Sujet Précédent Sujet Suivant

Trojan horse bho.ffg

anankronik Messages postés 39 Statut Membre -  
 E..T -
Bonjour,

J'ai besoin de votre aide car mon antivirus AVG8.0 détecte un virus : TROJAN HORSE BHO.FFG
AVG8.0 ne veut pasle supprimer ou le mettre en quarantaine. Ensuite j'ai essayé avec spybot et c'est pareil. J'ai aussi essayer avec AD-AWARE 2008 et le virus est toujours là.

Je ne sais plus quoi faire.

Pouvez-vous me dire si c'est grave comme VIRUS et me dire comment l'éradiquer définitivement.

MERCI d'avance pour votre aide.
A voir également:

61 réponses

Réponse 1 / 61
Utilisateur anonyme
 
bonsoir recopie tes lien dans note pad comme ca t aura plus qu a les reinstaller par la suite
1
anankronik Messages postés 39 Statut Membre
 
Salut,

comment tu fais pour les copier ??
0
Réponse 2 / 61
Utilisateur anonyme
 
bonjour etein ton anti virus et telecharge https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/12884.html fait un scan
0
Réponse 3 / 61
00julien00 Messages postés 1301 Statut Membre 175
 
éssais avast et si tu a des fichier personnelle je te conseille de les copier et de les supprimer car un trojan sa serre a piquer des info de ton pc et les plus evoluée comme netbus peuvent prendre le controle de ton pc !
0
Réponse 4 / 61
anankronik Messages postés 39 Statut Membre
 
Merci pour vos réponse,

yann peux tu me dire comment désactiver SPYBOT ?

NB : Je ne pense pas qu'il faut que je désactive AD-AWARE 2008 car c'est la version free et elle n'est pas active en temps réel. Je dis bien "je pense" ( ce n'est pas une affirmation ) car je suis débutant en informatique.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 61
anankronik Messages postés 39 Statut Membre
 
Ah oui, j'ai oublier de demander aussi comment désactiver AVG8.0 AUSSI
0
Réponse 6 / 61
Utilisateur anonyme
 
en bas a droite tu doit avoir l icone spyboot dans ta barre de tache clic droit et met quitter
0
Réponse 7 / 61
anankronik Messages postés 39 Statut Membre
 
OK MERCI ET J'ai fait pareil pour AVG 8.0
0
Réponse 8 / 61
Utilisateur anonyme
 
pour avg tu doit a mon avis faire la meme manip il doit y avoir ecrit desactiver la protection ou sinon essaye en le laissant
0
Réponse 9 / 61
anankronik Messages postés 39 Statut Membre
 
C'est bon yann, j'ai fait le scan avec le logiciel que tu m'a proposé et après ?
0
Réponse 10 / 61
Utilisateur anonyme
 
il a trouver quelque chose
0
Réponse 11 / 61
anankronik Messages postés 39 Statut Membre
 
J'ai pas l'impression mais je peux toujours te faire voir l'historique si tu veux ?

Dis moi OUI ou NON
0
Réponse 12 / 61
Utilisateur anonyme
 
si tu veux vas dans statut statistique menu detaillé et regarde
0
Réponse 13 / 61
anankronik Messages postés 39 Statut Membre
 
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.1.2538. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 11:09:56 16 août 2008
Using Database v7102
Operating System: Windows Vista [Windows Vista (Build 6000)]
Edition: Windows Vista (TM) Home Premium
File System: NTFS
User Account Control is Enabled.
Data directory: C:\Users\maxime\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\maxime\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************
The following Anti-Malware program(s) are loaded:
Microsoft Windows Defender
Avast! Antivirus

************************************************************

************************************************************
11:09:56: Scanning ----------WIN.INI-----------
WIN.INI found in C:\Windows

************************************************************
11:09:56: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\Windows

************************************************************
11:09:56: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
11:09:57: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: explorer.exe
C:\Windows\explorer.exe
2923520 bytes
Created: 09/01/2008
Modified: 09/01/2008
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
24576 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: Windows Defender
Value Data: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
C:\Program Files\Windows Defender\MSASCui.exe
1006264 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Microsoft Corporation
--------------------
Value Name: ECenter
Value Data: C:\Dell\E-Center\EULALauncher.exe
C:\Dell\E-Center\EULALauncher.exe
17920 bytes
Created: 02/01/2008
Modified: 25/05/2007
Company:
--------------------
Value Name: Bluetooth HCI Monitor
Value Data: RunDll32 HCIMNTR.DLL,RunCheckHCIMode
C:\Windows\system32\HCIMNTR.DLL
9728 bytes
Created: 02/01/2008
Modified: 08/12/2006
Company: Logitech Inc.
--------------------
Value Name: SigmatelSysTrayApp
Value Data: C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
405504 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: SigmaTel, Inc.
--------------------
Value Name: Windows Mobile Device Center
Value Data: %windir%\WindowsMobile\wmdc.exe
C:\Windows\WindowsMobile\wmdc.exe
648072 bytes
Created: 31/05/2007
Modified: 31/05/2007
Company: Microsoft Corporation
--------------------
Value Name: SunJavaUpdateSched
Value Data: "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
c:\Program Files\Java\jre1.6.0\bin\jusched.exe
77824 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Sun Microsystems, Inc.
--------------------
Value Name: PMX Daemon
Value Data: ICO.EXE
C:\Windows\system32\ICO.EXE
49152 bytes
Created: 02/01/2008
Modified: 08/11/2006
Company: Primax Electronics Ltd.
--------------------
Value Name: IAAnotif
Value Data: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
178712 bytes
Created: 02/01/2008
Modified: 26/07/2007
Company: Intel Corporation
--------------------
Value Name: NMSSupport
Value Data: "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
439512 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel Corporation
--------------------
Value Name: CCUTRAYICON
Value Data: "C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe"
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
215256 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
--------------------
Value Name: dscactivate
Value Data: "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
16384 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company:
--------------------
Value Name: Google Desktop Search
Value Data: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1838592 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
--------------------
Value Name: fssui
Value Data: "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
243240 bytes
Created: 17/12/2007
Modified: 17/12/2007
Company: Microsoft Corporation
--------------------
Value Name: TkBellExe
Value Data: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
185896 bytes
Created: 27/01/2008
Modified: 27/01/2008
Company: RealNetworks, Inc.
--------------------
Value Name: e-TF1
Value Data: C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\TF1Vision\TF1vision.exe
345600 bytes
Created: 22/02/2008
Modified: 24/12/2007
Company: 1-Click Media
--------------------
Value Name: Adobe Reader Speed Launcher
Value Data: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
39792 bytes
Created: 11/01/2008
Modified: 11/01/2008
Company: Adobe Systems Incorporated
--------------------
Value Name: DellSupportCenter
Value Data: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
202544 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company: SupportSoft, Inc.
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
78008 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
--------------------
Value Name: AVG8_TRAY
Value Data: C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
1232152 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
--------------------
Value Name: AGEIA PhysX SysTray
Value Data: "C:\Program Files\AGEIA Technologies\TrayIcon.exe"
C:\Program Files\AGEIA Technologies\TrayIcon.exe
339968 bytes
Created: 16/08/2006
Modified: 16/08/2006
Company:
--------------------
Value Name: AppleSyncNotifier
Value Data: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
116040 bytes
Created: 22/07/2008
Modified: 22/07/2008
Company: Apple Inc.
--------------------
Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
413696 bytes
Created: 27/05/2008
Modified: 27/05/2008
Company: Apple Inc.
--------------------
Value Name: iTunesHelper
Value Data: "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
289064 bytes
Created: 30/07/2008
Modified: 30/07/2008
Company: Apple Inc.
--------------------
Value Name: NvCplDaemon
Value Data: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
C:\Windows\system32\NvCpl.dll
13535776 bytes
Created: 12/06/2008
Modified: 12/06/2008
Company: NVIDIA Corporation
--------------------
Value Name: NvMediaCenter
Value Data: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
C:\Windows\system32\NvMcTray.dll
92704 bytes
Created: 02/01/2008
Modified: 12/06/2008
Company: NVIDIA Corporation
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
909904 bytes
Created: 16/08/2008
Modified: 30/07/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: DellSupportCenter
Value Data: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
202544 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company: SupportSoft, Inc.
--------------------
Value Name: ehTray.exe
Value Data: C:\Windows\ehome\ehTray.exe
C:\Windows\ehome\ehTray.exe
125440 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
--------------------
Value Name: CanalPlayer
Value Data: C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe [file not found to scan]
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google Inc.
--------------------
Value Name: ISUSPM
Value Data: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
218032 bytes
Created: 11/09/2006
Modified: 11/09/2006
Company: Macrovision Corporation
--------------------
Value Name: AlcoholAutomount
Value Data: "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
217544 bytes
Created: 20/03/2008
Modified: 20/03/2008
Company: Alcohol Soft Development Team
--------------------
Value Name: WindowsWelcomeCenter
Value Data: rundll32.exe oobefldr.dll,ShowWelcomeCenter
C:\Windows\system32\oobefldr.dll
2159104 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
--------------------
Value Name: SpybotSD TeaTimer
Value Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - this entry is globally excluded
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty

************************************************************
11:10:01: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {522E0112-EDD9-413D-A99E-C311A54B6676}
File: C:\Windows\system32\pmnNGwuT.dll
C:\Windows\system32\pmnNGwuT.dll - this registry value has been removed [file not found to scan]
HKCR\CLSID\{522E0112-EDD9-413D-A99E-C311A54B6676} - this key has been removed
----------

************************************************************
11:10:35: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
11:10:35: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\system32\STARWA~1.SCR
C:\Windows\system32\STARWA~1.SCR
2540251 bytes
Created: 29/02/2008
Modified: 29/02/2008
Company: Axialis Software
--------------------

************************************************************
11:10:37: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----

************************************************************
11:10:37: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: BthServ
Path: %SystemRoot%\System32\bthserv.dll
C:\Windows\System32\bthserv.dll
39936 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
--------------------
Key: RapiMgr
Path: %windir%\WindowsMobile\rapimgr.dll
C:\Windows\WindowsMobile\rapimgr.dll
183688 bytes
Created: 31/05/2007
Modified: 31/05/2007
Company: Microsoft Corporation
--------------------
Key: WcesComm
Path: %windir%\WindowsMobile\wcescomm.dll
C:\Windows\WindowsMobile\wcescomm.dll
379784 bytes
Created: 31/05/2007
Modified: 31/05/2007
Company: Microsoft Corporation
--------------------

************************************************************
11:10:38: Scanning ----- SERVICES REGISTRY KEYS -----
Key: aawservice
ImagePath: "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
611664 bytes
Created: 12/05/2008
Modified: 16/08/2008
Company: Lavasoft
----------
Key: AdobeActiveFileMonitor6.0
ImagePath: C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
124832 bytes
Created: 11/09/2007
Modified: 11/09/2007
Company:
----------
Key: AlertService
ImagePath: "C:\Program Files\Intel\IntelDH\CCU\AlertService.exe"
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
223448 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: Apple Mobile Device
ImagePath: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
116040 bytes
Created: 22/07/2008
Modified: 22/07/2008
Company: Apple Inc.
----------
Key: aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
51280 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
16056 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: atapi
ImagePath: \SystemRoot\system32\drivers\atapi.sys
C:\Windows\system32\drivers\atapi.sys
21688 bytes
Created: 02/11/2006
Modified: 02/01/2008
Company: Microsoft Corporation
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
147640 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
250040 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
348344 bytes
Created: 15/08/2008
Modified: 23/07/2008
Company: ALWIL Software
----------
Key: avg8emc
ImagePath: C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
873752 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: avg8wd
ImagePath: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
231192 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: AvgLdx86
ImagePath: \SystemRoot\System32\Drivers\avgldx86.sys
C:\Windows\System32\Drivers\avgldx86.sys
96520 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: AvgMfx86
ImagePath: \SystemRoot\System32\Drivers\avgmfx86.sys
C:\Windows\System32\Drivers\avgmfx86.sys
26824 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: AvgWfpX
ImagePath: \SystemRoot\System32\Drivers\avgwfpx.sys
C:\Windows\System32\Drivers\avgwfpx.sys
69128 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: BCM43XV
ImagePath: system32\DRIVERS\bcmwl6.sys
C:\Windows\system32\DRIVERS\bcmwl6.sys
464384 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Broadcom Corporation
----------
Key: blbdrive
ImagePath: \SystemRoot\system32\drivers\blbdrive.sys - file is missing - alert is globally excluded
----------
Key: Bonjour Service
ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Program Files\Bonjour\mDNSResponder.exe
229376 bytes
Created: 24/07/2007
Modified: 24/07/2007
Company: Apple Inc.
----------
Key: BthEnum
ImagePath: system32\DRIVERS\BthEnum.sys
C:\Windows\system32\DRIVERS\BthEnum.sys
19456 bytes
Created: 11/06/2008
Modified: 29/04/2008
Company: Microsoft Corporation
----------
Key: BthPan
ImagePath: system32\DRIVERS\bthpan.sys
C:\Windows\system32\DRIVERS\bthpan.sys
92160 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: BTHPORT
ImagePath: System32\Drivers\BTHport.sys
C:\Windows\System32\Drivers\BTHport.sys
220160 bytes
Created: 11/06/2008
Modified: 29/04/2008
Company: Microsoft Corporation
----------
Key: BTHUSB
ImagePath: System32\Drivers\BTHUSB.sys
C:\Windows\System32\Drivers\BTHUSB.sys
29184 bytes
Created: 11/06/2008
Modified: 29/04/2008
Company: Microsoft Corporation
----------
Key: btwaudio
ImagePath: system32\drivers\btwaudio.sys
C:\Windows\system32\drivers\btwaudio.sys
79664 bytes
Created: 02/01/2008
Modified: 02/04/2007
Company: Broadcom Corporation.
----------
Key: btwavdt
ImagePath: system32\drivers\btwavdt.sys
C:\Windows\system32\drivers\btwavdt.sys
80688 bytes
Created: 02/01/2008
Modified: 02/04/2007
Company: Broadcom Corporation.
----------
Key: btwrchid
ImagePath: system32\DRIVERS\btwrchid.sys
C:\Windows\system32\DRIVERS\btwrchid.sys
16432 bytes
Created: 02/01/2008
Modified: 02/04/2007
Company: Broadcom Corporation.
----------
Key: DHTRACE
ImagePath: C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
39640 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: DQLWinService
ImagePath: "C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe"
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
208896 bytes
Created: 12/02/2007
Modified: 12/02/2007
Company:
----------
Key: e1express
ImagePath: system32\DRIVERS\e1e6032.sys
C:\Windows\system32\DRIVERS\e1e6032.sys
228224 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: Intel Corporation
----------
Key: EMSUSB2
ImagePath: system32\DRIVERS\EMSUSB2.sys
C:\Windows\system32\DRIVERS\EMSUSB2.sys
9728 bytes
Created: 27/07/2008
Modified: 03/01/2007
Company:
----------
Key: FLEXnet Licensing Service
ImagePath: "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
654848 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Macrovision Europe Ltd.
----------
Key: fssfltr
ImagePath: system32\DRIVERS\fssfltr.sys
C:\Windows\system32\DRIVERS\fssfltr.sys
43816 bytes
Created: 09/01/2008
Modified: 17/10/2007
Company: Microsoft Corporation
----------
Key: fsssvc
ImagePath: "C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe"
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
523816 bytes
Created: 17/12/2007
Modified: 17/12/2007
Company: Microsoft Corporation
----------
Key: GoogleDesktopManager
ImagePath: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1838592 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------
Key: IAANTMON
ImagePath: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
358936 bytes
Created: 02/01/2008
Modified: 26/07/2007
Company: Intel Corporation
----------
Key: iaStor
ImagePath: system32\drivers\iastor.sys
C:\Windows\system32\drivers\iastor.sys
305688 bytes
Created: 02/01/2008
Modified: 29/08/2007
Company: Intel Corporation
----------
Key: IDriverT
ImagePath: "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
73728 bytes
Created: 22/10/2004
Modified: 22/10/2004
Company: Macrovision Corporation
----------
Key: IntelDH
ImagePath: System32\Drivers\IntelDH.sys
C:\Windows\System32\Drivers\IntelDH.sys
5632 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Intel Corporation
----------
Key: IpInIp
ImagePath: system32\DRIVERS\ipinip.sys - file is missing - alert is globally excluded
----------
Key: ISSM
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
59096 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: M1 Server
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
268504 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company:
----------
Key: MCLServiceATL
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
157912 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: msiserver
ImagePath: %systemroot%\system32\msiexec /V
----------
Key: NMSCore
ImagePath: "C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe"
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
317656 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: nmsunidr
ImagePath: system32\DRIVERS\nmsunidr.sys
C:\Windows\system32\DRIVERS\nmsunidr.sys
-S- 5376 bytes
Created: 18/02/2007
Modified: 18/02/2007
Company: Gteko Ltd.
----------
Key: nvsvc
ImagePath: %SystemRoot%\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
118784 bytes
Created: 12/06/2008
Modified: 12/06/2008
Company: NVIDIA Corporation
----------
Key: NwlnkFlt
ImagePath: system32\DRIVERS\nwlnkflt.sys - file is missing - alert is globally excluded
----------
Key: NwlnkFwd
ImagePath: system32\DRIVERS\nwlnkfwd.sys - file is missing - alert is globally excluded
----------
Key: phaudlwr
ImagePath: system32\DRIVERS\phaudlwr.sys
C:\Windows\system32\DRIVERS\phaudlwr.sys
88704 bytes
Created: 07/05/2008
Modified: 07/05/2008
Company: Philips Applied Technologies
----------
Key: pmxmouse
ImagePath: system32\DRIVERS\pmxmouse.sys
C:\Windows\system32\DRIVERS\pmxmouse.sys
18432 bytes
Created: 02/01/2008
Modified: 01/06/2007
Company: Primax Electronics Ltd.
----------
Key: pmxusblf
ImagePath: system32\DRIVERS\pmxusblf.sys
C:\Windows\system32\DRIVERS\pmxusblf.sys
19008 bytes
Created: 02/01/2008
Modified: 24/05/2007
Company: Primax Electronics Ltd.
----------
Key: QualityManager
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
272600 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: Remote UI Service
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
446680 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: RFCOMM
ImagePath: system32\DRIVERS\rfcomm.sys
C:\Windows\system32\DRIVERS\rfcomm.sys
49664 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: RoxMediaDB9
ImagePath: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
1010160 bytes
Created: 06/09/2007
Modified: 06/09/2007
Company: Sonic Solutions
----------
Key: Serenum
ImagePath: \SystemRoot\system32\drivers\serenum.sys
C:\Windows\system32\drivers\serenum.sys
17920 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: Serial
ImagePath: \SystemRoot\system32\drivers\serial.sys
C:\Windows\system32\drivers\serial.sys
83456 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: sfdrv01
ImagePath: System32\drivers\sfdrv01.sys
C:\Windows\System32\drivers\sfdrv01.sys
59256 bytes
Created: 05/07/2006
Modified: 05/07/2006
Company: Protection Technology (StarForce)
----------
Key: sfhlp02
ImagePath: System32\drivers\sfhlp02.sys
C:\Windows\System32\drivers\sfhlp02.sys
13680 bytes
Created: 14/06/2006
Modified: 14/06/2006
Company: Protection Technology (StarForce)
----------
Key: sfsync03
ImagePath: System32\drivers\sfsync03.sys
C:\Windows\System32\drivers\sfsync03.sys
35328 bytes
Created: 06/12/2005
Modified: 06/12/2005
Company: Protection Technology
----------
Key: sfvfs02
ImagePath: System32\drivers\sfvfs02.sys
C:\Windows\System32\drivers\sfvfs02.sys
83320 bytes
Created: 08/02/2007
Modified: 08/02/2007
Company: Protection Technology (StarForce)
----------
Key: SPC520
ImagePath: system32\drivers\SPC520.sys
C:\Windows\system32\drivers\SPC520.sys
483328 bytes
Created: 16/08/2008
Modified: 01/10/2007
Company: Philips
----------
Key: SPC520m
ImagePath: system32\drivers\SPC520m.sys
C:\Windows\system32\drivers\SPC520m.sys
7680 bytes
Created: 16/08/2008
Modified: 01/10/2007
Company: Philips
----------
Key: sprtsvc_dellsupportcenter
ImagePath: C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
202544 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company: SupportSoft, Inc.
----------
Key: sptd
ImagePath: System32\Drivers\sptd.sys - this file is globally excluded
----------
Key: STacSV
ImagePath: C:\Windows\system32\STacSV.exe
C:\Windows\system32\STacSV.exe
94208 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: SigmaTel, Inc.
----------
Key: StarWindServiceAE
ImagePath: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
275968 bytes
Created: 28/05/2007
Modified: 28/05/2007
Company: Rocket Division Software
----------
Key: STHDA
ImagePath: system32\drivers\stwrt.sys
C:\Windows\system32\drivers\stwrt.sys
326656 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: SigmaTel, Inc.
----------
Key: stllssvr
ImagePath: "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
-R- 69632 bytes
Created: 11/07/2007
Modified: 11/07/2007
Company: MicroVision Development, Inc.
----------
Key: TSHWMDTCP
ImagePath: \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
14552 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company:
----------
Key: usnjsvc
ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
C:\Program Files\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18/10/2007
Modified: 18/10/2007
Company: Microsoft Corporation
----------
Key: WinUsb
ImagePath: system32\DRIVERS\WinUSB.SYS
C:\Windows\system32\DRIVERS\WinUSB.SYS
31616 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: WLSetupSvc
ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25/10/2007
Modified: 25/10/2007
Company: Microsoft Corporation
----------

************************************************************
11:10:51: Scanning -----VXD ENTRIES-----

************************************************************
11:10:51: Scanning ----- WINLOGON\NOTIFY DLLS -----
No WINLOGON\NOTIFY DLLs found to scan

************************************************************
11:10:51: Scanning ----- CONTEXTMENUHANDLERS -----
Key: ALZip
CLSID: {4EB37360-49E8-11D3-95B5-004033382980}
Path: C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll
C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll
471552 bytes
Created: 03/07/2007
Modified: 03/07/2007
Company: ESTsoft
----------
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
73912 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: AVG8 Shell Extension
CLSID: {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
Path: C:\Program Files\AVG\AVG8\avgse.dll
C:\Program Files\AVG\AVG8\avgse.dll
99608 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------

************************************************************
11:10:51: Scanning ----- FOLDER\COLUMNHANDLERS -----

************************************************************
11:10:51: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
62080 bytes
Created: 23/10/2006
Modified: 23/10/2006
Company: Adobe Systems Incorporated
----------
Key: {2E03C0FD-4C48-43A7-9A54-00240C70FF16}
BHO: C:\Windows\system32\BhoECart.dll
C:\Windows\system32\BhoECart.dll
139264 bytes
Created: 31/10/2003
Modified: 31/10/2003
Company: Orbiscom Ltd. All rights reserved.
----------
Key: {3049C3E9-B461-4BC5-8870-4C09146192CA}
BHO: C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
370296 bytes
Created: 27/01/2008
Modified: 27/01/2008
Company: RealPlayer
----------
Key: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
BHO: C:\Program Files\AVG\AVG8\avgssie.dll
C:\Program Files\AVG\AVG8\avgssie.dll
455960 bytes
Created: 27/05/2008
Modified: 05/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}
BHO: C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
56360 bytes
Created: 17/12/2007
Modified: 17/12/2007
Company: Microsoft Corporation
----------
Key: {53707962-6F74-2D53-2644-206D7942484F}
BHO: C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
1562448 bytes
Created: 15/08/2008
Modified: 07/07/2008
Company: Safer Networking Limited
----------
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: c:\Program Files\Java\jre1.6.0\bin\ssv.dll
c:\Program Files\Java\jre1.6.0\bin\ssv.dll
501384 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Sun Microsystems, Inc.
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
328752 bytes
Created: 20/09/2007
Modified: 20/09/2007
Company: Microsoft Corporation
----------
Key: {A057A204-BACC-4D26-9990-79A187E2698E}
BHO: C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
2055960 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG, Technologies CZ, s.r.o
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar2.dll
c:\program files\google\googletoolbar2.dll
-R- 2582136 bytes
Created: 16/05/2008
Modified: 16/05/2008
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
325048 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
----------
Key: {CA6319C0-31B7-401E-A518-A07C3DB8F777}
BHO: C:\Program Files\Dell\BAE\BAE.dll
C:\Program Files\Dell\BAE\BAE.dll
98304 bytes
Created: 09/11/2006
Modified: 09/11/2006
Company: Dell Inc.
----------

************************************************************
11:10:52: Scanning ----- SHELLSERVICEOBJECTS -----

************************************************************
11:10:52: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
11:10:52: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
11:10:52: Scanning ----- APPINIT_DLLS -----
AppInitDLLs entry = [C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL]
File: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
145408 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------
File: avgrsstx.dll
C:\Windows\system32\avgrsstx.dll
10520 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
File: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
145408 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------

************************************************************
11:10:53: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
11:10:53: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
715568 bytes
Created: 13/02/2007
Modified: 13/02/2007
Company: Broadcom Corporation.
BTTray.lnk - links to C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 02/11/2006
Modified: 10/07/2008
Company:
--------------------
C:\Windows\VPro520.exe
73728 bytes
Created: 14/01/2008
Modified: 06/04/2007
Company: Philips
VPro520.lnk - links to C:\Windows\VPro520.exe
--------------------

************************************************************
11:10:53: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: Invité
[C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 18/07/2008
Modified: 18/07/2008
Company:
----------
--------------------
Checking Startup Group for: maxime
[C:\Users\maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 05/01/2008
Modified: 05/01/2008
Company:
----------
--------------------

************************************************************
11:10:53: Scanning ----- SCHEDULED TASKS -----
Taskname: Vérifier les mises à jour de Windows Live Toolbar.job
File: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
99856 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
Parameters: [blank]
Next Run Time: 16/08/2008 11:38:00
Status: La tâche n'a pas encore été exécutée
Creator: maxime
Comments: [blank]
----------

************************************************************
11:10:53: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
No ShellIconOverlayIdentifiers Registry key found to scan

************************************************************
11:10:53: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\maxime\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
C:\Users\maxime\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
2273454 bytes
Created: 28/06/2008
Modified: 28/06/2008
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
C:\Users\maxime\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
2273454 bytes
Created: 28/06/2008
Modified: 28/06/2008
Company:
----------
Additional checks completed

************************************************************
11:10:54: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\wininit.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\services.exe
--------------------
C:\Windows\system32\lsass.exe
--------------------
C:\Windows\system32\lsm.exe
--------------------
C:\Windows\system32\winlogon.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\SLsvc.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\WUDFHost.exe
--------------------
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
--------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashServ.exe
--------------------
C:\Windows\System32\spoolsv.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\Dwm.exe
--------------------
C:\Windows\Explorer.EXE
--------------------
C:\Program Files\Windows Defender\MSASCui.exe
--------------------
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
--------------------
C:\Windows\WindowsMobile\wmdc.exe
--------------------
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
--------------------
C:\Windows\System32\ico.exe
--------------------
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
--------------------
C:\Windows\System32\Pmxmiced.exe
--------------------
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
--------------------
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
--------------------
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
--------------------
C:\Program Files\TF1Vision\TF1vision.exe
--------------------
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\AGEIA Technologies\TrayIcon.exe
--------------------
C:\Program Files\iTunes\iTunesHelper.exe
--------------------
C:\Windows\ehome\ehtray.exe
--------------------
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
--------------------
C:\Windows\ehome\ehmsas.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
--------------------
C:\Windows\VPro520.exe
--------------------
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
--------------------
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
--------------------
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
--------------------
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--------------------
C:\Program Files\Bonjour\mDNSResponder.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
--------------------
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
--------------------
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
--------------------
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
--------------------
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
--------------------
C:\Windows\system32\STacSV.exe
--------------------
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
--------------------
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\SearchIndexer.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
--------------------
C:\Windows\system32\WUDFHost.exe
--------------------
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
--------------------
C:\PROGRA~1\AVG\AVG8\avgemc.exe
--------------------
C:\Program Files\Windows Media Player\wmplayer.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Program Files\iPod\bin\iPodService.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
--------------------
C:\Program Files\Windows Mail\WindowsMailGadget.exe
--------------------
C:\Program Files\Windows Mail\WinMail.exe
--------------------
C:\Windows\system32\nvvsvc.exe
--------------------
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
--------------------
C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize: 2540096
[This is a Trojan Remover component]
--------------------
--------------------
C:\Windows\system32\conime.exe
--------------------

************************************************************
11:10:57: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://www.msn.com/fr-fr
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 11:10:57 16 août 2008
************************************************************
0
Réponse 14 / 61
anankronik Messages postés 39 Statut Membre
 
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.1.2538. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 11:09:56 16 août 2008
Using Database v7102
Operating System: Windows Vista [Windows Vista (Build 6000)]
Edition: Windows Vista (TM) Home Premium
File System: NTFS
User Account Control is Enabled.
Data directory: C:\Users\maxime\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\maxime\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************
The following Anti-Malware program(s) are loaded:
Microsoft Windows Defender
Avast! Antivirus

************************************************************

************************************************************
11:09:56: Scanning ----------WIN.INI-----------
WIN.INI found in C:\Windows

************************************************************
11:09:56: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\Windows

************************************************************
11:09:56: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
11:09:57: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: explorer.exe
C:\Windows\explorer.exe
2923520 bytes
Created: 09/01/2008
Modified: 09/01/2008
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
24576 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: Windows Defender
Value Data: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
C:\Program Files\Windows Defender\MSASCui.exe
1006264 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Microsoft Corporation
--------------------
Value Name: ECenter
Value Data: C:\Dell\E-Center\EULALauncher.exe
C:\Dell\E-Center\EULALauncher.exe
17920 bytes
Created: 02/01/2008
Modified: 25/05/2007
Company:
--------------------
Value Name: Bluetooth HCI Monitor
Value Data: RunDll32 HCIMNTR.DLL,RunCheckHCIMode
C:\Windows\system32\HCIMNTR.DLL
9728 bytes
Created: 02/01/2008
Modified: 08/12/2006
Company: Logitech Inc.
--------------------
Value Name: SigmatelSysTrayApp
Value Data: C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
405504 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: SigmaTel, Inc.
--------------------
Value Name: Windows Mobile Device Center
Value Data: %windir%\WindowsMobile\wmdc.exe
C:\Windows\WindowsMobile\wmdc.exe
648072 bytes
Created: 31/05/2007
Modified: 31/05/2007
Company: Microsoft Corporation
--------------------
Value Name: SunJavaUpdateSched
Value Data: "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
c:\Program Files\Java\jre1.6.0\bin\jusched.exe
77824 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Sun Microsystems, Inc.
--------------------
Value Name: PMX Daemon
Value Data: ICO.EXE
C:\Windows\system32\ICO.EXE
49152 bytes
Created: 02/01/2008
Modified: 08/11/2006
Company: Primax Electronics Ltd.
--------------------
Value Name: IAAnotif
Value Data: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
178712 bytes
Created: 02/01/2008
Modified: 26/07/2007
Company: Intel Corporation
--------------------
Value Name: NMSSupport
Value Data: "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
439512 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel Corporation
--------------------
Value Name: CCUTRAYICON
Value Data: "C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe"
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
215256 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
--------------------
Value Name: dscactivate
Value Data: "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
16384 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company:
--------------------
Value Name: Google Desktop Search
Value Data: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1838592 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
--------------------
Value Name: fssui
Value Data: "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
243240 bytes
Created: 17/12/2007
Modified: 17/12/2007
Company: Microsoft Corporation
--------------------
Value Name: TkBellExe
Value Data: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
185896 bytes
Created: 27/01/2008
Modified: 27/01/2008
Company: RealNetworks, Inc.
--------------------
Value Name: e-TF1
Value Data: C:\Program Files\TF1Vision\TF1vision.exe
C:\Program Files\TF1Vision\TF1vision.exe
345600 bytes
Created: 22/02/2008
Modified: 24/12/2007
Company: 1-Click Media
--------------------
Value Name: Adobe Reader Speed Launcher
Value Data: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
39792 bytes
Created: 11/01/2008
Modified: 11/01/2008
Company: Adobe Systems Incorporated
--------------------
Value Name: DellSupportCenter
Value Data: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
202544 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company: SupportSoft, Inc.
--------------------
Value Name: avast!
Value Data: C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
78008 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
--------------------
Value Name: AVG8_TRAY
Value Data: C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
1232152 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
--------------------
Value Name: AGEIA PhysX SysTray
Value Data: "C:\Program Files\AGEIA Technologies\TrayIcon.exe"
C:\Program Files\AGEIA Technologies\TrayIcon.exe
339968 bytes
Created: 16/08/2006
Modified: 16/08/2006
Company:
--------------------
Value Name: AppleSyncNotifier
Value Data: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
116040 bytes
Created: 22/07/2008
Modified: 22/07/2008
Company: Apple Inc.
--------------------
Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
413696 bytes
Created: 27/05/2008
Modified: 27/05/2008
Company: Apple Inc.
--------------------
Value Name: iTunesHelper
Value Data: "C:\Program Files\iTunes\iTunesHelper.exe"
C:\Program Files\iTunes\iTunesHelper.exe
289064 bytes
Created: 30/07/2008
Modified: 30/07/2008
Company: Apple Inc.
--------------------
Value Name: NvCplDaemon
Value Data: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
C:\Windows\system32\NvCpl.dll
13535776 bytes
Created: 12/06/2008
Modified: 12/06/2008
Company: NVIDIA Corporation
--------------------
Value Name: NvMediaCenter
Value Data: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
C:\Windows\system32\NvMcTray.dll
92704 bytes
Created: 02/01/2008
Modified: 12/06/2008
Company: NVIDIA Corporation
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
909904 bytes
Created: 16/08/2008
Modified: 30/07/2008
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: DellSupportCenter
Value Data: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
202544 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company: SupportSoft, Inc.
--------------------
Value Name: ehTray.exe
Value Data: C:\Windows\ehome\ehTray.exe
C:\Windows\ehome\ehTray.exe
125440 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
--------------------
Value Name: CanalPlayer
Value Data: C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe
C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe [file not found to scan]
--------------------
Value Name: swg
Value Data: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
68856 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google Inc.
--------------------
Value Name: ISUSPM
Value Data: "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
218032 bytes
Created: 11/09/2006
Modified: 11/09/2006
Company: Macrovision Corporation
--------------------
Value Name: AlcoholAutomount
Value Data: "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
217544 bytes
Created: 20/03/2008
Modified: 20/03/2008
Company: Alcohol Soft Development Team
--------------------
Value Name: WindowsWelcomeCenter
Value Data: rundll32.exe oobefldr.dll,ShowWelcomeCenter
C:\Windows\system32\oobefldr.dll
2159104 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
--------------------
Value Name: SpybotSD TeaTimer
Value Data: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - this entry is globally excluded
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty

************************************************************
11:10:01: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {522E0112-EDD9-413D-A99E-C311A54B6676}
File: C:\Windows\system32\pmnNGwuT.dll
C:\Windows\system32\pmnNGwuT.dll - this registry value has been removed [file not found to scan]
HKCR\CLSID\{522E0112-EDD9-413D-A99E-C311A54B6676} - this key has been removed
----------

************************************************************
11:10:35: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
11:10:35: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\system32\STARWA~1.SCR
C:\Windows\system32\STARWA~1.SCR
2540251 bytes
Created: 29/02/2008
Modified: 29/02/2008
Company: Axialis Software
--------------------

************************************************************
11:10:37: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----

************************************************************
11:10:37: Scanning ----- SERVICEDLL REGISTRY KEYS -----
Key: BthServ
Path: %SystemRoot%\System32\bthserv.dll
C:\Windows\System32\bthserv.dll
39936 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
--------------------
Key: RapiMgr
Path: %windir%\WindowsMobile\rapimgr.dll
C:\Windows\WindowsMobile\rapimgr.dll
183688 bytes
Created: 31/05/2007
Modified: 31/05/2007
Company: Microsoft Corporation
--------------------
Key: WcesComm
Path: %windir%\WindowsMobile\wcescomm.dll
C:\Windows\WindowsMobile\wcescomm.dll
379784 bytes
Created: 31/05/2007
Modified: 31/05/2007
Company: Microsoft Corporation
--------------------

************************************************************
11:10:38: Scanning ----- SERVICES REGISTRY KEYS -----
Key: aawservice
ImagePath: "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
611664 bytes
Created: 12/05/2008
Modified: 16/08/2008
Company: Lavasoft
----------
Key: AdobeActiveFileMonitor6.0
ImagePath: C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
124832 bytes
Created: 11/09/2007
Modified: 11/09/2007
Company:
----------
Key: AlertService
ImagePath: "C:\Program Files\Intel\IntelDH\CCU\AlertService.exe"
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
223448 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: Apple Mobile Device
ImagePath: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
116040 bytes
Created: 22/07/2008
Modified: 22/07/2008
Company: Apple Inc.
----------
Key: aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
51280 bytes
Created: 16/05/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
16056 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: atapi
ImagePath: \SystemRoot\system32\drivers\atapi.sys
C:\Windows\system32\drivers\atapi.sys
21688 bytes
Created: 02/11/2006
Modified: 02/01/2008
Company: Microsoft Corporation
----------
Key: avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
147640 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
250040 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
348344 bytes
Created: 15/08/2008
Modified: 23/07/2008
Company: ALWIL Software
----------
Key: avg8emc
ImagePath: C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
873752 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: avg8wd
ImagePath: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
231192 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: AvgLdx86
ImagePath: \SystemRoot\System32\Drivers\avgldx86.sys
C:\Windows\System32\Drivers\avgldx86.sys
96520 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: AvgMfx86
ImagePath: \SystemRoot\System32\Drivers\avgmfx86.sys
C:\Windows\System32\Drivers\avgmfx86.sys
26824 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: AvgWfpX
ImagePath: \SystemRoot\System32\Drivers\avgwfpx.sys
C:\Windows\System32\Drivers\avgwfpx.sys
69128 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: BCM43XV
ImagePath: system32\DRIVERS\bcmwl6.sys
C:\Windows\system32\DRIVERS\bcmwl6.sys
464384 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Broadcom Corporation
----------
Key: blbdrive
ImagePath: \SystemRoot\system32\drivers\blbdrive.sys - file is missing - alert is globally excluded
----------
Key: Bonjour Service
ImagePath: "C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Program Files\Bonjour\mDNSResponder.exe
229376 bytes
Created: 24/07/2007
Modified: 24/07/2007
Company: Apple Inc.
----------
Key: BthEnum
ImagePath: system32\DRIVERS\BthEnum.sys
C:\Windows\system32\DRIVERS\BthEnum.sys
19456 bytes
Created: 11/06/2008
Modified: 29/04/2008
Company: Microsoft Corporation
----------
Key: BthPan
ImagePath: system32\DRIVERS\bthpan.sys
C:\Windows\system32\DRIVERS\bthpan.sys
92160 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: BTHPORT
ImagePath: System32\Drivers\BTHport.sys
C:\Windows\System32\Drivers\BTHport.sys
220160 bytes
Created: 11/06/2008
Modified: 29/04/2008
Company: Microsoft Corporation
----------
Key: BTHUSB
ImagePath: System32\Drivers\BTHUSB.sys
C:\Windows\System32\Drivers\BTHUSB.sys
29184 bytes
Created: 11/06/2008
Modified: 29/04/2008
Company: Microsoft Corporation
----------
Key: btwaudio
ImagePath: system32\drivers\btwaudio.sys
C:\Windows\system32\drivers\btwaudio.sys
79664 bytes
Created: 02/01/2008
Modified: 02/04/2007
Company: Broadcom Corporation.
----------
Key: btwavdt
ImagePath: system32\drivers\btwavdt.sys
C:\Windows\system32\drivers\btwavdt.sys
80688 bytes
Created: 02/01/2008
Modified: 02/04/2007
Company: Broadcom Corporation.
----------
Key: btwrchid
ImagePath: system32\DRIVERS\btwrchid.sys
C:\Windows\system32\DRIVERS\btwrchid.sys
16432 bytes
Created: 02/01/2008
Modified: 02/04/2007
Company: Broadcom Corporation.
----------
Key: DHTRACE
ImagePath: C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
39640 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: DQLWinService
ImagePath: "C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe"
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
208896 bytes
Created: 12/02/2007
Modified: 12/02/2007
Company:
----------
Key: e1express
ImagePath: system32\DRIVERS\e1e6032.sys
C:\Windows\system32\DRIVERS\e1e6032.sys
228224 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: Intel Corporation
----------
Key: EMSUSB2
ImagePath: system32\DRIVERS\EMSUSB2.sys
C:\Windows\system32\DRIVERS\EMSUSB2.sys
9728 bytes
Created: 27/07/2008
Modified: 03/01/2007
Company:
----------
Key: FLEXnet Licensing Service
ImagePath: "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
654848 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Macrovision Europe Ltd.
----------
Key: fssfltr
ImagePath: system32\DRIVERS\fssfltr.sys
C:\Windows\system32\DRIVERS\fssfltr.sys
43816 bytes
Created: 09/01/2008
Modified: 17/10/2007
Company: Microsoft Corporation
----------
Key: fsssvc
ImagePath: "C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe"
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
523816 bytes
Created: 17/12/2007
Modified: 17/12/2007
Company: Microsoft Corporation
----------
Key: GoogleDesktopManager
ImagePath: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
1838592 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------
Key: gusvc
ImagePath: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
138168 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------
Key: IAANTMON
ImagePath: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
358936 bytes
Created: 02/01/2008
Modified: 26/07/2007
Company: Intel Corporation
----------
Key: iaStor
ImagePath: system32\drivers\iastor.sys
C:\Windows\system32\drivers\iastor.sys
305688 bytes
Created: 02/01/2008
Modified: 29/08/2007
Company: Intel Corporation
----------
Key: IDriverT
ImagePath: "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
73728 bytes
Created: 22/10/2004
Modified: 22/10/2004
Company: Macrovision Corporation
----------
Key: IntelDH
ImagePath: System32\Drivers\IntelDH.sys
C:\Windows\System32\Drivers\IntelDH.sys
5632 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Intel Corporation
----------
Key: IpInIp
ImagePath: system32\DRIVERS\ipinip.sys - file is missing - alert is globally excluded
----------
Key: ISSM
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
59096 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: M1 Server
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
268504 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company:
----------
Key: MCLServiceATL
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
157912 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: msiserver
ImagePath: %systemroot%\system32\msiexec /V
----------
Key: NMSCore
ImagePath: "C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe"
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
317656 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: nmsunidr
ImagePath: system32\DRIVERS\nmsunidr.sys
C:\Windows\system32\DRIVERS\nmsunidr.sys
-S- 5376 bytes
Created: 18/02/2007
Modified: 18/02/2007
Company: Gteko Ltd.
----------
Key: nvsvc
ImagePath: %SystemRoot%\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
118784 bytes
Created: 12/06/2008
Modified: 12/06/2008
Company: NVIDIA Corporation
----------
Key: NwlnkFlt
ImagePath: system32\DRIVERS\nwlnkflt.sys - file is missing - alert is globally excluded
----------
Key: NwlnkFwd
ImagePath: system32\DRIVERS\nwlnkfwd.sys - file is missing - alert is globally excluded
----------
Key: phaudlwr
ImagePath: system32\DRIVERS\phaudlwr.sys
C:\Windows\system32\DRIVERS\phaudlwr.sys
88704 bytes
Created: 07/05/2008
Modified: 07/05/2008
Company: Philips Applied Technologies
----------
Key: pmxmouse
ImagePath: system32\DRIVERS\pmxmouse.sys
C:\Windows\system32\DRIVERS\pmxmouse.sys
18432 bytes
Created: 02/01/2008
Modified: 01/06/2007
Company: Primax Electronics Ltd.
----------
Key: pmxusblf
ImagePath: system32\DRIVERS\pmxusblf.sys
C:\Windows\system32\DRIVERS\pmxusblf.sys
19008 bytes
Created: 02/01/2008
Modified: 24/05/2007
Company: Primax Electronics Ltd.
----------
Key: QualityManager
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
272600 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: Remote UI Service
ImagePath: "C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe"
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
446680 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company: Intel(R) Corporation
----------
Key: RFCOMM
ImagePath: system32\DRIVERS\rfcomm.sys
C:\Windows\system32\DRIVERS\rfcomm.sys
49664 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: RoxMediaDB9
ImagePath: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
1010160 bytes
Created: 06/09/2007
Modified: 06/09/2007
Company: Sonic Solutions
----------
Key: Serenum
ImagePath: \SystemRoot\system32\drivers\serenum.sys
C:\Windows\system32\drivers\serenum.sys
17920 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: Serial
ImagePath: \SystemRoot\system32\drivers\serial.sys
C:\Windows\system32\drivers\serial.sys
83456 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: sfdrv01
ImagePath: System32\drivers\sfdrv01.sys
C:\Windows\System32\drivers\sfdrv01.sys
59256 bytes
Created: 05/07/2006
Modified: 05/07/2006
Company: Protection Technology (StarForce)
----------
Key: sfhlp02
ImagePath: System32\drivers\sfhlp02.sys
C:\Windows\System32\drivers\sfhlp02.sys
13680 bytes
Created: 14/06/2006
Modified: 14/06/2006
Company: Protection Technology (StarForce)
----------
Key: sfsync03
ImagePath: System32\drivers\sfsync03.sys
C:\Windows\System32\drivers\sfsync03.sys
35328 bytes
Created: 06/12/2005
Modified: 06/12/2005
Company: Protection Technology
----------
Key: sfvfs02
ImagePath: System32\drivers\sfvfs02.sys
C:\Windows\System32\drivers\sfvfs02.sys
83320 bytes
Created: 08/02/2007
Modified: 08/02/2007
Company: Protection Technology (StarForce)
----------
Key: SPC520
ImagePath: system32\drivers\SPC520.sys
C:\Windows\system32\drivers\SPC520.sys
483328 bytes
Created: 16/08/2008
Modified: 01/10/2007
Company: Philips
----------
Key: SPC520m
ImagePath: system32\drivers\SPC520m.sys
C:\Windows\system32\drivers\SPC520m.sys
7680 bytes
Created: 16/08/2008
Modified: 01/10/2007
Company: Philips
----------
Key: sprtsvc_dellsupportcenter
ImagePath: C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
202544 bytes
Created: 15/11/2007
Modified: 15/11/2007
Company: SupportSoft, Inc.
----------
Key: sptd
ImagePath: System32\Drivers\sptd.sys - this file is globally excluded
----------
Key: STacSV
ImagePath: C:\Windows\system32\STacSV.exe
C:\Windows\system32\STacSV.exe
94208 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: SigmaTel, Inc.
----------
Key: StarWindServiceAE
ImagePath: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
275968 bytes
Created: 28/05/2007
Modified: 28/05/2007
Company: Rocket Division Software
----------
Key: STHDA
ImagePath: system32\drivers\stwrt.sys
C:\Windows\system32\drivers\stwrt.sys
326656 bytes
Created: 02/01/2008
Modified: 12/09/2007
Company: SigmaTel, Inc.
----------
Key: stllssvr
ImagePath: "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
-R- 69632 bytes
Created: 11/07/2007
Modified: 11/07/2007
Company: MicroVision Development, Inc.
----------
Key: TSHWMDTCP
ImagePath: \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys
14552 bytes
Created: 27/06/2007
Modified: 27/06/2007
Company:
----------
Key: usnjsvc
ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
C:\Program Files\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18/10/2007
Modified: 18/10/2007
Company: Microsoft Corporation
----------
Key: WinUsb
ImagePath: system32\DRIVERS\WinUSB.SYS
C:\Windows\system32\DRIVERS\WinUSB.SYS
31616 bytes
Created: 02/11/2006
Modified: 02/11/2006
Company: Microsoft Corporation
----------
Key: WLSetupSvc
ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25/10/2007
Modified: 25/10/2007
Company: Microsoft Corporation
----------

************************************************************
11:10:51: Scanning -----VXD ENTRIES-----

************************************************************
11:10:51: Scanning ----- WINLOGON\NOTIFY DLLS -----
No WINLOGON\NOTIFY DLLs found to scan

************************************************************
11:10:51: Scanning ----- CONTEXTMENUHANDLERS -----
Key: ALZip
CLSID: {4EB37360-49E8-11D3-95B5-004033382980}
Path: C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll
C:\PROGRA~1\ESTsoft\ALZip\AZCTM.dll
471552 bytes
Created: 03/07/2007
Modified: 03/07/2007
Company: ESTsoft
----------
Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
73912 bytes
Created: 15/08/2008
Modified: 19/07/2008
Company: ALWIL Software
----------
Key: AVG8 Shell Extension
CLSID: {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
Path: C:\Program Files\AVG\AVG8\avgse.dll
C:\Program Files\AVG\AVG8\avgse.dll
99608 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------

************************************************************
11:10:51: Scanning ----- FOLDER\COLUMNHANDLERS -----

************************************************************
11:10:51: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
62080 bytes
Created: 23/10/2006
Modified: 23/10/2006
Company: Adobe Systems Incorporated
----------
Key: {2E03C0FD-4C48-43A7-9A54-00240C70FF16}
BHO: C:\Windows\system32\BhoECart.dll
C:\Windows\system32\BhoECart.dll
139264 bytes
Created: 31/10/2003
Modified: 31/10/2003
Company: Orbiscom Ltd. All rights reserved.
----------
Key: {3049C3E9-B461-4BC5-8870-4C09146192CA}
BHO: C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
370296 bytes
Created: 27/01/2008
Modified: 27/01/2008
Company: RealPlayer
----------
Key: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
BHO: C:\Program Files\AVG\AVG8\avgssie.dll
C:\Program Files\AVG\AVG8\avgssie.dll
455960 bytes
Created: 27/05/2008
Modified: 05/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
Key: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}
BHO: C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
56360 bytes
Created: 17/12/2007
Modified: 17/12/2007
Company: Microsoft Corporation
----------
Key: {53707962-6F74-2D53-2644-206D7942484F}
BHO: C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
1562448 bytes
Created: 15/08/2008
Modified: 07/07/2008
Company: Safer Networking Limited
----------
Key: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
BHO: c:\Program Files\Java\jre1.6.0\bin\ssv.dll
c:\Program Files\Java\jre1.6.0\bin\ssv.dll
501384 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Sun Microsystems, Inc.
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
328752 bytes
Created: 20/09/2007
Modified: 20/09/2007
Company: Microsoft Corporation
----------
Key: {A057A204-BACC-4D26-9990-79A187E2698E}
BHO: C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
2055960 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG, Technologies CZ, s.r.o
----------
Key: {AA58ED58-01DD-4d91-8333-CF10577473F7}
BHO: c:\program files\google\googletoolbar2.dll
c:\program files\google\googletoolbar2.dll
-R- 2582136 bytes
Created: 16/05/2008
Modified: 16/05/2008
Company: Google Inc.
----------
Key: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
BHO: C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
325048 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
----------
Key: {CA6319C0-31B7-401E-A518-A07C3DB8F777}
BHO: C:\Program Files\Dell\BAE\BAE.dll
C:\Program Files\Dell\BAE\BAE.dll
98304 bytes
Created: 09/11/2006
Modified: 09/11/2006
Company: Dell Inc.
----------

************************************************************
11:10:52: Scanning ----- SHELLSERVICEOBJECTS -----

************************************************************
11:10:52: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
11:10:52: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
11:10:52: Scanning ----- APPINIT_DLLS -----
AppInitDLLs entry = [C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL]
File: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
145408 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------
File: avgrsstx.dll
C:\Windows\system32\avgrsstx.dll
10520 bytes
Created: 27/05/2008
Modified: 03/07/2008
Company: AVG Technologies CZ, s.r.o.
----------
File: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
145408 bytes
Created: 02/01/2008
Modified: 02/01/2008
Company: Google
----------

************************************************************
11:10:53: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
11:10:53: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
715568 bytes
Created: 13/02/2007
Modified: 13/02/2007
Company: Broadcom Corporation.
BTTray.lnk - links to C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
--------------------
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 02/11/2006
Modified: 10/07/2008
Company:
--------------------
C:\Windows\VPro520.exe
73728 bytes
Created: 14/01/2008
Modified: 06/04/2007
Company: Philips
VPro520.lnk - links to C:\Windows\VPro520.exe
--------------------

************************************************************
11:10:53: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: Invité
[C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 18/07/2008
Modified: 18/07/2008
Company:
----------
--------------------
Checking Startup Group for: maxime
[C:\Users\maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 05/01/2008
Modified: 05/01/2008
Company:
----------
--------------------

************************************************************
11:10:53: Scanning ----- SCHEDULED TASKS -----
Taskname: Vérifier les mises à jour de Windows Live Toolbar.job
File: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
99856 bytes
Created: 19/10/2007
Modified: 19/10/2007
Company: Microsoft Corporation
Parameters: [blank]
Next Run Time: 16/08/2008 11:38:00
Status: La tâche n'a pas encore été exécutée
Creator: maxime
Comments: [blank]
----------

************************************************************
11:10:53: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
No ShellIconOverlayIdentifiers Registry key found to scan

************************************************************
11:10:53: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\maxime\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
C:\Users\maxime\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
2273454 bytes
Created: 28/06/2008
Modified: 28/06/2008
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
C:\Users\maxime\Pictures\2008-07-02 Mariage Xavier Delphine 28 juin 2008\Mariage Xavier Delphine 28 juin 2008 059.JPG
2273454 bytes
Created: 28/06/2008
Modified: 28/06/2008
Company:
----------
Additional checks completed

************************************************************
11:10:54: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\wininit.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\services.exe
--------------------
C:\Windows\system32\lsass.exe
--------------------
C:\Windows\system32\lsm.exe
--------------------
C:\Windows\system32\winlogon.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\SLsvc.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\WUDFHost.exe
--------------------
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
--------------------
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashServ.exe
--------------------
C:\Windows\System32\spoolsv.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\Dwm.exe
--------------------
C:\Windows\Explorer.EXE
--------------------
C:\Program Files\Windows Defender\MSASCui.exe
--------------------
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
--------------------
C:\Windows\WindowsMobile\wmdc.exe
--------------------
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
--------------------
C:\Windows\System32\ico.exe
--------------------
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
--------------------
C:\Windows\System32\Pmxmiced.exe
--------------------
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
--------------------
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
--------------------
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
--------------------
C:\Program Files\TF1Vision\TF1vision.exe
--------------------
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\AGEIA Technologies\TrayIcon.exe
--------------------
C:\Program Files\iTunes\iTunesHelper.exe
--------------------
C:\Windows\ehome\ehtray.exe
--------------------
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
--------------------
C:\Windows\ehome\ehmsas.exe
--------------------
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
--------------------
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
--------------------
C:\Windows\VPro520.exe
--------------------
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
--------------------
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
--------------------
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
--------------------
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--------------------
C:\Program Files\Bonjour\mDNSResponder.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
--------------------
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
--------------------
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
--------------------
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
--------------------
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
--------------------
C:\Windows\system32\STacSV.exe
--------------------
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
--------------------
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\System32\svchost.exe
--------------------
C:\Windows\system32\SearchIndexer.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
--------------------
C:\Windows\system32\WUDFHost.exe
--------------------
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
--------------------
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
--------------------
C:\PROGRA~1\AVG\AVG8\avgemc.exe
--------------------
C:\Program Files\Windows Media Player\wmplayer.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Program Files\iPod\bin\iPodService.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
--------------------
C:\Program Files\Windows Mail\WindowsMailGadget.exe
--------------------
C:\Program Files\Windows Mail\WinMail.exe
--------------------
C:\Windows\system32\nvvsvc.exe
--------------------
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
--------------------
C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize: 2540096
[This is a Trojan Remover component]
--------------------
--------------------
C:\Windows\system32\conime.exe
--------------------

************************************************************
11:10:57: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://www.msn.com/fr-fr
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 11:10:57 16 août 2008
************************************************************
0
Réponse 15 / 61
Utilisateur anonyme
 
c bisard j ai rien vu refait un scan une fois terminé tu as une page avec 3 onglet clic sur le 2 eme et regarde dedans si il y a quelque chose et clic sur les petit carrer et supprime tout
0
Réponse 16 / 61
anankronik Messages postés 39 Statut Membre
 
yann, j'ai refait un scan mais il ne trouve pas de virus. Ecoute, c'est Bizzare car quand j'ai éteint mon ordi hier soir j'avais toujours un message de AVG8.0 comme quoi j'étais infecté, mais depuis ce matin j'ai plus de message. Ce que je vais faire c'est que je vais refaire des scans avec les différents anti-virus que j'ai et ensuite si je vois que j'ai encore un Trojanhorse je te recontactes.

Encore merci pour ton aide.
0
Réponse 17 / 61
Utilisateur anonyme
 
avg8 te la peut etre effacer tous simplement si tu n a plus de virus te prend pas la tete
0
Réponse 18 / 61
anankronik Messages postés 39 Statut Membre
 
OK, mais j'aurais une autre petite question :

Peux tu me dire si c'est bien d'avoir plusieurs anti-virus, est ce que cela n'empêches pas que les anti-virus se bouffe entre eux et laisse passer des virus quand même.
0
Réponse 19 / 61
Utilisateur anonyme
 
tu as combien d anti virus? et oui effectivement c pas bon
0
Réponse 20 / 61
anankronik Messages postés 39 Statut Membre
 
J'ai avast que je désactive toujours (c'était mon premier anti virus), j'ai AVG8.0 que j'avais télécharger en deuxième car j'avais déjà été infecté et avast n'arrivait pas à m'éradiquer le virus, c'est sur un forum que l'on m'avait conseillé de le télécharger. Je voulais désinstaller un des deux mais le soucis est que j'ai des dossiers en quarantaine dans les 2 anti-virus et je sias pas si c'est bien de les désinstaller avec ces dossiers en quarantaine. Mais saches que cela fait un mois qu'ils sont en quarantaine et que mon ordi fontionne bien.

Ensuite depuis hier, suite à l'infection de mon ordi par le virus, comme AVG ne pouvait pas enlever le trojanhorse, et suite aux conseils de sécurité de la revue officiel de WINDOWS VISTA, ils me conseillais d'installer spybot et AD-AWARE 2008 en parallèle car c'est un logiciel anti-virus qui ne fonctionne pas en temps réel. Mais c'est bizarre car ensuite ils mettais de mettre aussi avast.

Qu'en penses tu car je sui un peu perdus ?
0

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
qu'est ce qu'un "trojan agent/gen" ? svp
Saber03 -
jacques.gache -

33 réponses
Comment enlever mon virus trojan:win32/si...
bryanoulet -
juju666 -

58 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses