J'ai plusieur virus et j'ariv pas a enlever
fanny.90
-
moment de grace Messages postés 29099 Date d'inscription Statut Contributeur sécurité Dernière intervention -
moment de grace Messages postés 29099 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Logfile of random's system information tool 1.06 (written by random/random)
Run by stephanie at 2010-02-08 01:10:48
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 14 GB (14%) free of 100 GB
Total RAM: 2046 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:11:15, on 08/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\imPlayok.exe
C:\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\stephanie\imPlayok.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyu44.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\eraseme_28437.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Avast4\aswclnr.exe
C:\Avast4\aswclnr.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Safari\Safari.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\wj1ag7pn.tmp\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\stephanie.exe
C:\WINDOWS\System32\svchost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware-fr.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware-fr.com/fr/index.php?rvs=hompag
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\stephanie\Application Data\sdra64.exe,C:\WINDOWS\system32\sdra64.exe,
O2 - BHO: (no name) - {507DD85D-CE00-4366-AFAD-F81BC89EB033} - c:\windows\system32\bonegbn.dll
O3 - Toolbar: IMBooster4web-en Toolbar - {6a7400d6-6615-4a06-a4d1-48979fa6e868} - C:\Program Files\iminent-en\tbimi0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [funkyemoticons] C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
O4 - HKLM\..\Run: [imPlayok] C:\WINDOWS\system32\imPlayok.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Windows Driver Software] C:\WINDOWS\system32\driversx.exe
O4 - HKLM\..\Run: [avast!] C:\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DMSN] C:\Program Files\Dialflirt\dialmsn.exe
O4 - HKCU\..\Run: [DialFlirt] C:\Program Files\DialFlirt\dialmsn.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IgfxSys] rundll32.exe "C:\Documents and Settings\stephanie\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector
O4 - HKCU\..\Run: [sefjhf98jfoidsfoishgoiusgdgfgd] C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\ke45t.exe
O4 - HKCU\..\Run: [imPlayok] C:\Documents and Settings\stephanie\imPlayok.exe
O4 - HKCU\..\Run: [Microsoft] C:\Documents and Settings\stephanie\file.exe
O4 - HKCU\..\Run: [psuu4] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyu44.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\RegistryDoktor 4.1\RegistryDoktor.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\msdrv32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe (User 'Default user')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user')
O4 - .DEFAULT Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'Default user')
O4 - .DEFAULT Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O20 - Winlogon Notify: zvrtpoqx - C:\WINDOWS\SYSTEM32\bonegbn.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Avast4\ashWebSv.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 14034 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{507DD85D-CE00-4366-AFAD-F81BC89EB033}]
c:\windows\system32\bonegbn.dll [2002-08-30 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6a7400d6-6615-4a06-a4d1-48979fa6e868} - IMBooster4web-en Toolbar - C:\Program Files\iminent-en\tbimi0.dll [2010-02-01 2166296]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-23 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-18 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-18 86016]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-09-21 520024]
"funkyemoticons"=C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe []
"VX3000"=C:\WINDOWS\vVX3000.exe [2009-06-26 757248]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-08 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"ezLife"=0 []
"net"=C:\WINDOWS\system32\net.net [2010-02-05 57344]
"imPlayok"=C:\WINDOWS\system32\imPlayok.exe [2010-02-05 41085]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Windows Driver Software"=C:\WINDOWS\system32\driversx.exe [2010-02-07 66048]
"avast!"=C:\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\msdrv32.exe [2010-02-05 68608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"DMSN"=C:\Program Files\Dialflirt\dialmsn.exe []
"DialFlirt"=C:\Program Files\DialFlirt\dialmsn.exe []
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-23 39408]
"ares"=C:\Program Files\Ares\Ares.exe -h []
"IgfxSys"=C:\Documents and Settings\stephanie\Application Data\Messenger\Drivers\IgfxSys.dll [2010-01-07 59392]
"sefjhf98jfoidsfoishgoiusgdgfgd"=C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\ke45t.exe []
"imPlayok"=C:\Documents and Settings\stephanie\imPlayok.exe [2010-02-05 41085]
"Microsoft"=C:\Documents and Settings\stephanie\file.exe []
"psuu4"=C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyu44.exe [2010-02-05 43520]
"RegDokFRT"=C:\RegistryDoktor 4.1\RegistryDoktor.exe []
C:\Documents and Settings\stephanie\Menu Démarrer\Programmes\Démarrage
MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
Notification de cadeaux MSN.lnk - C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\zvrtpoqx]
C:\WINDOWS\system32\bonegbn.dll [2002-08-30 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
dadayt.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Hercules\Classic Link\Station2.exe"="C:\Program Files\Hercules\Classic Link\Station2.exe:*:Enabled:Hercules Webcam Station Evolution"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\235.exe"="C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\235.exe:*:C:\WINDOWS\msdrv32.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{983c9609-2c77-11de-8c05-0019db36e8d0}]
shell\Auto\command - K:\launcher.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e0039b9-8908-11de-8c39-0019db36e8d0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
======File associations======
.txt - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-02-08 01:10:51 ----D---- C:\Program Files\trend micro
2010-02-08 01:10:48 ----D---- C:\rsit
2010-02-08 00:44:32 ----A---- C:\WINDOWS\system32\incognito.exe
2010-02-08 00:12:34 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-08 00:09:08 ----D---- C:\Avast4
2010-02-07 23:45:41 ----D---- C:\Qoobox
2010-02-07 23:30:19 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-02-07 23:30:19 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-02-07 23:05:17 ----H---- C:\WINDOWS\system32\winserv.exe
2010-02-07 22:42:24 ----D---- C:\Documents and Settings\stephanie\Application Data\AVG8
2010-02-07 22:33:42 ----D---- C:\Program Files\Safari
2010-02-07 22:25:14 ----D---- C:\Avast5
2010-02-07 22:09:46 ----RSH---- C:\Documents and Settings\stephanie\Application Data\qwdfl.exe
2010-02-07 22:02:46 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-02-07 21:57:39 ----RASH---- C:\WINDOWS\system32\driversx.exe
2010-02-07 21:57:33 ----SHD---- C:\WINDOWS\system32\lowsec
2010-02-07 21:15:28 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-07 20:54:45 ----A---- C:\WINDOWS\system32\MSVolumeRD_Fr.dll
2010-02-07 20:54:27 ----D---- C:\RegistryDoktor 4.1
2010-02-05 00:34:24 ----A---- C:\WINDOWS\system32\imPlayok.exe
2010-02-05 00:34:17 ----A---- C:\pti.exe
2010-02-05 00:33:10 ----A---- C:\WINDOWS\system32\kbdatat4.dll
2010-02-05 00:33:10 ----A---- C:\WINDOWS\system32\crt4.dll
2010-02-05 00:33:09 ----A---- C:\WINDOWS\logfile32.txt
2010-02-05 00:33:08 ----RSH---- C:\WINDOWS\msdrv32.exe
2010-02-05 00:32:08 ----A---- C:\WINDOWS\system32\sshnas21.dll
2010-02-05 00:20:34 ----D---- C:\WINDOWS\Sun
2010-02-02 23:07:46 ----A---- C:\WINDOWS\system32\mredmddt.dll
2010-01-28 22:08:33 ----A---- C:\WINDOWS\system32\xrsfoxevannuadwrf.exe
2010-01-28 21:03:23 ----D---- C:\Documents and Settings\stephanie\Application Data\ezLife
2010-01-28 21:03:22 ----D---- C:\Documents and Settings\stephanie\Application Data\Smart-Ads-Solutions
2010-01-28 21:03:17 ----D---- C:\Program Files\ezLife
2010-01-28 21:03:17 ----D---- C:\Documents and Settings\stephanie\Application Data\Messenger
2010-01-28 21:03:16 ----D---- C:\Program Files\Smart-Ads-Solutions
2010-01-28 14:17:59 ----D---- C:\Documents and Settings\stephanie\Application Data\LimeWire
2010-01-28 14:09:27 ----D---- C:\Program Files\Windows Live Safety Center
2010-01-28 03:25:38 ----D---- C:\Program Files\Adobe
2010-01-20 18:19:03 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-01-20 17:56:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-20 17:56:18 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-01-20 02:00:20 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2010-01-20 01:59:52 ----D---- C:\Program Files\iPod
2010-01-20 01:59:49 ----D---- C:\Program Files\iTunes
2010-01-20 01:59:49 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-01-20 01:59:33 ----D---- C:\Program Files\Bonjour
2010-01-20 01:59:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-01-20 01:58:35 ----D---- C:\Program Files\Fichiers communs\Apple
2010-01-11 16:45:09 ----A---- C:\WINDOWS\system32\hpz3l054.dll
2010-01-11 16:38:56 ----D---- C:\Program Files\Hewlett-Packard
2010-01-11 16:38:54 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2010-01-11 16:38:39 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-11 16:37:41 ----A---- C:\WINDOWS\system32\hpowiax2.dll
2010-01-11 16:37:41 ----A---- C:\WINDOWS\system32\hpovst09.dll
2010-01-11 16:37:41 ----A---- C:\WINDOWS\system32\hpotiop2.dll
2010-01-11 15:06:38 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-02-08 01:10:51 ----RD---- C:\Program Files
2010-02-08 00:59:13 ----D---- C:\WINDOWS\system32
2010-02-08 00:51:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-08 00:51:04 ----HD---- C:\WINDOWS\inf
2010-02-08 00:47:31 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-08 00:44:44 ----D---- C:\WINDOWS\Temp
2010-02-08 00:44:28 ----D---- C:\WINDOWS\system32\Restore
2010-02-08 00:44:24 ----D---- C:\WINDOWS
2010-02-08 00:41:44 ----D---- C:\Program Files\Windows NT
2010-02-08 00:39:40 ----D---- C:\Program Files\Kellogg's Asie
2010-02-08 00:36:34 ----D---- C:\Program Files\7-Zip
2010-02-08 00:36:22 ----D---- C:\Downloads
2010-02-07 23:52:15 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-07 23:47:47 ----RSHD---- C:\RECYCLER
2010-02-07 23:47:39 ----SHD---- C:\System Volume Information
2010-02-07 23:04:22 ----HD---- C:\Config.Msi
2010-02-07 22:34:29 ----D---- C:\Documents and Settings\stephanie\Application Data\Apple Computer
2010-02-07 22:33:49 ----SHD---- C:\WINDOWS\Installer
2010-02-07 22:25:44 ----D---- C:\WINDOWS\WinSxS
2010-02-07 22:08:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-07 22:03:08 ----D---- C:\WINDOWS\system32\drivers
2010-02-07 22:03:00 ----D---- C:\WINDOWS\Prefetch
2010-02-07 22:02:43 ----D---- C:\Program Files\Alwil Software
2010-02-07 21:51:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-02-07 21:35:03 ----SD---- C:\WINDOWS\Tasks
2010-02-07 21:08:29 ----D---- C:\Program Files\Mozilla Firefox
2010-02-06 00:14:43 ----D---- C:\Program Files\Internet Explorer
2010-02-05 04:06:12 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2010-02-05 04:05:29 ----D---- C:\Program Files\Outlook Express
2010-02-05 03:44:20 ----D---- C:\Program Files\Windows Media Player
2010-02-05 03:40:26 ----D---- C:\Program Files\NetMeeting
2010-02-05 02:07:00 ----D---- C:\WINDOWS\system32\wbem
2010-02-05 01:08:16 ----D---- C:\Documents and Settings\stephanie\Application Data\Free Download Manager
2010-02-05 00:44:55 ----D---- C:\Program Files\Google
2010-02-05 00:37:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-05 00:21:04 ----D---- C:\WINDOWS\Registration
2010-01-31 12:57:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-28 16:46:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-28 03:25:48 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-23 20:54:50 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-01-23 20:54:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-23 20:54:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-23 07:50:52 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-01-23 07:50:00 ----D---- C:\Program Files\Fichiers communs\InstallShield
2010-01-21 17:49:44 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-01-20 18:19:30 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-20 18:19:06 ----D---- C:\WINDOWS\Help
2010-01-20 17:56:36 ----D---- C:\WINDOWS\Debug
2010-01-20 01:59:25 ----D---- C:\Program Files\QuickTime
2010-01-20 01:58:35 ----D---- C:\Program Files\Fichiers communs
2010-01-11 16:38:57 ----D---- C:\WINDOWS\twain_32
2010-01-11 15:48:51 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-11 15:06:20 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-04-15 5632]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-18 6308224]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-19 73600]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-19 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
S3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-27 98432]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-19 61824]
S3 PAC7302;Hercules Classic Link; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2009-06-26 1956352]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Avast4\ashServ.exe []
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-08 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-21 1028432]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-18 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 zvlvhclm;SAMSUNG Mobile Modem sMonitor; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Avast4\aswUpdSv.exe [2010-02-08 19264]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Avast4\ashMaiSv.exe /service []
S3 avast! Web Scanner;avast! Web Scanner; C:\Avast4\ashWebSv.exe /service []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-23 182768]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Run by stephanie at 2010-02-08 01:10:48
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 14 GB (14%) free of 100 GB
Total RAM: 2046 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:11:15, on 08/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\imPlayok.exe
C:\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\stephanie\imPlayok.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyu44.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\eraseme_28437.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Avast4\aswclnr.exe
C:\Avast4\aswclnr.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Safari\Safari.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\wj1ag7pn.tmp\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\stephanie.exe
C:\WINDOWS\System32\svchost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.shareware-fr.com/fr/index.php?rvs=hompag
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.shareware-fr.com/fr/index.php?rvs=hompag
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\stephanie\Application Data\sdra64.exe,C:\WINDOWS\system32\sdra64.exe,
O2 - BHO: (no name) - {507DD85D-CE00-4366-AFAD-F81BC89EB033} - c:\windows\system32\bonegbn.dll
O3 - Toolbar: IMBooster4web-en Toolbar - {6a7400d6-6615-4a06-a4d1-48979fa6e868} - C:\Program Files\iminent-en\tbimi0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [funkyemoticons] C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
O4 - HKLM\..\Run: [imPlayok] C:\WINDOWS\system32\imPlayok.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Windows Driver Software] C:\WINDOWS\system32\driversx.exe
O4 - HKLM\..\Run: [avast!] C:\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DMSN] C:\Program Files\Dialflirt\dialmsn.exe
O4 - HKCU\..\Run: [DialFlirt] C:\Program Files\DialFlirt\dialmsn.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IgfxSys] rundll32.exe "C:\Documents and Settings\stephanie\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector
O4 - HKCU\..\Run: [sefjhf98jfoidsfoishgoiusgdgfgd] C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\ke45t.exe
O4 - HKCU\..\Run: [imPlayok] C:\Documents and Settings\stephanie\imPlayok.exe
O4 - HKCU\..\Run: [Microsoft] C:\Documents and Settings\stephanie\file.exe
O4 - HKCU\..\Run: [psuu4] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyu44.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\RegistryDoktor 4.1\RegistryDoktor.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\msdrv32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe (User 'Default user')
O4 - .DEFAULT Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (User 'Default user')
O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user')
O4 - .DEFAULT Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (User 'Default user')
O4 - .DEFAULT Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O20 - Winlogon Notify: zvrtpoqx - C:\WINDOWS\SYSTEM32\bonegbn.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Avast4\ashWebSv.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 14034 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{507DD85D-CE00-4366-AFAD-F81BC89EB033}]
c:\windows\system32\bonegbn.dll [2002-08-30 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6a7400d6-6615-4a06-a4d1-48979fa6e868} - IMBooster4web-en Toolbar - C:\Program Files\iminent-en\tbimi0.dll [2010-02-01 2166296]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-23 263280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-18 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-18 86016]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-09-21 520024]
"funkyemoticons"=C:\Program Files\FunkyEmoticons\FunkyEmoticons.exe []
"VX3000"=C:\WINDOWS\vVX3000.exe [2009-06-26 757248]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-08 149280]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"ezLife"=0 []
"net"=C:\WINDOWS\system32\net.net [2010-02-05 57344]
"imPlayok"=C:\WINDOWS\system32\imPlayok.exe [2010-02-05 41085]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"Windows Driver Software"=C:\WINDOWS\system32\driversx.exe [2010-02-07 66048]
"avast!"=C:\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\msdrv32.exe [2010-02-05 68608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"DMSN"=C:\Program Files\Dialflirt\dialmsn.exe []
"DialFlirt"=C:\Program Files\DialFlirt\dialmsn.exe []
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-23 39408]
"ares"=C:\Program Files\Ares\Ares.exe -h []
"IgfxSys"=C:\Documents and Settings\stephanie\Application Data\Messenger\Drivers\IgfxSys.dll [2010-01-07 59392]
"sefjhf98jfoidsfoishgoiusgdgfgd"=C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\ke45t.exe []
"imPlayok"=C:\Documents and Settings\stephanie\imPlayok.exe [2010-02-05 41085]
"Microsoft"=C:\Documents and Settings\stephanie\file.exe []
"psuu4"=C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psyu44.exe [2010-02-05 43520]
"RegDokFRT"=C:\RegistryDoktor 4.1\RegistryDoktor.exe []
C:\Documents and Settings\stephanie\Menu Démarrer\Programmes\Démarrage
MSN Pictures Displayer.lnk - C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
Notification de cadeaux MSN.lnk - C:\Documents and Settings\stephanie\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\zvrtpoqx]
C:\WINDOWS\system32\bonegbn.dll [2002-08-30 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
dadayt.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Hercules\Classic Link\Station2.exe"="C:\Program Files\Hercules\Classic Link\Station2.exe:*:Enabled:Hercules Webcam Station Evolution"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\235.exe"="C:\DOCUME~1\STEPHA~1\LOCALS~1\Temp\235.exe:*:C:\WINDOWS\msdrv32.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{983c9609-2c77-11de-8c05-0019db36e8d0}]
shell\Auto\command - K:\launcher.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL launcher.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e0039b9-8908-11de-8c39-0019db36e8d0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
======File associations======
.txt - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-02-08 01:10:51 ----D---- C:\Program Files\trend micro
2010-02-08 01:10:48 ----D---- C:\rsit
2010-02-08 00:44:32 ----A---- C:\WINDOWS\system32\incognito.exe
2010-02-08 00:12:34 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-08 00:09:08 ----D---- C:\Avast4
2010-02-07 23:45:41 ----D---- C:\Qoobox
2010-02-07 23:30:19 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-02-07 23:30:19 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-02-07 23:05:17 ----H---- C:\WINDOWS\system32\winserv.exe
2010-02-07 22:42:24 ----D---- C:\Documents and Settings\stephanie\Application Data\AVG8
2010-02-07 22:33:42 ----D---- C:\Program Files\Safari
2010-02-07 22:25:14 ----D---- C:\Avast5
2010-02-07 22:09:46 ----RSH---- C:\Documents and Settings\stephanie\Application Data\qwdfl.exe
2010-02-07 22:02:46 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-02-07 21:57:39 ----RASH---- C:\WINDOWS\system32\driversx.exe
2010-02-07 21:57:33 ----SHD---- C:\WINDOWS\system32\lowsec
2010-02-07 21:15:28 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-02-07 20:54:45 ----A---- C:\WINDOWS\system32\MSVolumeRD_Fr.dll
2010-02-07 20:54:27 ----D---- C:\RegistryDoktor 4.1
2010-02-05 00:34:24 ----A---- C:\WINDOWS\system32\imPlayok.exe
2010-02-05 00:34:17 ----A---- C:\pti.exe
2010-02-05 00:33:10 ----A---- C:\WINDOWS\system32\kbdatat4.dll
2010-02-05 00:33:10 ----A---- C:\WINDOWS\system32\crt4.dll
2010-02-05 00:33:09 ----A---- C:\WINDOWS\logfile32.txt
2010-02-05 00:33:08 ----RSH---- C:\WINDOWS\msdrv32.exe
2010-02-05 00:32:08 ----A---- C:\WINDOWS\system32\sshnas21.dll
2010-02-05 00:20:34 ----D---- C:\WINDOWS\Sun
2010-02-02 23:07:46 ----A---- C:\WINDOWS\system32\mredmddt.dll
2010-01-28 22:08:33 ----A---- C:\WINDOWS\system32\xrsfoxevannuadwrf.exe
2010-01-28 21:03:23 ----D---- C:\Documents and Settings\stephanie\Application Data\ezLife
2010-01-28 21:03:22 ----D---- C:\Documents and Settings\stephanie\Application Data\Smart-Ads-Solutions
2010-01-28 21:03:17 ----D---- C:\Program Files\ezLife
2010-01-28 21:03:17 ----D---- C:\Documents and Settings\stephanie\Application Data\Messenger
2010-01-28 21:03:16 ----D---- C:\Program Files\Smart-Ads-Solutions
2010-01-28 14:17:59 ----D---- C:\Documents and Settings\stephanie\Application Data\LimeWire
2010-01-28 14:09:27 ----D---- C:\Program Files\Windows Live Safety Center
2010-01-28 03:25:38 ----D---- C:\Program Files\Adobe
2010-01-20 18:19:03 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-01-20 17:56:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-20 17:56:18 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-01-20 02:00:20 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2010-01-20 01:59:52 ----D---- C:\Program Files\iPod
2010-01-20 01:59:49 ----D---- C:\Program Files\iTunes
2010-01-20 01:59:49 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-01-20 01:59:33 ----D---- C:\Program Files\Bonjour
2010-01-20 01:59:08 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-01-20 01:58:35 ----D---- C:\Program Files\Fichiers communs\Apple
2010-01-11 16:45:09 ----A---- C:\WINDOWS\system32\hpz3l054.dll
2010-01-11 16:38:56 ----D---- C:\Program Files\Hewlett-Packard
2010-01-11 16:38:54 ----D---- C:\Program Files\Fichiers communs\Hewlett-Packard
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2010-01-11 16:38:42 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2010-01-11 16:38:39 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-11 16:37:41 ----A---- C:\WINDOWS\system32\hpowiax2.dll
2010-01-11 16:37:41 ----A---- C:\WINDOWS\system32\hpovst09.dll
2010-01-11 16:37:41 ----A---- C:\WINDOWS\system32\hpotiop2.dll
2010-01-11 15:06:38 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
======List of files/folders modified in the last 1 months======
2010-02-08 01:10:51 ----RD---- C:\Program Files
2010-02-08 00:59:13 ----D---- C:\WINDOWS\system32
2010-02-08 00:51:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-08 00:51:04 ----HD---- C:\WINDOWS\inf
2010-02-08 00:47:31 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-08 00:44:44 ----D---- C:\WINDOWS\Temp
2010-02-08 00:44:28 ----D---- C:\WINDOWS\system32\Restore
2010-02-08 00:44:24 ----D---- C:\WINDOWS
2010-02-08 00:41:44 ----D---- C:\Program Files\Windows NT
2010-02-08 00:39:40 ----D---- C:\Program Files\Kellogg's Asie
2010-02-08 00:36:34 ----D---- C:\Program Files\7-Zip
2010-02-08 00:36:22 ----D---- C:\Downloads
2010-02-07 23:52:15 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-07 23:47:47 ----RSHD---- C:\RECYCLER
2010-02-07 23:47:39 ----SHD---- C:\System Volume Information
2010-02-07 23:04:22 ----HD---- C:\Config.Msi
2010-02-07 22:34:29 ----D---- C:\Documents and Settings\stephanie\Application Data\Apple Computer
2010-02-07 22:33:49 ----SHD---- C:\WINDOWS\Installer
2010-02-07 22:25:44 ----D---- C:\WINDOWS\WinSxS
2010-02-07 22:08:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-07 22:03:08 ----D---- C:\WINDOWS\system32\drivers
2010-02-07 22:03:00 ----D---- C:\WINDOWS\Prefetch
2010-02-07 22:02:43 ----D---- C:\Program Files\Alwil Software
2010-02-07 21:51:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-02-07 21:35:03 ----SD---- C:\WINDOWS\Tasks
2010-02-07 21:08:29 ----D---- C:\Program Files\Mozilla Firefox
2010-02-06 00:14:43 ----D---- C:\Program Files\Internet Explorer
2010-02-05 04:06:12 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2010-02-05 04:05:29 ----D---- C:\Program Files\Outlook Express
2010-02-05 03:44:20 ----D---- C:\Program Files\Windows Media Player
2010-02-05 03:40:26 ----D---- C:\Program Files\NetMeeting
2010-02-05 02:07:00 ----D---- C:\WINDOWS\system32\wbem
2010-02-05 01:08:16 ----D---- C:\Documents and Settings\stephanie\Application Data\Free Download Manager
2010-02-05 00:44:55 ----D---- C:\Program Files\Google
2010-02-05 00:37:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-05 00:21:04 ----D---- C:\WINDOWS\Registration
2010-01-31 12:57:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-01-28 16:46:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-28 03:25:48 ----D---- C:\Program Files\Fichiers communs\Adobe
2010-01-23 20:54:50 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-01-23 20:54:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-23 20:54:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-23 07:50:52 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-01-23 07:50:00 ----D---- C:\Program Files\Fichiers communs\InstallShield
2010-01-21 17:49:44 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-01-20 18:19:30 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-20 18:19:06 ----D---- C:\WINDOWS\Help
2010-01-20 17:56:36 ----D---- C:\WINDOWS\Debug
2010-01-20 01:59:25 ----D---- C:\Program Files\QuickTime
2010-01-20 01:58:35 ----D---- C:\Program Files\Fichiers communs
2010-01-11 16:38:57 ----D---- C:\WINDOWS\twain_32
2010-01-11 15:48:51 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-11 15:06:20 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-04-15 5632]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-18 6308224]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R4 sr;Pilote de filtre de restauration système; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-19 73600]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-19 14848]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-19 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
S3 camfilt2;camfilt2; C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2008-02-27 98432]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-19 61824]
S3 PAC7302;Hercules Classic Link; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 VX3000;VX-3000; C:\WINDOWS\system32\DRIVERS\VX3000.sys [2009-06-26 1956352]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Avast4\ashServ.exe []
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-08 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-21 1028432]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-18 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 zvlvhclm;SAMSUNG Mobile Modem sMonitor; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Avast4\aswUpdSv.exe [2010-02-08 19264]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Avast4\ashMaiSv.exe /service []
S3 avast! Web Scanner;avast! Web Scanner; C:\Avast4\ashWebSv.exe /service []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-23 182768]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
-----------------EOF-----------------
Configuration: Windows XP Safari 531.21.10
A voir également:
- J'ai plusieur virus et j'ariv pas a enlever
- Virus mcafee - Accueil - Piratage
- Enlever pub youtube - Accueil - Streaming
- Enlever le mode sécurisé - Guide
- Enlever liste déroulante excel - Guide
- Enlever mot de passe windows 10 - Guide
1 réponse
bonjour
le pc est tres salement atteint de virut le pire de tous...
à lire absolument
http://www.commentcamarche.net/faq/16138-comment-supprimer-virut
priorite sauvergarder !
Il faut sauvegarder vos documents, et précieux de préférence, sur des CD/DVD à graver.
Ne sauvegardez aucun logiciel exécutable, zippé (.zip), compressé (.rar), fichiers .scr, vous risqueriez de sauvegarder un fichier infecté par Virut. N'oubliez pas qu'un seul fichier Virut peut infecter le reste du PC.
.........................
ensuite
on peut tenter de traiter le pc
si tu as internet sur ce pc, dans le contraire dis le
▶ Téléchargez Dr.Web CureIt! sur ton Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
▶ Double-cliquez sur drweb-cureit.exe et cliquez sur Commencer le scan.
▶ Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton Oui pour Tout à l'invite.
▶ Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
▶ Choisissez l'onglet Scanner, et décochez Analyse heuristique.
▶ De retour à la fenêtre principale : choisissez Analyse complète.
▶ Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
▶ Cliquez Oui pour Tout si un fichier est détecté.
▶ A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
▶ Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
▶ Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
▶ Fermez Dr.Web CureIt!
▶ Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
▶ Postez (Copiez/Collez) le contenu du rapport de l'outil Dr.Web dans un bloc note
Ensuite :
▶ Rendez-vous à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
▶ Cliquez sur parcourir, chercher rapport DrWeb.txt puis sur cliquez ici pour déposer le fichier
▶ Une fois le lien crée, faite un clique droit dessus et copier l'adresse du lien pour venir le coller dans votre réponse
le pc est tres salement atteint de virut le pire de tous...
à lire absolument
http://www.commentcamarche.net/faq/16138-comment-supprimer-virut
priorite sauvergarder !
Il faut sauvegarder vos documents, et précieux de préférence, sur des CD/DVD à graver.
Ne sauvegardez aucun logiciel exécutable, zippé (.zip), compressé (.rar), fichiers .scr, vous risqueriez de sauvegarder un fichier infecté par Virut. N'oubliez pas qu'un seul fichier Virut peut infecter le reste du PC.
.........................
ensuite
on peut tenter de traiter le pc
si tu as internet sur ce pc, dans le contraire dis le
▶ Téléchargez Dr.Web CureIt! sur ton Bureau :
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
▶ Double-cliquez sur drweb-cureit.exe et cliquez sur Commencer le scan.
▶ Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton Oui pour Tout à l'invite.
▶ Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
▶ Choisissez l'onglet Scanner, et décochez Analyse heuristique.
▶ De retour à la fenêtre principale : choisissez Analyse complète.
▶ Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
▶ Cliquez Oui pour Tout si un fichier est détecté.
▶ A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
▶ Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
▶ Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
▶ Fermez Dr.Web CureIt!
▶ Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
▶ Postez (Copiez/Collez) le contenu du rapport de l'outil Dr.Web dans un bloc note
Ensuite :
▶ Rendez-vous à cette adresse d'hébergement gratuit : http://www.cijoint.fr/
▶ Cliquez sur parcourir, chercher rapport DrWeb.txt puis sur cliquez ici pour déposer le fichier
▶ Une fois le lien crée, faite un clique droit dessus et copier l'adresse du lien pour venir le coller dans votre réponse
