, _XcptFilter, exit, _acmdln, __getmainargs, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _initterm
> WS2_32.dll: -
( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Antiy-AVL): Armadillo 1.71
2 ème rapport :
Fichier analysé :
C:\WINDOWS\system32\msxm192z.dll
URL de la page :
http://www.virustotal.com/fr/analisis/13b0e58d943a285ea02aabbede23094e088850535a594e0a802e442221c50d5d-1249137019
Rapport :
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.01 W32/Bongler-based!Maximus
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1836 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 Trojan.NtRootKit.origin
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.01 W32/Bongler-based!Maximus
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 -
Microsoft 1.4903 2009.08.01 -
NOD32 4296 2009.08.01 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
PCTools 4.4.2.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 Mal/Behav-170
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 28672 bytes
MD5...: 62367f4bdb91484922fa68e71aa0faf0
SHA1..: fd7a7216637abc19747844bf5a24a2dd450c54c5
SHA256: 13b0e58d943a285ea02aabbede23094e088850535a594e0a802e442221c50d5d
ssdeep: 192:igeTC+SRnvgu+lGXhGc/1L4qIvLHZ6qmbqN11IOHO+kKpOYfyCyd:igeTzSR
noat/1NqLgq1NblkKMYqC
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2d5d
timedatestamp.....: 0x4a70f454 (Thu Jul 30 01:16:04 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1e46 0x2000 6.33 50d70248fe66e1358fba153ef4c59b33
.rdata 0x3000 0x53e 0x1000 2.05 719c95acc2d120fa6f852de848b415d6
.data 0x4000 0x297c 0x1000 0.70 bfd86f6a11db6626b01ccfc964d72fdf
.rsrc 0x7000 0x360 0x1000 0.89 fe6ce800a07b99c2dc4d0fbac860a475
.reloc 0x8000 0x20e 0x1000 0.92 9b9074a30d65916f49ae4a3970497892
( 5 imports )
> KERNEL32.dll: CloseHandle, GetCurrentProcess, CreateThread, GetSystemInfo, GetTempPathA, Sleep, lstrcmpiA, GetVersionExA, GetModuleHandleA, GetProcAddress, GetModuleFileNameA
> USER32.dll: GetSystemMetrics, CallNextHookEx, DispatchMessageA, TranslateMessage, GetMessageA, SetWindowsHookExA, wsprintfA, CharLowerA
> ADVAPI32.dll: RegOpenKeyExA, AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegQueryValueExA, RegSetValueExA, RegCreateKeyA, RegCloseKey
> MSVCRT.dll: _initterm, _adjust_fdiv, _stricmp, _splitpath, malloc, free, sprintf, atoi, strchr, strncmp, _except_handler3, strstr
> WS2_32.dll: -, -, -, -, -, -, -, -, -
( 3 exports )
AR, GetVer, w
PDFiD.: -
RDS...: NSRL Reference Data Set
Fichier analysé :
C:\WINDOWS\system32\msxm192z.dll
URL de la page :
http://www.virustotal.com/fr/analisis/13b0e58d943a285ea02aabbede23094e088850535a594e0a802e442221c50d5d-1249137019
Rapport :
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.01 W32/Bongler-based!Maximus
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1836 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 Trojan.NtRootKit.origin
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.01 W32/Bongler-based!Maximus
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 -
Microsoft 1.4903 2009.08.01 -
NOD32 4296 2009.08.01 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
PCTools 4.4.2.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 Mal/Behav-170
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 28672 bytes
MD5...: 62367f4bdb91484922fa68e71aa0faf0
SHA1..: fd7a7216637abc19747844bf5a24a2dd450c54c5
SHA256: 13b0e58d943a285ea02aabbede23094e088850535a594e0a802e442221c50d5d
ssdeep: 192:igeTC+SRnvgu+lGXhGc/1L4qIvLHZ6qmbqN11IOHO+kKpOYfyCyd:igeTzSR
noat/1NqLgq1NblkKMYqC
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2d5d
timedatestamp.....: 0x4a70f454 (Thu Jul 30 01:16:04 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1e46 0x2000 6.33 50d70248fe66e1358fba153ef4c59b33
.rdata 0x3000 0x53e 0x1000 2.05 719c95acc2d120fa6f852de848b415d6
.data 0x4000 0x297c 0x1000 0.70 bfd86f6a11db6626b01ccfc964d72fdf
.rsrc 0x7000 0x360 0x1000 0.89 fe6ce800a07b99c2dc4d0fbac860a475
.reloc 0x8000 0x20e 0x1000 0.92 9b9074a30d65916f49ae4a3970497892
( 5 imports )
> KERNEL32.dll: CloseHandle, GetCurrentProcess, CreateThread, GetSystemInfo, GetTempPathA, Sleep, lstrcmpiA, GetVersionExA, GetModuleHandleA, GetProcAddress, GetModuleFileNameA
> USER32.dll: GetSystemMetrics, CallNextHookEx, DispatchMessageA, TranslateMessage, GetMessageA, SetWindowsHookExA, wsprintfA, CharLowerA
> ADVAPI32.dll: RegOpenKeyExA, AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegQueryValueExA, RegSetValueExA, RegCreateKeyA, RegCloseKey
> MSVCRT.dll: _initterm, _adjust_fdiv, _stricmp, _splitpath, malloc, free, sprintf, atoi, strchr, strncmp, _except_handler3, strstr
> WS2_32.dll: -, -, -, -, -, -, -, -, -
( 3 exports )
AR, GetVer, w
PDFiD.: -
RDS...: NSRL Reference Data Set
3ème rapport trop gros.
Voici début :
Fichier analysé :
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
URL de la page :
http://www.virustotal.com/fr/analisis/e9cf68740d3af93f195f9a711469052fc60cea137a0a1695b8ae3df345f4da84-1249137330
Rapport :
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.01 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1836 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.01 -
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 -
Microsoft 1.4903 2009.08.01 -
NOD32 4296 2009.08.01 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
PCTools 4.4.2.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 1454143 bytes
MD5...: df15fc534da88b56bd424160b3b11ea4
SHA1..: 0ea5249ce545fa6b08b07671c689bcacc2b7452f
SHA256: e9cf68740d3af93f195f9a711469052fc60cea137a0a1695b8ae3df345f4da84
ssdeep: 24576:tblz5Fta+qs1JzaoICu3T9XVhtxgC/td6UHN:9lFbNqRrN
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x104c84
timedatestamp.....: 0x3eb93fed (Wed May 07 17:18:37 2003)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1e000 0xfe2f2 0xff000 6.50 6feee0450576b2c4138fbfbfb7ba2bc4
.rdata 0x11d000 0x25256 0x26000 5.55 7bebd9ed54dd791a05aca5b0128f539f
.data 0x143000 0x23674 0x1e000 5.31 e378078fa7678452498a9bc01f3c732e
.data1 0x167000 0xa00 0x1000 1.77 fe98bae47a92f967a83687ae5f2eb5d7
.rsrc 0x168000 0x8e8 0x1000 2.02 70486eccc5a956cb10b74ee0c8ec3429
Voici début :
Fichier analysé :
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
URL de la page :
http://www.virustotal.com/fr/analisis/e9cf68740d3af93f195f9a711469052fc60cea137a0a1695b8ae3df345f4da84-1249137330
Rapport :
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.24 2009.08.01 -
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.01 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.08.01 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1836 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.01 -
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.08.01 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 -
Microsoft 1.4903 2009.08.01 -
NOD32 4296 2009.08.01 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.08.01 -
PCTools 4.4.2.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.01 -
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.01 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -
Information additionnelle
File size: 1454143 bytes
MD5...: df15fc534da88b56bd424160b3b11ea4
SHA1..: 0ea5249ce545fa6b08b07671c689bcacc2b7452f
SHA256: e9cf68740d3af93f195f9a711469052fc60cea137a0a1695b8ae3df345f4da84
ssdeep: 24576:tblz5Fta+qs1JzaoICu3T9XVhtxgC/td6UHN:9lFbNqRrN
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x104c84
timedatestamp.....: 0x3eb93fed (Wed May 07 17:18:37 2003)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1e000 0xfe2f2 0xff000 6.50 6feee0450576b2c4138fbfbfb7ba2bc4
.rdata 0x11d000 0x25256 0x26000 5.55 7bebd9ed54dd791a05aca5b0128f539f
.data 0x143000 0x23674 0x1e000 5.31 e378078fa7678452498a9bc01f3c732e
.data1 0x167000 0xa00 0x1000 1.77 fe98bae47a92f967a83687ae5f2eb5d7
.rsrc 0x168000 0x8e8 0x1000 2.02 70486eccc5a956cb10b74ee0c8ec3429
clic ici http://www.cijoint.fr/cj200908/cijT5CzmjG.txt et suit les instructions que j'ai mit et poste le rapport le fix va te demander de redemarré clic sur oui et a l'ouverture de windows après tu auras le rapport FINAL qui va s'ouvrir poste celui ci
tu peux le retrouver dans C:\OTM.txt
ensuite tu devrais pouvoir lancer malwarebyte et aussi faire le scan en ligne Poste les rapports
tu peux le retrouver dans C:\OTM.txt
ensuite tu devrais pouvoir lancer malwarebyte et aussi faire le scan en ligne Poste les rapports
Ci-après le rapport ODT.
Parc ontre pas mieux pour Malware et pour le scan en ligne.
Pour Bitdefender il met : "This web site is not authorizedto host this Active x control"
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
C:\WINDOWS\msupdate32.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\msxm192z.dll
C:\WINDOWS\system32\msxm192z.dll NOT unregistered.
C:\WINDOWS\system32\msxm192z.dll moved successfully.
File/Folder C:\Program Files\Fichiers communs\CMEII\CMESys.exe not found.
File/Folder C:\Program Files\Fichiers communs\GMT\GMT.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSxmlHpr deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: famille jehanno
->Temp folder emptied: 774 bytes
->Temporary Internet Files folder emptied: 44706217 bytes
->Java cache emptied: 114194 bytes
->FireFox cache emptied: 38909083 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 45373 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 500742 bytes
Parc ontre pas mieux pour Malware et pour le scan en ligne.
Pour Bitdefender il met : "This web site is not authorizedto host this Active x control"
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
C:\WINDOWS\msupdate32.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\msxm192z.dll
C:\WINDOWS\system32\msxm192z.dll NOT unregistered.
C:\WINDOWS\system32\msxm192z.dll moved successfully.
File/Folder C:\Program Files\Fichiers communs\CMEII\CMESys.exe not found.
File/Folder C:\Program Files\Fichiers communs\GMT\GMT.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^GStartup.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSxmlHpr deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: famille jehanno
->Temp folder emptied: 774 bytes
->Temporary Internet Files folder emptied: 44706217 bytes
->Java cache emptied: 114194 bytes
->FireFox cache emptied: 38909083 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 45373 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 500742 bytes
tiens donc
tu as redemarré ton PC après OTM ?
poste un nouveau RSIt, une infection n'as pas ete supprimé
tu as redemarré ton PC après OTM ?
poste un nouveau RSIt, une infection n'as pas ete supprimé
Le Pc a rebooté (imposé par OTM).
Voici le rapport RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-08-02 19:02:17
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (50% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-07-13 414992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-08-02 18:37:23 ----D---- C:\WINDOWS\BDOSCAN8
2009-08-02 18:37:17 ----D---- C:\WINDOWS\LastGood
2009-08-02 18:35:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-02 18:35:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-02 18:14:56 ----D---- C:\_OTM
2009-08-01 16:27:03 ----A---- C:\analyse3.txt
2009-08-01 16:23:53 ----A---- C:\analyse2.txt
2009-08-01 16:20:18 ----A---- C:\analyse1.txt
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
======List of files/folders modified in the last 1 months======
2009-08-02 18:37:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-02 18:37:24 ----D---- C:\WINDOWS
2009-08-02 18:37:23 ----HD---- C:\WINDOWS\inf
2009-08-02 18:37:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-02 18:35:55 ----D---- C:\WINDOWS\system32\drivers
2009-08-02 18:35:53 ----D---- C:\Program Files
2009-08-02 18:32:37 ----D---- C:\WINDOWS\Temp
2009-08-02 18:32:37 ----AD---- C:\WINDOWS\system32
2009-08-02 18:17:49 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-08-02 18:16:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-01 10:57:28 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:14:03 ----D---- C:\Program Files\EA GAMES
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Voici le rapport RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-08-02 19:02:17
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (50% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
"MSxmlHpr"=C:\WINDOWS\system32\msxm192z.dll [2004-08-17 28672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-07-13 414992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2009-08-02 18:37:23 ----D---- C:\WINDOWS\BDOSCAN8
2009-08-02 18:37:17 ----D---- C:\WINDOWS\LastGood
2009-08-02 18:35:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-02 18:35:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-02 18:14:56 ----D---- C:\_OTM
2009-08-01 16:27:03 ----A---- C:\analyse3.txt
2009-08-01 16:23:53 ----A---- C:\analyse2.txt
2009-08-01 16:20:18 ----A---- C:\analyse1.txt
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-30 12:06:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:23:03 ----A---- C:\WINDOWS\imsins.BAK
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
======List of files/folders modified in the last 1 months======
2009-08-02 18:37:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-02 18:37:24 ----D---- C:\WINDOWS
2009-08-02 18:37:23 ----HD---- C:\WINDOWS\inf
2009-08-02 18:37:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-02 18:35:55 ----D---- C:\WINDOWS\system32\drivers
2009-08-02 18:35:53 ----D---- C:\Program Files
2009-08-02 18:32:37 ----D---- C:\WINDOWS\Temp
2009-08-02 18:32:37 ----AD---- C:\WINDOWS\system32
2009-08-02 18:17:49 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-08-02 18:16:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-01 10:57:28 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:14:03 ----D---- C:\Program Files\EA GAMES
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-27 22:23:11 ----D---- C:\WINDOWS\Debug
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
clic ici et telecharge CCleaner https://www.malekal.com/tutoriel-ccleaner/
lance va dans option/avancé et decoche la 1er ligne et ensuite nettoie plusieurs fois dans les 2 onglets registre te nettoyeur jusqu' a trouver 0erreur
ensuite réouvre OTM et copie colle ceci dedans :
:processes
explorer.exe
TeaTimer.exe
:files
C:\WINDOWS\system32\msxm192z.dll
C:\Program Files\Fichiers communs\CMEII
C:\Program Files\Fichiers communs\GMT
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSxmlHpr"=-
:commands
[emptytemp]
[purity]
[start explorer]
[reboot]
ensuite repasse un coup de CCleaner et réessaye malwarebyte
si sa marche toujours pas fait ceci va trouver ce fichier : C:\programmefile\malwarebyte\mbam.exe
et dans le mem dossier tu as mbamgui
tu clic droit sur chaqu'un des fichier choisit renommé et appel les MM.exe et l'autre MMgui.exe valide et réessaye de lancer malwarebyte
lance va dans option/avancé et decoche la 1er ligne et ensuite nettoie plusieurs fois dans les 2 onglets registre te nettoyeur jusqu' a trouver 0erreur
ensuite réouvre OTM et copie colle ceci dedans :
:processes
explorer.exe
TeaTimer.exe
:files
C:\WINDOWS\system32\msxm192z.dll
C:\Program Files\Fichiers communs\CMEII
C:\Program Files\Fichiers communs\GMT
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSxmlHpr"=-
:commands
[emptytemp]
[purity]
[start explorer]
[reboot]
ensuite repasse un coup de CCleaner et réessaye malwarebyte
si sa marche toujours pas fait ceci va trouver ce fichier : C:\programmefile\malwarebyte\mbam.exe
et dans le mem dossier tu as mbamgui
tu clic droit sur chaqu'un des fichier choisit renommé et appel les MM.exe et l'autre MMgui.exe valide et réessaye de lancer malwarebyte
Tout a été fait.
Voir log de OTM plus loin.
Mais Malewarebyte ne fonctionne toujours pas.
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\system32\msxm192z.dll
C:\WINDOWS\system32\msxm192z.dll NOT unregistered.
C:\WINDOWS\system32\msxm192z.dll moved successfully.
File/Folder C:\Program Files\Fichiers communs\CMEII not found.
File/Folder C:\Program Files\Fichiers communs\GMT not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: famille jehanno
->Temp folder emptied: 4096426 bytes
->Temporary Internet Files folder emptied: 2671518 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 6,52 mb
OTM by OldTimer - Version 3.0.0.5 log created on 08022009_201432
Files moved on Reboot...
Registry entries deleted on Reboot...
Voir log de OTM plus loin.
Mais Malewarebyte ne fonctionne toujours pas.
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\system32\msxm192z.dll
C:\WINDOWS\system32\msxm192z.dll NOT unregistered.
C:\WINDOWS\system32\msxm192z.dll moved successfully.
File/Folder C:\Program Files\Fichiers communs\CMEII not found.
File/Folder C:\Program Files\Fichiers communs\GMT not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Admin
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: famille jehanno
->Temp folder emptied: 4096426 bytes
->Temporary Internet Files folder emptied: 2671518 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 6,52 mb
OTM by OldTimer - Version 3.0.0.5 log created on 08022009_201432
Files moved on Reboot...
Registry entries deleted on Reboot...
tiens moi au courant pour la suite
ok peut tu relancer RSIt au l'ecran disclaimer tu appui sur la fleche de defilement et tu choisit 2 months
ensuite tu clic sur continuer et poste le rapport à la fin en 2 fois si c'est trop grands
ensuite tu clic sur continuer et poste le rapport à la fin en 2 fois si c'est trop grands
Rapport RSIT :
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-08-02 21:05:37
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (52% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 2 months======
2009-08-02 20:07:52 ----D---- C:\Program Files\CCleaner
2009-08-02 18:37:23 ----D---- C:\WINDOWS\BDOSCAN8
2009-08-02 18:35:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-02 18:35:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-02 18:14:56 ----D---- C:\_OTM
2009-08-01 16:27:03 ----A---- C:\analyse3.txt
2009-08-01 16:23:53 ----A---- C:\analyse2.txt
2009-08-01 16:20:18 ----A---- C:\analyse1.txt
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-06-27 19:15:45 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Skinux
2009-06-27 18:41:31 ----D---- C:\Program Files\Fichiers communs\Kodak
2009-06-27 18:41:03 ----D---- C:\Program Files\Kodak
2009-06-27 18:38:57 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak
2009-06-16 23:03:15 ----D---- C:\Program Files\iPod
2009-06-16 23:02:58 ----D---- C:\Program Files\iTunes
2009-06-15 21:08:53 ----D---- C:\WINDOWS\ie8updates
2009-06-15 21:04:50 ----HDC---- C:\WINDOWS\ie8
2009-06-14 16:00:08 ----D---- C:\Documents and Settings\famille jehanno\Application Data\AdSigner
2009-06-11 23:25:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-11 23:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-11 23:21:55 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-11 23:21:04 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
======List of files/folders modified in the last 2 months======
2009-08-02 20:27:04 ----D---- C:\WINDOWS\Temp
2009-08-02 20:27:04 ----AD---- C:\WINDOWS\system32
2009-08-02 20:21:54 ----D---- C:\WINDOWS
2009-08-02 20:16:23 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-08-02 20:14:50 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-08-02 20:11:30 ----D---- C:\WINDOWS\Debug
2009-08-02 20:07:52 ----D---- C:\Program Files
2009-08-02 18:37:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-02 18:37:23 ----HD---- C:\WINDOWS\inf
2009-08-02 18:37:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-02 18:35:55 ----D---- C:\WINDOWS\system32\drivers
2009-08-01 10:57:28 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
2009-06-27 20:02:00 ----D---- C:\Program Files\Mozilla Firefox
2009-06-27 18:53:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-06-27 18:53:18 ----D---- C:\WINDOWS\Help
2009-06-27 18:43:51 ----RSD---- C:\WINDOWS\assembly
2009-06-27 18:41:31 ----D---- C:\Program Files\Fichiers communs
2009-06-27 18:40:20 ----SD---- C:\WINDOWS\Tasks
2009-06-16 23:08:41 ----D---- C:\Program Files\Safari
2009-06-16 23:03:13 ----D---- C:\Program Files\Fichiers communs\Apple
2009-06-16 22:59:48 ----D---- C:\Program Files\QuickTime
2009-06-16 16:40:01 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-06-16 16:40:01 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-06-15 22:18:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-15 22:18:38 ----D---- C:\WINDOWS\Media
2009-06-13 14:18:22 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Apple Computer
2009-06-11 23:21:27 ----D---- C:\WINDOWS\ie7updates
2009-06-05 11:42:38 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-06-03 21:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by famille jehanno at 2009-08-02 21:05:37
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 9 GB (12%) free of 76 GB
Total RAM: 1023 MB (52% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1184877964.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
c:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
ECarteBleueBrowserHelper Class - C:\WINDOWS\system32\BhoECart.dll [2003-10-31 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-05-06 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-24 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll [2003-09-26 1039968]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - &Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-11-22 399352]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Afficher Norton Toolbar - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-04 28672]
"ATIPTA"=C:\ATI-CPanel\atiptaxx.exe [2003-08-12 335872]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-03-14 116328]
"Symantec PIF AlertEng"=C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"Canal Widget"=C:\Program Files\Canal\Canal Widget\Canal Widget.cpvod [2008-12-09 12]
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MoneyAgent"=c:\Program Files\Microsoft Money\System\mnyexpr.exe [2002-07-17 204863]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"Auto Run Software for Photo Frame"=C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe [2007-02-16 2273280]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FirstSteps]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2004-02-12 188416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2004-02-12 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnappau]
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2004-04-21 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizard]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-08-16 110592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe [2003-05-07 1454143]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Documents and Settings\famille jehanno\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableChangePassword"=0
"DisableLockWorkstation"=0
"NoDispSettingsPage"=0
"NoDispAppearancePage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoFolderOptions"=0
"NoFileUrl"=0
"NoRun"=0
"NoUpdateCheck"=0
"NoLogoff"=0
"NoSetFolders"=0
"NoFind"=0
"NoDrives"=0
"NoDriveAutoRun"=FFFFFFFF
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Symantec\pcAnywhere\winaw32.exe"="C:\Program Files\Symantec\pcAnywhere\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\coktel\ADI5\TTS\SpeechCube.exe"="C:\coktel\ADI5\TTS\SpeechCube.exe:*:Disabled:SPeechCube"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 2 months======
2009-08-02 20:07:52 ----D---- C:\Program Files\CCleaner
2009-08-02 18:37:23 ----D---- C:\WINDOWS\BDOSCAN8
2009-08-02 18:35:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-02 18:35:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-02 18:14:56 ----D---- C:\_OTM
2009-08-01 16:27:03 ----A---- C:\analyse3.txt
2009-08-01 16:23:53 ----A---- C:\analyse2.txt
2009-08-01 16:20:18 ----A---- C:\analyse1.txt
2009-07-31 21:30:41 ----A---- C:\UsbFix2.txt
2009-07-31 18:54:23 ----A---- C:\UsbFix.txt
2009-07-31 13:33:55 ----RASHD---- C:\autorun.inf
2009-07-31 12:24:05 ----D---- C:\UsbFix
2009-07-31 12:18:31 ----A---- C:\TB.txt
2009-07-31 12:16:59 ----D---- C:\ToolBar SD
2009-07-31 11:27:27 ----D---- C:\rsit
2009-07-31 11:27:27 ----D---- C:\Program Files\trend micro
2009-07-27 22:25:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-27 22:25:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-27 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-09 16:40:12 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Pro Cycling Manager 2008 - Demo
2009-07-08 22:32:56 ----D---- C:\Nostale(FR)
2009-07-01 23:22:49 ----D---- C:\Program Files\EA GAMES
2009-07-01 19:19:30 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-06-27 19:15:45 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Skinux
2009-06-27 18:41:31 ----D---- C:\Program Files\Fichiers communs\Kodak
2009-06-27 18:41:03 ----D---- C:\Program Files\Kodak
2009-06-27 18:38:57 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak
2009-06-16 23:03:15 ----D---- C:\Program Files\iPod
2009-06-16 23:02:58 ----D---- C:\Program Files\iTunes
2009-06-15 21:08:53 ----D---- C:\WINDOWS\ie8updates
2009-06-15 21:04:50 ----HDC---- C:\WINDOWS\ie8
2009-06-14 16:00:08 ----D---- C:\Documents and Settings\famille jehanno\Application Data\AdSigner
2009-06-11 23:25:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-11 23:24:52 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-11 23:21:55 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-11 23:21:04 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
======List of files/folders modified in the last 2 months======
2009-08-02 20:27:04 ----D---- C:\WINDOWS\Temp
2009-08-02 20:27:04 ----AD---- C:\WINDOWS\system32
2009-08-02 20:21:54 ----D---- C:\WINDOWS
2009-08-02 20:16:23 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Modem.txt
2009-08-02 20:14:50 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-08-02 20:11:30 ----D---- C:\WINDOWS\Debug
2009-08-02 20:07:52 ----D---- C:\Program Files
2009-08-02 18:37:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-02 18:37:23 ----HD---- C:\WINDOWS\inf
2009-08-02 18:37:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-02 18:35:55 ----D---- C:\WINDOWS\system32\drivers
2009-08-01 10:57:28 ----D---- C:\WINDOWS\Prefetch
2009-07-31 19:22:07 ----SHD---- C:\RECYCLER
2009-07-31 13:39:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-07-31 11:27:10 ----D---- C:\My Download Files
2009-07-30 12:17:56 ----D---- C:\GAMES
2009-07-30 12:15:52 ----D---- C:\Program Files\Dofus
2009-07-30 12:14:34 ----D---- C:\Program Files\BoontyGames
2009-07-30 12:12:27 ----SD---- C:\Documents and Settings\famille jehanno\Application Data\Microsoft
2009-07-30 12:12:26 ----SHD---- C:\WINDOWS\Installer
2009-07-30 10:07:59 ----D---- C:\Program Files\Norton Security Scan
2009-07-30 10:00:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 09:24:06 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-07-30 09:24:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-07-29 22:13:37 ----D---- C:\Program Files\Internet Explorer
2009-07-29 22:12:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-29 22:11:36 ----D---- C:\WINDOWS\WinSxS
2009-07-29 17:29:23 ----D---- C:\Program Files\Common Files
2009-07-19 18:45:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 15:15:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-09 16:36:25 ----D---- C:\WINDOWS\system32\DirectX
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 18:57:51 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 18:57:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 18:57:46 ----N---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 18:57:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 18:57:44 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 18:57:41 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 13:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-07-02 21:38:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-07-01 22:50:49 ----D---- C:\Program Files\Maxis
2009-07-01 21:24:06 ----D---- C:\WINDOWS\Minidump
2009-07-01 21:03:07 ----D---- C:\Documents and Settings
2009-06-27 20:02:00 ----D---- C:\Program Files\Mozilla Firefox
2009-06-27 18:53:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-06-27 18:53:18 ----D---- C:\WINDOWS\Help
2009-06-27 18:43:51 ----RSD---- C:\WINDOWS\assembly
2009-06-27 18:41:31 ----D---- C:\Program Files\Fichiers communs
2009-06-27 18:40:20 ----SD---- C:\WINDOWS\Tasks
2009-06-16 23:08:41 ----D---- C:\Program Files\Safari
2009-06-16 23:03:13 ----D---- C:\Program Files\Fichiers communs\Apple
2009-06-16 22:59:48 ----D---- C:\Program Files\QuickTime
2009-06-16 16:40:01 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-06-16 16:40:01 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-06-15 22:18:39 ----D---- C:\WINDOWS\system32\fr-fr
2009-06-15 22:18:38 ----D---- C:\WINDOWS\Media
2009-06-13 14:18:22 ----D---- C:\Documents and Settings\famille jehanno\Application Data\Apple Computer
2009-06-11 23:21:27 ----D---- C:\WINDOWS\ie7updates
2009-06-05 11:42:38 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2009-06-03 21:10:33 ----A---- C:\WINDOWS\system32\quartz.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-07-19 82380]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-10 191544]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS []
R2 CVPNDRVA;Cisco Systems IPsec Driver; \??\C:\WINDOWS\System32\Drivers\CVPNDRVA.sys []
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2003-04-18 38784]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-08-12 594432]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\System32\DRIVERS\dne2000.sys [2002-08-26 138916]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-03-09 51024]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-03-09 21456]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [2003-07-16 221736]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\System32\DRIVERS\slntamr.sys [2003-08-20 548952]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [2003-07-02 39348]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-06-27 226416]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2004-11-16 60191]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-01-10 12984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-01-10 145976]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-01-10 40120]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20090722.001\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-01-10 35256]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-10 27576]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;Pilote d'unité 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;Périphérique AVC; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DCamUSBSQTECH;Dual-Mode DSC(2770); C:\WINDOWS\System32\Drivers\SQcaptur.sys [2002-09-10 24808]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [2003-07-02 1301128]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090729.005\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [2003-07-02 167384]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2004-01-21 5915]
S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2004-01-21 271360]
S3 PIXMCV;JVC Communication PIX-MCV Driver; C:\WINDOWS\System32\Drivers\pixmcvc.sys [2003-12-05 32000]
S3 PIXMCVA;JVC PIX-MCV Audio Capture; C:\WINDOWS\System32\Drivers\pixmcva.sys [2003-12-05 27961]
S3 PIXMCVV;JVC PIX-MCV Video Capture; C:\WINDOWS\System32\Drivers\pixmcvv.sys [2003-12-05 20953]
S3 RecAgent;recagent; \??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [2003-07-02 86128]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-04-19 543555]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-06-05 39424]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\System32\vsdatant.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 CanalPlus.VOD;CanalPlus.VOD; C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2009-04-30 188416]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2005-04-09 54784]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2003-05-07 1413184]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe [2007-03-14 109160]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-07-02 45056]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-10-15 439632]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-06-05 541992]
R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-03-09 65795]
S2 ccProxy;Symantec Network Proxy; C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2007-09-13 214376]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2009-02-19 238968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-09-27 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 comHost;COM Host; C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-06 138168]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-22 3087772]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-01-24 1251720]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Fichiers communs\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Je suis en cours d'USBFIX sur l'IPOD. J'enverrai ensuite le RSIT puis le rapport.
A+tard