Je pense être infectée

Claireso -
Utilisateur anonyme - 24 janv. 2010 à 00:05

Bonjour,
Je pense que mon ordinateur est affectée ca parfois il se bloque sans explication, voici les infos transmises par Random's System Information Tool :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Claireso at 2010-01-23 18:07:17
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 66 GB (65%) free of 102 GB
Total RAM: 1013 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:38, on 23/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\ico.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Users\Claireso\AppData\Local\gxqccune.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\Pmxmiced.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\HidFind.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Claireso.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [gxqccune] "c:\users\claireso\appdata\local\gxqccune.exe" gxqccune
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11242 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{5268B6A8-6238-407E-AB3B-701B05A9FA74}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-21 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-15 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-21 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-21 251504]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8}
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-05-04 167936]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-03-06 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-03-06 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-03-06 133656]
"PMX Daemon"=C:\Windows\system32\ICO.EXE [2006-11-08 49152]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-05-16 3444736]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-29 29744]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-12-21 184320]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2009-12-30 2712192]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2009-08-04 318096]
"MaxMenuMgr"=C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [2009-09-25 185640]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-11-12 405504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-29 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-03-02 3399727]
"gxqccune"=c:\users\claireso\appdata\local\gxqccune.exe [2010-01-19 438272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-07-29 10536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-06 200704]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42e96202-8d64-11dd-ba2a-001fe1e3dfd3}]
shell\AutoRun\command - H:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4f26a9f-ac9f-11dd-bd06-001fe1e3dfd3}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe

======List of files/folders created in the last 1 months======

2010-01-23 18:00:50 ----D---- C:\Program Files\trend micro
2010-01-23 18:00:49 ----D---- C:\rsit
2010-01-23 17:15:52 ----D---- C:\Windows\system32\eu-ES
2010-01-23 17:15:52 ----D---- C:\Windows\system32\ca-ES
2010-01-23 17:15:51 ----D---- C:\Windows\system32\vi-VN
2010-01-23 16:28:57 ----D---- C:\Windows\system32\EventProviders
2010-01-22 12:28:36 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 12:28:36 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 12:28:33 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 12:28:32 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 12:28:28 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-22 12:28:27 ----A---- C:\Windows\system32\ieui.dll
2010-01-22 12:28:26 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 12:28:24 ----A---- C:\Windows\system32\ieencode.dll
2010-01-16 10:17:27 ----D---- C:\Program Files\MSXML 4.0
2010-01-16 09:56:15 ----D---- C:\Windows\Minidump
2010-01-14 15:23:27 ----D---- C:\Users\Claireso\AppData\Roaming\Leadertech
2010-01-14 15:20:17 ----D---- C:\ProgramData\Seagate
2010-01-14 15:18:40 ----D---- C:\Program Files\Carbonite
2010-01-14 15:18:39 ----SHD---- C:\Windows\ftpcache
2010-01-14 15:16:50 ----D---- C:\Program Files\Seagate
2010-01-14 15:15:29 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-01-13 12:49:05 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 12:49:04 ----A---- C:\Windows\system32\fontsub.dll

======List of files/folders modified in the last 1 months======

2010-01-23 18:07:19 ----D---- C:\Windows\Temp
2010-01-23 18:05:00 ----D---- C:\Users\Claireso\AppData\Roaming\Free Download Manager
2010-01-23 18:00:50 ----RD---- C:\Program Files
2010-01-23 17:58:04 ----D---- C:\Windows\Microsoft.NET
2010-01-23 17:58:00 ----RSD---- C:\Windows\assembly
2010-01-23 17:42:02 ----D---- C:\Windows
2010-01-23 17:41:57 ----D---- C:\Windows\system32\catroot
2010-01-23 17:41:56 ----SHD---- C:\Boot
2010-01-23 17:41:05 ----D---- C:\Windows\inf
2010-01-23 17:40:57 ----D---- C:\Windows\System32
2010-01-23 17:40:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-23 17:16:36 ----D---- C:\Program Files\Windows Mail
2010-01-23 17:16:36 ----D---- C:\Program Files\Windows Calendar
2010-01-23 17:16:36 ----D---- C:\Program Files\Movie Maker
2010-01-23 17:16:33 ----D---- C:\Program Files\Windows Sidebar
2010-01-23 17:16:33 ----D---- C:\Program Files\Internet Explorer
2010-01-23 17:16:32 ----D---- C:\Program Files\Windows Media Player
2010-01-23 17:16:32 ----D---- C:\Program Files\Windows Journal
2010-01-23 17:16:32 ----D---- C:\Program Files\Windows Collaboration
2010-01-23 17:16:31 ----D---- C:\Program Files\Windows Photo Gallery
2010-01-23 17:16:31 ----D---- C:\Program Files\Common Files\System
2010-01-23 17:16:30 ----D---- C:\Windows\servicing
2010-01-23 17:16:30 ----D---- C:\Windows\ehome
2010-01-23 17:16:30 ----D---- C:\Program Files\Windows Defender
2010-01-23 17:16:26 ----D---- C:\Windows\system32\XPSViewer
2010-01-23 17:16:26 ----D---- C:\Windows\system32\sk-SK
2010-01-23 17:16:26 ----D---- C:\Windows\system32\lv-LV
2010-01-23 17:16:26 ----D---- C:\Windows\system32\ko-KR
2010-01-23 17:16:26 ----D---- C:\Windows\system32\it-IT
2010-01-23 17:16:26 ----D---- C:\Windows\system32\hr-HR
2010-01-23 17:16:26 ----D---- C:\Windows\system32\et-EE
2010-01-23 17:16:26 ----D---- C:\Windows\system32\en-US
2010-01-23 17:16:26 ----D---- C:\Windows\system32\el-GR
2010-01-23 17:16:26 ----D---- C:\Windows\system32\de-DE
2010-01-23 17:16:26 ----D---- C:\Windows\system32\da-DK
2010-01-23 17:16:26 ----D---- C:\Windows\IME
2010-01-23 17:16:25 ----D---- C:\Windows\system32\oobe
2010-01-23 17:16:25 ----D---- C:\Windows\system32\migration
2010-01-23 17:16:25 ----D---- C:\Windows\system32\fr
2010-01-23 17:16:24 ----D---- C:\Windows\system32\ru-RU
2010-01-23 17:16:24 ----D---- C:\Windows\system32\fr-FR
2010-01-23 17:16:24 ----D---- C:\Windows\system32\AdvancedInstallers
2010-01-23 17:16:22 ----D---- C:\Windows\system32\sv-SE
2010-01-23 17:16:22 ----D---- C:\Windows\system32\SLUI
2010-01-23 17:16:22 ----D---- C:\Windows\system32\setup
2010-01-23 17:16:22 ----D---- C:\Windows\system32\pt-PT
2010-01-23 17:16:22 ----D---- C:\Windows\system32\hu-HU
2010-01-23 17:16:22 ----D---- C:\Windows\system32\he-IL
2010-01-23 17:16:22 ----D---- C:\Windows\system32\fi-FI
2010-01-23 17:16:22 ----D---- C:\Windows\system32\cs-CZ
2010-01-23 17:16:21 ----D---- C:\Windows\system32\zh-TW
2010-01-23 17:16:21 ----D---- C:\Windows\system32\zh-CN
2010-01-23 17:16:21 ----D---- C:\Windows\system32\uk-UA
2010-01-23 17:16:21 ----D---- C:\Windows\system32\th-TH
2010-01-23 17:16:21 ----D---- C:\Windows\system32\sr-Latn-CS
2010-01-23 17:16:21 ----D---- C:\Windows\system32\sl-SI
2010-01-23 17:16:21 ----D---- C:\Windows\system32\ro-RO
2010-01-23 17:16:21 ----D---- C:\Windows\system32\pl-PL
2010-01-23 17:16:21 ----D---- C:\Windows\system32\manifeststore
2010-01-23 17:16:21 ----D---- C:\Windows\system32\ja-JP
2010-01-23 17:16:21 ----D---- C:\Windows\system32\es-ES
2010-01-23 17:16:21 ----D---- C:\Windows\system32\drivers
2010-01-23 17:16:21 ----D---- C:\Windows\system32\bg-BG
2010-01-23 17:16:20 ----D---- C:\Windows\system32\wbem
2010-01-23 17:16:20 ----D---- C:\Windows\system32\tr-TR
2010-01-23 17:16:20 ----D---- C:\Windows\system32\nl-NL
2010-01-23 17:16:20 ----D---- C:\Windows\system32\nb-NO
2010-01-23 17:16:20 ----D---- C:\Windows\system32\lt-LT
2010-01-23 17:16:20 ----D---- C:\Windows\system32\ar-SA
2010-01-23 17:16:19 ----D---- C:\Windows\system32\pt-BR
2010-01-23 17:16:19 ----D---- C:\Windows\system32\migwiz
2010-01-23 17:16:00 ----RSD---- C:\Windows\Fonts
2010-01-23 17:15:59 ----D---- C:\Windows\AppPatch
2010-01-23 17:15:51 ----D---- C:\Windows\system32\Boot
2010-01-23 16:47:16 ----D---- C:\Windows\winsxs
2010-01-23 16:30:26 ----SHD---- C:\System Volume Information
2010-01-23 15:55:56 ----D---- C:\Windows\system32\catroot2
2010-01-19 13:13:11 ----SHD---- C:\Windows\Installer
2010-01-19 13:09:14 ----D---- C:\Windows\Prefetch
2010-01-18 20:08:54 ----D---- C:\Windows\system32\config
2010-01-18 20:08:45 ----D---- C:\Windows\Tasks
2010-01-18 20:08:45 ----D---- C:\Windows\system32\Tasks
2010-01-18 20:08:45 ----D---- C:\Windows\system32\spool
2010-01-18 20:08:45 ----D---- C:\Windows\system32\Msdtc
2010-01-18 20:08:41 ----D---- C:\Windows\registration
2010-01-16 09:58:56 ----A---- C:\Windows\ntbtlog.txt
2010-01-14 15:20:56 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-14 15:20:17 ----HD---- C:\ProgramData
2010-01-14 15:15:29 ----D---- C:\Program Files\Common Files
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-13 13:35:24 ----D---- C:\Downloads
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2009-12-30 23:26:10 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-12-30 23248]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2009-12-30 276048]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2009-12-30 160208]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-12-30 46544]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2009-12-30 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2009-12-30 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-09-06 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-09-06 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-09-06 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-05-04 164400]
R3 BCM43XX;Pilote de la carte réseau local sans fil Wireless de Dell; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-05-16 1044984]
R3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Périphérique audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 78128]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 80176]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 16560]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-06 2016256]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmi.sys [2008-03-06 111616]
R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-11-12 330240]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-09-29 278528]
S1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2009-12-30 101968]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pmxmouse;PMXMOUSE; C:\Windows\system32\DRIVERS\pmxmouse.sys [2007-06-01 18432]
S3 pmxusblf;PMXUSBLF; C:\Windows\system32\DRIVERS\pmxusblf.sys [2007-05-24 19008]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-11-12 73728]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-04-28 161048]
R2 FreeAgentGoNext Service;Seagate Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-25 189736]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-11-12 102400]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-05-16 24064]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-12-30 40384]
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2009-12-30 119200]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-12-30 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2009-12-30 40384]
S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-29 29744]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-07-29 16680]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-21 137200]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Claireso at 2010-01-23 18:07:17
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 66 GB (65%) free of 102 GB
Total RAM: 1013 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:07:38, on 23/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\ico.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Users\Claireso\AppData\Local\gxqccune.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\Pmxmiced.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\HidFind.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Downloads\Software\RSIT.exe
C:\Downloads\Software\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Claireso.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [gxqccune] "c:\users\claireso\appdata\local\gxqccune.exe" gxqccune
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11242 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{5268B6A8-6238-407E-AB3B-701B05A9FA74}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-21 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-15 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-21 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-21 251504]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8}
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-05-04 167936]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-03-06 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-03-06 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-03-06 133656]
"PMX Daemon"=C:\Windows\system32\ICO.EXE [2006-11-08 49152]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-05-16 3444736]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-29 29744]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-12-21 184320]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2009-12-30 2712192]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2009-08-04 318096]
"MaxMenuMgr"=C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [2009-09-25 185640]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-11-12 405504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-29 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-03-02 3399727]
"gxqccune"=c:\users\claireso\appdata\local\gxqccune.exe [2010-01-19 438272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-07-29 10536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-06 200704]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42e96202-8d64-11dd-ba2a-001fe1e3dfd3}]
shell\AutoRun\command - H:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4f26a9f-ac9f-11dd-bd06-001fe1e3dfd3}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe

======List of files/folders created in the last 1 months======

2010-01-23 18:00:50 ----D---- C:\Program Files\trend micro
2010-01-23 18:00:49 ----D---- C:\rsit
2010-01-23 17:15:52 ----D---- C:\Windows\system32\eu-ES
2010-01-23 17:15:52 ----D---- C:\Windows\system32\ca-ES
2010-01-23 17:15:51 ----D---- C:\Windows\system32\vi-VN
2010-01-23 16:28:57 ----D---- C:\Windows\system32\EventProviders
2010-01-22 12:28:36 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 12:28:36 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 12:28:33 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 12:28:32 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 12:28:28 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-22 12:28:27 ----A---- C:\Windows\system32\ieui.dll
2010-01-22 12:28:26 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 12:28:24 ----A---- C:\Windows\system32\ieencode.dll
2010-01-16 10:17:27 ----D---- C:\Program Files\MSXML 4.0
2010-01-16 09:56:15 ----D---- C:\Windows\Minidump
2010-01-14 15:23:27 ----D---- C:\Users\Claireso\AppData\Roaming\Leadertech
2010-01-14 15:20:17 ----D---- C:\ProgramData\Seagate
2010-01-14 15:18:40 ----D---- C:\Program Files\Carbonite
2010-01-14 15:18:39 ----SHD---- C:\Windows\ftpcache
2010-01-14 15:16:50 ----D---- C:\Program Files\Seagate
2010-01-14 15:15:29 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-01-13 12:49:05 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 12:49:04 ----A---- C:\Windows\system32\fontsub.dll

======List of files/folders modified in the last 1 months======

2010-01-23 18:07:19 ----D---- C:\Windows\Temp
2010-01-23 18:05:00 ----D---- C:\Users\Claireso\AppData\Roaming\Free Download Manager
2010-01-23 18:00:50 ----RD---- C:\Program Files
2010-01-23 17:58:04 ----D---- C:\Windows\Microsoft.NET
2010-01-23 17:58:00 ----RSD---- C:\Windows\assembly
2010-01-23 17:42:02 ----D---- C:\Windows
2010-01-23 17:41:57 ----D---- C:\Windows\system32\catroot
2010-01-23 17:41:56 ----SHD---- C:\Boot
2010-01-23 17:41:05 ----D---- C:\Windows\inf
2010-01-23 17:40:57 ----D---- C:\Windows\System32
2010-01-23 17:40:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-23 17:16:36 ----D---- C:\Program Files\Windows Mail
2010-01-23 17:16:36 ----D---- C:\Program Files\Windows Calendar
2010-01-23 17:16:36 ----D---- C:\Program Files\Movie Maker
2010-01-23 17:16:33 ----D---- C:\Program Files\Windows Sidebar
2010-01-23 17:16:33 ----D---- C:\Program Files\Internet Explorer
2010-01-23 17:16:32 ----D---- C:\Program Files\Windows Media Player
2010-01-23 17:16:32 ----D---- C:\Program Files\Windows Journal
2010-01-23 17:16:32 ----D---- C:\Program Files\Windows Collaboration
2010-01-23 17:16:31 ----D---- C:\Program Files\Windows Photo Gallery
2010-01-23 17:16:31 ----D---- C:\Program Files\Common Files\System
2010-01-23 17:16:30 ----D---- C:\Windows\servicing
2010-01-23 17:16:30 ----D---- C:\Windows\ehome
2010-01-23 17:16:30 ----D---- C:\Program Files\Windows Defender
2010-01-23 17:16:26 ----D---- C:\Windows\system32\XPSViewer
2010-01-23 17:16:26 ----D---- C:\Windows\system32\sk-SK
2010-01-23 17:16:26 ----D---- C:\Windows\system32\lv-LV
2010-01-23 17:16:26 ----D---- C:\Windows\system32\ko-KR
2010-01-23 17:16:26 ----D---- C:\Windows\system32\it-IT
2010-01-23 17:16:26 ----D---- C:\Windows\system32\hr-HR
2010-01-23 17:16:26 ----D---- C:\Windows\system32\et-EE
2010-01-23 17:16:26 ----D---- C:\Windows\system32\en-US
2010-01-23 17:16:26 ----D---- C:\Windows\system32\el-GR
2010-01-23 17:16:26 ----D---- C:\Windows\system32\de-DE
2010-01-23 17:16:26 ----D---- C:\Windows\system32\da-DK
2010-01-23 17:16:26 ----D---- C:\Windows\IME
2010-01-23 17:16:25 ----D---- C:\Windows\system32\oobe
2010-01-23 17:16:25 ----D---- C:\Windows\system32\migration
2010-01-23 17:16:25 ----D---- C:\Windows\system32\fr
2010-01-23 17:16:24 ----D---- C:\Windows\system32\ru-RU
2010-01-23 17:16:24 ----D---- C:\Windows\system32\fr-FR
2010-01-23 17:16:24 ----D---- C:\Windows\system32\AdvancedInstallers
2010-01-23 17:16:22 ----D---- C:\Windows\system32\sv-SE
2010-01-23 17:16:22 ----D---- C:\Windows\system32\SLUI
2010-01-23 17:16:22 ----D---- C:\Windows\system32\setup
2010-01-23 17:16:22 ----D---- C:\Windows\system32\pt-PT
2010-01-23 17:16:22 ----D---- C:\Windows\system32\hu-HU
2010-01-23 17:16:22 ----D---- C:\Windows\system32\he-IL
2010-01-23 17:16:22 ----D---- C:\Windows\system32\fi-FI
2010-01-23 17:16:22 ----D---- C:\Windows\system32\cs-CZ
2010-01-23 17:16:21 ----D---- C:\Windows\system32\zh-TW
2010-01-23 17:16:21 ----D---- C:\Windows\system32\zh-CN
2010-01-23 17:16:21 ----D---- C:\Windows\system32\uk-UA
2010-01-23 17:16:21 ----D---- C:\Windows\system32\th-TH
2010-01-23 17:16:21 ----D---- C:\Windows\system32\sr-Latn-CS
2010-01-23 17:16:21 ----D---- C:\Windows\system32\sl-SI
2010-01-23 17:16:21 ----D---- C:\Windows\system32\ro-RO
2010-01-23 17:16:21 ----D---- C:\Windows\system32\pl-PL
2010-01-23 17:16:21 ----D---- C:\Windows\system32\manifeststore
2010-01-23 17:16:21 ----D---- C:\Windows\system32\ja-JP
2010-01-23 17:16:21 ----D---- C:\Windows\system32\es-ES
2010-01-23 17:16:21 ----D---- C:\Windows\system32\drivers
2010-01-23 17:16:21 ----D---- C:\Windows\system32\bg-BG
2010-01-23 17:16:20 ----D---- C:\Windows\system32\wbem
2010-01-23 17:16:20 ----D---- C:\Windows\system32\tr-TR
2010-01-23 17:16:20 ----D---- C:\Windows\system32\nl-NL
2010-01-23 17:16:20 ----D---- C:\Windows\system32\nb-NO
2010-01-23 17:16:20 ----D---- C:\Windows\system32\lt-LT
2010-01-23 17:16:20 ----D---- C:\Windows\system32\ar-SA
2010-01-23 17:16:19 ----D---- C:\Windows\system32\pt-BR
2010-01-23 17:16:19 ----D---- C:\Windows\system32\migwiz
2010-01-23 17:16:00 ----RSD---- C:\Windows\Fonts
2010-01-23 17:15:59 ----D---- C:\Windows\AppPatch
2010-01-23 17:15:51 ----D---- C:\Windows\system32\Boot
2010-01-23 16:47:16 ----D---- C:\Windows\winsxs
2010-01-23 16:30:26 ----SHD---- C:\System Volume Information
2010-01-23 15:55:56 ----D---- C:\Windows\system32\catroot2
2010-01-19 13:13:11 ----SHD---- C:\Windows\Installer
2010-01-19 13:09:14 ----D---- C:\Windows\Prefetch
2010-01-18 20:08:54 ----D---- C:\Windows\system32\config
2010-01-18 20:08:45 ----D---- C:\Windows\Tasks
2010-01-18 20:08:45 ----D---- C:\Windows\system32\Tasks
2010-01-18 20:08:45 ----D---- C:\Windows\system32\spool
2010-01-18 20:08:45 ----D---- C:\Windows\system32\Msdtc
2010-01-18 20:08:41 ----D---- C:\Windows\registration
2010-01-16 09:58:56 ----A---- C:\Windows\ntbtlog.txt
2010-01-14 15:20:56 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01

Afficher la suite

A voir également:

Je pense être infectée
Comment savoir si une clé usb est infectée - Guide
Clé USB infectée ( .Spotlight-V100 ? ) - Forum Virus
Tablette Samsung infectée par un virus - Forum Samsung
Je suis infectée par un virus qui ouvre des pages tout seul ✓ - Forum Virus
AVG anti-spyware analyse très très infectée!! - Forum Virus

3 réponses

Réponse 1 / 3

Utilisateur anonyme

salut

infection navipromo , fait ceci

● Télécharges sur le bureau Navilog1 ( prendre le 2ème lien )

● Si ton antivirus s'affole , le désactiver

● sous vista : Clic-droit sur le raccourci Navilog1 présent sur le bureau et choisis "Exécuter en tant qu'administrateur"

● sous XP : double-clic dessus pour le lancer

● taper F

● Appuyer sur une touche pour arriver aux options

● Choisir Recherche/Désinfection automatique ( = taper 1 )

• un rapport : fixnavi.txt dans ==> C :

• le copier et le coller dans la réponse

*************ensuite*******************************

è sous vista : Désactives le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection).

èUtilisateur de Spybot Désactives le [ teatimer]

● Rends-toi èà cette adresse afin de télécharger AD-Remover (créé par C_XX)

● Cliques sur TÉLÉCHARGER et enregistres-le sur ton bureau.

● Double-clique sur le fichier d'installation d’AD-Remover, le programme s'installera automatiquement.

● Sous Vista : cliques droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"

● Au menu principal, choisis l'option "L" et tapes sur [entrée]

● Laisses travailler l'outil et ne touches à rien ...

● Postes le rapport qui apparait à la fin.

• le rapport est sauvegardé aussi sous C:\Ad-report.log

(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

<gras<Note :</gras> Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus. els de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

Réponse 2 / 3

Claireso

Merci oxo, j'ai fait ce que tu m'as dit, ci joint le résultat de navi01, merci d'avance pour ton aide ;)

Fix Navipromo version 4.0.6 commencé le 23/01/2010 19:30:41,77

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Claireso ( Administrator )
BOOT : Normal boot

C:\ (Local Disk) - NTFS - Total:99 Go (Free:67 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:5 Go)
E:\ (CD or DVD)

Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur

C:\Users\Claireso\AppData\Local\oocki.bat supprimé !

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\Claireso\AppData\Local\Temp effectué !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Scan terminé 23/01/2010 19:38:54,58 ***

Réponse 3 / 3

Utilisateur anonyme

ok

fais maintenant la suite , c'est à dire ad-remover

Discussions similaires

USB Infectée !

Infectée par Adware.Agent !

Infectée par Core10k.exe

Clé usb infectée

Clé USB infectée, cybercafé...

Discussions similaires

Newsletters