Virus qui revient après chaque démarrage
Maheva
-
Narco!4 Messages postés 2446 Statut Contributeur -
Narco!4 Messages postés 2446 Statut Contributeur -
Bonjour,
Mon antivirus me détecte un virus, je le supprime, ça marche mais il revient après chaque démarrage.
J'ai fait une analyse avec RSIT, voici le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Carole at 2009-12-02 22:15:13
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 77 GB (50%) free of 153 GB
Total RAM: 3070 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:19, on 02/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Carole\Desktop\RSIT.exe
C:\Users\Carole\Desktop\Carole.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SymLnch] "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe" "C:\PROGRA~1\COMMON~1\SYMANT~1\SymSetup\{C1C18~1\SETUP.EXE" " /X"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S2EBF.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S4A38.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\Antivirus Firewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON Stylus CX4200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE /FU "C:\Windows\TEMP\E_SACA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9153 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Scheduled scanning task.job
C:\Windows\tasks\User_Feed_Synchronization-{91283F18-3F0E-457A-A007-2FA9F9DC6165}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll [2009-12-02 535136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll [2009-12-02 535136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-26 92704]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-12 98304]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-24 7766016]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-13 6265376]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-25 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2008-11-21 47672]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2008-11-21 33136]
"SymLnch"=C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe C:\PROGRA~1\COMMON~1\SYMANT~1\SymSetup\{C1C18~1\SETUP.EXE /X []
"EPSON Stylus DX4200 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [2005-03-08 98304]
"EPSON Stylus DX4200 Series (Copie 1)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [2005-03-08 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"F-Secure Manager"=C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files\Orange\Antivirus Firewall\FSGUI\TNBUtil.exe [2009-08-05 2349664]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"EPSON Stylus CX4200 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE [2007-01-19 177664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-06-26 13543968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe [2007-02-16 110592]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d8fb13f-b43b-11de-8ef1-0023548f92e7}]
shell\AutoRun\command - F:\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7aa0463-8deb-11de-8491-0023548f92e7}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-02 21:41:47 ----A---- C:\Windows\system32\tdlclk.dll
2009-12-02 20:39:40 ----SD---- C:\ComboFix
2009-12-02 20:39:40 ----SD---- \ComboFix
2009-12-02 20:39:37 ----A---- C:\Windows\system32\tdlcmd.dll
2009-12-02 19:44:57 ----D---- C:\Qoobox
2009-12-02 19:44:57 ----D---- \Qoobox
2009-11-28 13:43:31 ----A---- C:\Windows\ntbtlog.txt
2009-11-26 19:34:15 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 18:44:56 ----A---- C:\VundoFix.txt
2009-11-25 18:44:56 ----A---- \VundoFix.txt
2009-11-25 18:27:01 ----RASHD---- C:\autorun.inf
2009-11-25 18:27:01 ----RASHD---- \autorun.inf
2009-11-25 18:19:00 ----A---- C:\UsbFix.txt
2009-11-25 18:19:00 ----A---- \UsbFix.txt
2009-11-25 18:14:47 ----D---- C:\UsbFix
2009-11-25 18:14:47 ----D---- \UsbFix
2009-11-25 18:05:17 ----D---- C:\rsit
2009-11-25 18:05:17 ----D---- \rsit
2009-11-24 20:34:58 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 20:34:58 ----A---- C:\Windows\system32\msxml6(126).dll
2009-11-24 20:34:49 ----A---- C:\Windows\system32\msxml3.dll
2009-11-24 20:34:49 ----A---- C:\Windows\system32\msxml3(124).dll
2009-11-18 18:48:24 ----D---- C:\Program Files\CCleaner
2009-11-18 11:35:11 ----D---- C:\Users\Carole\AppData\Roaming\Auslogics
2009-11-18 11:34:59 ----D---- C:\Program Files\Auslogics
2009-11-16 22:08:22 ----D---- C:\Program Files\Windows Portable Devices
2009-11-16 22:00:44 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-16 22:00:41 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-16 22:00:40 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-16 21:59:55 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-16 21:59:52 ----A---- C:\Windows\system32\cdd.dll
2009-11-16 21:59:49 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-16 21:59:49 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-16 21:59:48 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-16 21:59:48 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\d2d1.dll
2009-11-16 21:59:46 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-16 21:59:46 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-16 21:59:46 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-16 21:59:45 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-16 21:59:45 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-16 21:59:45 ----A---- C:\Windows\system32\FntCache.dll
2009-11-16 21:59:45 ----A---- C:\Windows\system32\DWrite.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d11.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-16 21:59:43 ----A---- C:\Windows\system32\dxgi.dll
2009-11-16 21:59:43 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-16 21:59:43 ----A---- C:\Windows\system32\d3d10.dll
2009-11-16 21:59:04 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-16 21:59:04 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-16 21:59:04 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-16 21:58:51 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-16 21:58:43 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-16 21:58:43 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-16 21:58:43 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-16 21:56:31 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-16 21:56:23 ----A---- C:\Windows\system32\oleacc.dll
2009-11-16 21:56:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-16 20:20:26 ----D---- C:\Users\Carole\AppData\Roaming\Malwarebytes
2009-11-16 20:20:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-16 12:39:54 ----A---- C:\Windows\zip.exe
2009-11-16 12:39:54 ----A---- C:\Windows\SWXCACLS.exe
2009-11-16 12:39:54 ----A---- C:\Windows\SWSC.exe
2009-11-16 12:39:54 ----A---- C:\Windows\SWREG.exe
2009-11-16 12:39:54 ----A---- C:\Windows\sed.exe
2009-11-16 12:39:54 ----A---- C:\Windows\PEV.exe
2009-11-16 12:39:54 ----A---- C:\Windows\NIRCMD.exe
2009-11-16 12:39:54 ----A---- C:\Windows\MBR.exe
2009-11-16 12:39:54 ----A---- C:\Windows\grep.exe
2009-11-16 12:32:40 ----D---- C:\Windows\ERDNT
2009-11-11 11:07:06 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-04 08:16:25 ----A---- C:\Windows\system32\mshtml.dll
======List of files/folders modified in the last 1 months======
2009-12-02 22:18:18 ----D---- C:\Windows\Temp
2009-12-02 21:41:47 ----D---- C:\Windows\System32
2009-12-02 21:38:19 ----D---- C:\Windows\Prefetch
2009-12-02 21:32:18 ----D---- C:\Windows
2009-12-02 21:32:18 ----D---- \Windows
2009-12-02 21:11:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-02 21:11:03 ----D---- C:\Windows\system32\drivers
2009-12-02 21:09:35 ----D---- C:\Program Files\Orange
2009-12-02 21:09:20 ----SHD---- C:\System Volume Information
2009-12-02 21:09:20 ----SHD---- \System Volume Information
2009-12-02 21:08:33 ----SHD---- C:\Windows\Installer
2009-12-02 20:51:42 ----D---- C:\Windows\system32\catroot2
2009-12-02 20:49:50 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-28 14:39:37 ----HD---- C:\ProgramData
2009-11-28 14:39:37 ----HD---- \ProgramData
2009-11-27 18:53:55 ----D---- C:\Windows\inf
2009-11-26 20:19:43 ----D---- C:\Windows\rescache
2009-11-26 20:00:37 ----D---- C:\Windows\system32\fr-FR
2009-11-26 19:35:50 ----D---- C:\Windows\winsxs
2009-11-26 19:35:23 ----D---- C:\Windows\system32\catroot
2009-11-26 14:42:57 ----D---- C:\Windows\system32\wbem
2009-11-26 14:41:28 ----D---- C:\Windows\system32\config
2009-11-26 14:41:08 ----D---- C:\Windows\Tasks
2009-11-26 14:41:08 ----D---- C:\Windows\system32\Tasks
2009-11-26 14:41:08 ----D---- C:\Windows\system32\spool
2009-11-26 14:41:07 ----D---- C:\Windows\system32\Msdtc
2009-11-26 14:41:07 ----D---- C:\Windows\system32\CodeIntegrity
2009-11-26 14:41:06 ----SD---- C:\Windows\Downloaded Program Files
2009-11-26 14:41:02 ----D---- C:\Program Files\Common Files\LightScribe
2009-11-26 14:41:02 ----D---- C:\Program Files\Bonjour
2009-11-26 14:41:02 ----D---- C:\Program Files\ATKOSD2
2009-11-26 14:41:02 ----D---- C:\Program Files\ATKGFNEX
2009-11-26 14:41:02 ----D---- C:\Program Files\ATK Hotkey
2009-11-26 14:41:02 ----D---- C:\Program Files\ASUS
2009-11-26 14:41:00 ----SHD---- C:\$RECYCLE.BIN
2009-11-26 14:41:00 ----SHD---- \$RECYCLE.BIN
2009-11-26 14:40:58 ----D---- C:\Windows\registration
2009-11-26 13:23:12 ----RD---- C:\Program Files
2009-11-26 13:23:12 ----RD---- \Program Files
2009-11-18 20:24:22 ----D---- C:\Windows\Debug
2009-11-18 18:38:50 ----D---- C:\Program Files\Windows Live
2009-11-18 18:37:00 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-16 22:08:10 ----D---- C:\Windows\system32\zh-TW
2009-11-16 22:08:10 ----D---- C:\Windows\system32\zh-HK
2009-11-16 22:08:10 ----D---- C:\Windows\system32\zh-CN
2009-11-16 22:08:10 ----D---- C:\Windows\system32\uk-UA
2009-11-16 22:08:10 ----D---- C:\Windows\system32\tr-TR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\th-TH
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sv-SE
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sl-SI
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sk-SK
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ru-RU
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ro-RO
2009-11-16 22:08:10 ----D---- C:\Windows\system32\pt-PT
2009-11-16 22:08:10 ----D---- C:\Windows\system32\pt-BR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\pl-PL
2009-11-16 22:08:10 ----D---- C:\Windows\system32\nl-NL
2009-11-16 22:08:10 ----D---- C:\Windows\system32\nb-NO
2009-11-16 22:08:10 ----D---- C:\Windows\system32\lv-LV
2009-11-16 22:08:10 ----D---- C:\Windows\system32\lt-LT
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ko-KR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ja-JP
2009-11-16 22:08:10 ----D---- C:\Windows\system32\it-IT
2009-11-16 22:08:10 ----D---- C:\Windows\system32\hu-HU
2009-11-16 22:08:10 ----D---- C:\Windows\system32\hr-HR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\he-IL
2009-11-16 22:08:10 ----D---- C:\Windows\system32\fi-FI
2009-11-16 22:08:10 ----D---- C:\Windows\system32\et-EE
2009-11-16 22:08:10 ----D---- C:\Windows\system32\es-ES
2009-11-16 22:08:10 ----D---- C:\Windows\system32\en-US
2009-11-16 22:08:10 ----D---- C:\Windows\system32\el-GR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\de-DE
2009-11-16 22:08:10 ----D---- C:\Windows\system32\da-DK
2009-11-16 22:08:10 ----D---- C:\Windows\system32\cs-CZ
2009-11-16 22:08:10 ----D---- C:\Windows\system32\bg-BG
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ar-SA
2009-11-13 19:34:32 ----D---- C:\Program Files\Securitoo
2009-11-13 17:02:25 ----SD---- C:\Users\Carole\AppData\Roaming\Microsoft
2009-11-13 14:29:45 ----RD---- C:\Users
2009-11-13 14:29:45 ----RD---- \Users
2009-11-12 11:10:39 ----D---- C:\Program Files\Windows Mail
2009-11-05 18:36:22 ----A---- C:\Windows\system32\mrt.exe
2009-11-05 15:01:43 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\Orange\Antivirus Firewall\HIPS\drivers\fshs.sys [2009-08-05 68064]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2009-08-05 35680]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-08-05 71040]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-09 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsgk.sys [2009-12-02 101496]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-13 2159384]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-26 7534720]
R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2007-11-16 48128]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-13 1772544]
R3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 catchme;catchme; \??\C:\Users\Carole\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-10-08 721904]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.EXE [2009-08-05 186976]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-26 196608]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Orange\Antivirus Firewall\FWES\Program\fsdfwd.exe [2009-08-05 522848]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe [2009-12-02 55936]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 ICScsiSV;Image Converter SCSI Service; C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 75952]
S3 IcVzMonLauncher;IcVzMonLauncher; C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe [2007-01-26 67760]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 43184]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-20 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-20 75320]
-----------------EOF-----------------
Mon antivirus me détecte un virus, je le supprime, ça marche mais il revient après chaque démarrage.
J'ai fait une analyse avec RSIT, voici le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Carole at 2009-12-02 22:15:13
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 77 GB (50%) free of 153 GB
Total RAM: 3070 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:19, on 02/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Carole\Desktop\RSIT.exe
C:\Users\Carole\Desktop\Carole.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SymLnch] "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe" "C:\PROGRA~1\COMMON~1\SYMANT~1\SymSetup\{C1C18~1\SETUP.EXE" " /X"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S2EBF.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /F "C:\Windows\TEMP\E_S4A38.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Orange\Antivirus Firewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EPSON Stylus CX4200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE /FU "C:\Windows\TEMP\E_SACA.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: https://www.orange.fr/portail
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
--
End of file - 9153 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Scheduled scanning task.job
C:\Windows\tasks\User_Feed_Synchronization-{91283F18-3F0E-457A-A007-2FA9F9DC6165}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll [2009-12-02 535136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\Orange\Antivirus Firewall\NRS\iescript\baselitmus.dll [2009-12-02 535136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-26 92704]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-12 98304]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-24 7766016]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-13 6265376]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-25 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2008-11-21 47672]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2008-11-21 33136]
"SymLnch"=C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_5_0_23\Support\SymLnch\SymLnch.exe C:\PROGRA~1\COMMON~1\SYMANT~1\SymSetup\{C1C18~1\SETUP.EXE /X []
"EPSON Stylus DX4200 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [2005-03-08 98304]
"EPSON Stylus DX4200 Series (Copie 1)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [2005-03-08 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"F-Secure Manager"=C:\Program Files\Orange\Antivirus Firewall\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files\Orange\Antivirus Firewall\FSGUI\TNBUtil.exe [2009-08-05 2349664]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"EPSON Stylus CX4200 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE [2007-01-19 177664]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-06-26 13543968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe [2007-02-16 110592]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d8fb13f-b43b-11de-8ef1-0023548f92e7}]
shell\AutoRun\command - F:\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d7aa0463-8deb-11de-8491-0023548f92e7}]
shell\AutoRun\command - G:\LaunchU3.exe -a
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-02 21:41:47 ----A---- C:\Windows\system32\tdlclk.dll
2009-12-02 20:39:40 ----SD---- C:\ComboFix
2009-12-02 20:39:40 ----SD---- \ComboFix
2009-12-02 20:39:37 ----A---- C:\Windows\system32\tdlcmd.dll
2009-12-02 19:44:57 ----D---- C:\Qoobox
2009-12-02 19:44:57 ----D---- \Qoobox
2009-11-28 13:43:31 ----A---- C:\Windows\ntbtlog.txt
2009-11-26 19:34:15 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 18:44:56 ----A---- C:\VundoFix.txt
2009-11-25 18:44:56 ----A---- \VundoFix.txt
2009-11-25 18:27:01 ----RASHD---- C:\autorun.inf
2009-11-25 18:27:01 ----RASHD---- \autorun.inf
2009-11-25 18:19:00 ----A---- C:\UsbFix.txt
2009-11-25 18:19:00 ----A---- \UsbFix.txt
2009-11-25 18:14:47 ----D---- C:\UsbFix
2009-11-25 18:14:47 ----D---- \UsbFix
2009-11-25 18:05:17 ----D---- C:\rsit
2009-11-25 18:05:17 ----D---- \rsit
2009-11-24 20:34:58 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 20:34:58 ----A---- C:\Windows\system32\msxml6(126).dll
2009-11-24 20:34:49 ----A---- C:\Windows\system32\msxml3.dll
2009-11-24 20:34:49 ----A---- C:\Windows\system32\msxml3(124).dll
2009-11-18 18:48:24 ----D---- C:\Program Files\CCleaner
2009-11-18 11:35:11 ----D---- C:\Users\Carole\AppData\Roaming\Auslogics
2009-11-18 11:34:59 ----D---- C:\Program Files\Auslogics
2009-11-16 22:08:22 ----D---- C:\Program Files\Windows Portable Devices
2009-11-16 22:00:44 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-16 22:00:41 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-16 22:00:40 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-16 21:59:55 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-16 21:59:52 ----A---- C:\Windows\system32\cdd.dll
2009-11-16 21:59:49 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-16 21:59:49 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-16 21:59:48 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-16 21:59:48 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-16 21:59:47 ----A---- C:\Windows\system32\d2d1.dll
2009-11-16 21:59:46 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-16 21:59:46 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-16 21:59:46 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-16 21:59:45 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-16 21:59:45 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-16 21:59:45 ----A---- C:\Windows\system32\FntCache.dll
2009-11-16 21:59:45 ----A---- C:\Windows\system32\DWrite.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d11.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-16 21:59:44 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-16 21:59:43 ----A---- C:\Windows\system32\dxgi.dll
2009-11-16 21:59:43 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-16 21:59:43 ----A---- C:\Windows\system32\d3d10.dll
2009-11-16 21:59:04 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-16 21:59:04 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-16 21:59:04 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-16 21:58:51 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-16 21:58:43 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-16 21:58:43 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-16 21:58:43 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-16 21:58:42 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-16 21:56:31 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-16 21:56:23 ----A---- C:\Windows\system32\oleacc.dll
2009-11-16 21:56:22 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-16 20:20:26 ----D---- C:\Users\Carole\AppData\Roaming\Malwarebytes
2009-11-16 20:20:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-16 12:39:54 ----A---- C:\Windows\zip.exe
2009-11-16 12:39:54 ----A---- C:\Windows\SWXCACLS.exe
2009-11-16 12:39:54 ----A---- C:\Windows\SWSC.exe
2009-11-16 12:39:54 ----A---- C:\Windows\SWREG.exe
2009-11-16 12:39:54 ----A---- C:\Windows\sed.exe
2009-11-16 12:39:54 ----A---- C:\Windows\PEV.exe
2009-11-16 12:39:54 ----A---- C:\Windows\NIRCMD.exe
2009-11-16 12:39:54 ----A---- C:\Windows\MBR.exe
2009-11-16 12:39:54 ----A---- C:\Windows\grep.exe
2009-11-16 12:32:40 ----D---- C:\Windows\ERDNT
2009-11-11 11:07:06 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-04 08:16:25 ----A---- C:\Windows\system32\mshtml.dll
======List of files/folders modified in the last 1 months======
2009-12-02 22:18:18 ----D---- C:\Windows\Temp
2009-12-02 21:41:47 ----D---- C:\Windows\System32
2009-12-02 21:38:19 ----D---- C:\Windows\Prefetch
2009-12-02 21:32:18 ----D---- C:\Windows
2009-12-02 21:32:18 ----D---- \Windows
2009-12-02 21:11:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-02 21:11:03 ----D---- C:\Windows\system32\drivers
2009-12-02 21:09:35 ----D---- C:\Program Files\Orange
2009-12-02 21:09:20 ----SHD---- C:\System Volume Information
2009-12-02 21:09:20 ----SHD---- \System Volume Information
2009-12-02 21:08:33 ----SHD---- C:\Windows\Installer
2009-12-02 20:51:42 ----D---- C:\Windows\system32\catroot2
2009-12-02 20:49:50 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-28 14:39:37 ----HD---- C:\ProgramData
2009-11-28 14:39:37 ----HD---- \ProgramData
2009-11-27 18:53:55 ----D---- C:\Windows\inf
2009-11-26 20:19:43 ----D---- C:\Windows\rescache
2009-11-26 20:00:37 ----D---- C:\Windows\system32\fr-FR
2009-11-26 19:35:50 ----D---- C:\Windows\winsxs
2009-11-26 19:35:23 ----D---- C:\Windows\system32\catroot
2009-11-26 14:42:57 ----D---- C:\Windows\system32\wbem
2009-11-26 14:41:28 ----D---- C:\Windows\system32\config
2009-11-26 14:41:08 ----D---- C:\Windows\Tasks
2009-11-26 14:41:08 ----D---- C:\Windows\system32\Tasks
2009-11-26 14:41:08 ----D---- C:\Windows\system32\spool
2009-11-26 14:41:07 ----D---- C:\Windows\system32\Msdtc
2009-11-26 14:41:07 ----D---- C:\Windows\system32\CodeIntegrity
2009-11-26 14:41:06 ----SD---- C:\Windows\Downloaded Program Files
2009-11-26 14:41:02 ----D---- C:\Program Files\Common Files\LightScribe
2009-11-26 14:41:02 ----D---- C:\Program Files\Bonjour
2009-11-26 14:41:02 ----D---- C:\Program Files\ATKOSD2
2009-11-26 14:41:02 ----D---- C:\Program Files\ATKGFNEX
2009-11-26 14:41:02 ----D---- C:\Program Files\ATK Hotkey
2009-11-26 14:41:02 ----D---- C:\Program Files\ASUS
2009-11-26 14:41:00 ----SHD---- C:\$RECYCLE.BIN
2009-11-26 14:41:00 ----SHD---- \$RECYCLE.BIN
2009-11-26 14:40:58 ----D---- C:\Windows\registration
2009-11-26 13:23:12 ----RD---- C:\Program Files
2009-11-26 13:23:12 ----RD---- \Program Files
2009-11-18 20:24:22 ----D---- C:\Windows\Debug
2009-11-18 18:38:50 ----D---- C:\Program Files\Windows Live
2009-11-18 18:37:00 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-16 22:08:10 ----D---- C:\Windows\system32\zh-TW
2009-11-16 22:08:10 ----D---- C:\Windows\system32\zh-HK
2009-11-16 22:08:10 ----D---- C:\Windows\system32\zh-CN
2009-11-16 22:08:10 ----D---- C:\Windows\system32\uk-UA
2009-11-16 22:08:10 ----D---- C:\Windows\system32\tr-TR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\th-TH
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sv-SE
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sl-SI
2009-11-16 22:08:10 ----D---- C:\Windows\system32\sk-SK
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ru-RU
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ro-RO
2009-11-16 22:08:10 ----D---- C:\Windows\system32\pt-PT
2009-11-16 22:08:10 ----D---- C:\Windows\system32\pt-BR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\pl-PL
2009-11-16 22:08:10 ----D---- C:\Windows\system32\nl-NL
2009-11-16 22:08:10 ----D---- C:\Windows\system32\nb-NO
2009-11-16 22:08:10 ----D---- C:\Windows\system32\lv-LV
2009-11-16 22:08:10 ----D---- C:\Windows\system32\lt-LT
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ko-KR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ja-JP
2009-11-16 22:08:10 ----D---- C:\Windows\system32\it-IT
2009-11-16 22:08:10 ----D---- C:\Windows\system32\hu-HU
2009-11-16 22:08:10 ----D---- C:\Windows\system32\hr-HR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\he-IL
2009-11-16 22:08:10 ----D---- C:\Windows\system32\fi-FI
2009-11-16 22:08:10 ----D---- C:\Windows\system32\et-EE
2009-11-16 22:08:10 ----D---- C:\Windows\system32\es-ES
2009-11-16 22:08:10 ----D---- C:\Windows\system32\en-US
2009-11-16 22:08:10 ----D---- C:\Windows\system32\el-GR
2009-11-16 22:08:10 ----D---- C:\Windows\system32\de-DE
2009-11-16 22:08:10 ----D---- C:\Windows\system32\da-DK
2009-11-16 22:08:10 ----D---- C:\Windows\system32\cs-CZ
2009-11-16 22:08:10 ----D---- C:\Windows\system32\bg-BG
2009-11-16 22:08:10 ----D---- C:\Windows\system32\ar-SA
2009-11-13 19:34:32 ----D---- C:\Program Files\Securitoo
2009-11-13 17:02:25 ----SD---- C:\Users\Carole\AppData\Roaming\Microsoft
2009-11-13 14:29:45 ----RD---- C:\Users
2009-11-13 14:29:45 ----RD---- \Users
2009-11-12 11:10:39 ----D---- C:\Program Files\Windows Mail
2009-11-05 18:36:22 ----A---- C:\Windows\system32\mrt.exe
2009-11-05 15:01:43 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\Orange\Antivirus Firewall\HIPS\drivers\fshs.sys [2009-08-05 68064]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2009-08-05 35680]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-08-05 71040]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-09 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\minifilter\fsgk.sys [2009-12-02 101496]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-13 2159384]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-26 7534720]
R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2007-11-16 48128]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-05-13 1772544]
R3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 catchme;catchme; \??\C:\Users\Carole\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 UMPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-10-08 721904]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\Orange\Antivirus Firewall\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\Orange\Antivirus Firewall\Common\FSMA32.EXE [2009-08-05 186976]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-09-25 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-26 196608]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\Orange\Antivirus Firewall\FWES\Program\fsdfwd.exe [2009-08-05 522848]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\Orange\Antivirus Firewall\ORSP Client\fsorsp.exe [2009-12-02 55936]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 ICScsiSV;Image Converter SCSI Service; C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 75952]
S3 IcVzMonLauncher;IcVzMonLauncher; C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe [2007-01-26 67760]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment; C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 43184]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-20 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-20 75320]
-----------------EOF-----------------
Configuration: Windows Vista Internet Explorer 7.0
A voir également:
- Virus qui revient après chaque démarrage
- Forcer demarrage pc - Guide
- Programme demarrage windows - Guide
- Ordinateur lent au démarrage - Guide
- Rebooter un pc au démarrage - Guide
- Virus mcafee - Accueil - Piratage
