Infostealer.daonol
Dernière réponse : dans Sécurité
Bonjour,
J'ai apparement été contaminé par infostealer.daonol.
A chaque fois, j'ai ma page de démarrage qui est autre que celle que j'ai choisie. N'étant pas doué en info, j'y comprend vraiment rien.
Si qqn pouvait m'expliqer ce qu'il y a lieu de faire avec des mots "simples" ce serait super sympa.
D'avance merci à tout ceux qui pourront j espère résoudre mon problème.
Voici le rapport de hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:32, on 31/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\advhost.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\advhost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bernard\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\adlaunch32.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
--
End of file - 9493 bytes
J'ai apparement été contaminé par infostealer.daonol.
A chaque fois, j'ai ma page de démarrage qui est autre que celle que j'ai choisie. N'étant pas doué en info, j'y comprend vraiment rien.
Si qqn pouvait m'expliqer ce qu'il y a lieu de faire avec des mots "simples" ce serait super sympa.
D'avance merci à tout ceux qui pourront j espère résoudre mon problème.
Voici le rapport de hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:32, on 31/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\advhost.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\advhost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bernard\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\adlaunch32.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
--
End of file - 9493 bytes
Autres pages sur : infostealer daonol
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Bonjour Destrio,
Voilà, j'ai fait ce que tu m'as demamdé et oh miracle, j'ai compris ;-)
Voici le rapport. Merci d'avance
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2207
Windows 5.1.2600 Service Pack 2
1/06/2009 16:53:16
mbam-log-2009-06-01 (16-53-16).txt
Type de recherche: Examen rapide
Eléments examinés: 92406
Temps écoulé: 5 minute(s), 59 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
C:\WINDOWS\system32\advhost.exe (IM.Worm) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\adlaunch32.dll (IM.Worm) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux (Trojan.JSRedir.H) -> Bad: (C:\DOCUME~1\Bernard\LOCALS~1\Temp\..\gis.wvc) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (IM.Worm) -> Data: c:\windows\system32\adlaunch32.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\adlaunch32.dll (IM.Worm) -> Delete on reboot.
C:\WINDOWS\system32\advhost.exe (IM.Worm) -> Delete on reboot.
Voilà, j'ai fait ce que tu m'as demamdé et oh miracle, j'ai compris ;-)
Voici le rapport. Merci d'avance
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2207
Windows 5.1.2600 Service Pack 2
1/06/2009 16:53:16
mbam-log-2009-06-01 (16-53-16).txt
Type de recherche: Examen rapide
Eléments examinés: 92406
Temps écoulé: 5 minute(s), 59 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
C:\WINDOWS\system32\advhost.exe (IM.Worm) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\adlaunch32.dll (IM.Worm) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux (Trojan.JSRedir.H) -> Bad: (C:\DOCUME~1\Bernard\LOCALS~1\Temp\..\gis.wvc) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (IM.Worm) -> Data: c:\windows\system32\adlaunch32.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\adlaunch32.dll (IM.Worm) -> Delete on reboot.
C:\WINDOWS\system32\advhost.exe (IM.Worm) -> Delete on reboot.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Je crois que c ceci si j'ai bien suivi...
Logfile of random's system information tool 1.06 (written by random/random)
Run by Bernard at 2009-06-01 20:44:27
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 3 GB (4%) free of 74 GB
Total RAM: 447 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:44:42, on 1/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Bernard\Bureau\RSIT.exe
C:\Program Files\trend micro\Bernard.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
--
End of file - 9425 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
""= []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592]
"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 []
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]
"Antivirus"=C:\Program Files\VAV\vav.exe []
"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*![:D]( ":D")
isabled:LimeWire"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*![:D]( ":D")
isabled:Internet Explorer"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*![:D]( ":D")
isabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro
2009-06-01 20:44:27 ----D---- C:\rsit
2009-06-01 16:58:18 ----D---- C:\WINDOWS\LastGood
2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes
2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss
2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump
2009-05-31 17:45:32 ----SHD---- C:\FOUND.002
2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec
2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar
2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security
2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller
2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
======List of files/folders modified in the last 1 months======
2009-06-01 16:58:18 ----N---- C:\WINDOWS\system32\eRLog.ini
2009-06-01 16:57:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-31 22:33:58 ----A---- C:\WINDOWS\win.ini
2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090528.001\IDSxpx86.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVEX15.SYS []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144]
R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841]
R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Bernard at 2009-06-01 20:44:27
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 3 GB (4%) free of 74 GB
Total RAM: 447 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:44:42, on 1/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Bernard\Bureau\RSIT.exe
C:\Program Files\trend micro\Bernard.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
--
End of file - 9425 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
""= []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592]
"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 []
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]
"Antivirus"=C:\Program Files\VAV\vav.exe []
"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*
isabled:LimeWire""C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*
isabled:Internet Explorer""C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*
isabled:Exécuter une DLL en tant qu'application""C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro
2009-06-01 20:44:27 ----D---- C:\rsit
2009-06-01 16:58:18 ----D---- C:\WINDOWS\LastGood
2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes
2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss
2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump
2009-05-31 17:45:32 ----SHD---- C:\FOUND.002
2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec
2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar
2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security
2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller
2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
======List of files/folders modified in the last 1 months======
2009-06-01 16:58:18 ----N---- C:\WINDOWS\system32\eRLog.ini
2009-06-01 16:57:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-31 22:33:58 ----A---- C:\WINDOWS\win.ini
2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090528.001\IDSxpx86.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVEX15.SYS []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144]
R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841]
R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
1/
Lance ce fichier : C:\Program Files\trend micro\Bernard.exe
Choisis Do a system scan only.
Coche les cases qui sont devant les lignes suivantes :
Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
Ferme HijackThis.
2/
Télécharge OTM (OldTimer) sur ton Bureau.
Double-clique sur OTM.exe afin de le lancer.
Copie (Ctrl+C) le texte suivant ci-dessous :
Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTM.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
2/
:processes
explorer.exe
:files
C:\Program Files\VAV
:commands
[purity]
[emptytemp]
[reboot]
explorer.exe
:files
C:\Program Files\VAV
:commands
[purity]
[emptytemp]
[reboot]
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Sorry pour le décalage mais bcp de boulot...
J espère que c le bon rapport car je pense avoir fait une fausse manoeuvre.
========= PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Program Files\VAV not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Bernard\LOCALS~1\Temp\JETA920.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bernard\LOCALS~1\Temp\~DF6370.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\01[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\287642-11-infostealer-daonol[1] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\InboxLight[1].aspx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\287642-11-infostealer-daonol[1] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\JETC4B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETA3CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_ef8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JET5C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\RMS5D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\RMS5E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JET46A.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Error: Unable to interpret <Logfile of random's system information tool 1.06 (written by random/random) > in the current context!
Error: Unable to interpret <Run by Bernard at 2009-06-01 20:44:27 > in the current context!
Error: Unable to interpret <Microsoft Windows XP Édition familiale Service Pack 2 > in the current context!
Error: Unable to interpret <System drive C: has 3 GB (4%) free of 74 GB > in the current context!
Error: Unable to interpret <Total RAM: 447 MB (25% free) > in the current context!
Error: Unable to interpret <Logfile of Trend Micro HijackThis v2.0.2 > in the current context!
Error: Unable to interpret <Scan saved at 20:44:42, on 1/06/2009 > in the current context!
Error: Unable to interpret <Platform: Windows XP SP2 (WinNT 5.01.2600) > in the current context!
Error: Unable to interpret <MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) > in the current context!
Error: Unable to interpret <Boot mode: Normal > in the current context!
Error: Unable to interpret <Running processes: > in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\smss.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\winlogon.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\services.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\lsass.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\svchost.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\spoolsv.exe > in the current context!
Error: Unable to interpret <C:\Program Files\acer\Acer eConsole\MediaServerService.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\svchost.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE > in the current context!
Error: Unable to interpret <C:\WINDOWS\Explorer.EXE > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\wscntfy.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\SOUNDMAN.EXE > in the current context!
Error: Unable to interpret <C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Acer\eRecovery\Monitor.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\VTTimer.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\VTtrayp.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Acer\Acer eMode Management\AspireService.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Acer\Acer eConsole\MediaSync.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\RunDLL32.exe > in the current context!
Error: Unable to interpret <C:\Program Files\ASUS\WLAN Card Utilities\Center.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\ctfmon.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Messenger\msmsgs.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Creative\Shared Files\CamTray.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Windows Media Player\WMPNSCFG.exe > in the current context!
Error: Unable to interpret <C:\Program Files\TomTom HOME 2\HOMERunner.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Internet Explorer\iexplore.exe > in the current context!
Error: Unable to interpret <C:\Program Files\MSN Messenger\msnmsgr.exe > in the current context!
Error: Unable to interpret <C:\Documents and Settings\Bernard\Bureau\RSIT.exe > in the current context!
Error: Unable to interpret <C:\Program Files\trend micro\Bernard.exe > in the current context!
Error: Unable to interpret <R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php > in the current context!
Error: Unable to interpret <R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php > in the current context!
Error: Unable to interpret <R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens > in the current context!
Error: Unable to interpret <O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL > in the current context!
Error: Unable to interpret <O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) > in the current context!
Error: Unable to interpret <O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll > in the current context!
Error: Unable to interpret <O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [LaunchApp] Alaunch > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [VTTimer] VTTimer.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU" > in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') > in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') > in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') > in the current context!
Error: Unable to interpret <O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199 > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199 > in the current context!
Error: Unable to interpret <O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
Error: Unable to interpret <O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL > in the current context!
Error: Unable to interpret <O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe > in the current context!
Error: Unable to interpret <O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe > in the current context!
Error: Unable to interpret <O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url= > in the current context!
Error: Unable to interpret <O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url= > in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22 > in the current context!
Error: Unable to interpret <O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
Error: Unable to interpret <O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll > in the current context!
Error: Unable to interpret <O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe > in the current context!
Error: Unable to interpret <O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe > in the current context!
Error: Unable to interpret <O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
Error: Unable to interpret <-- > in the current context!
Error: Unable to interpret <End of file - 9425 bytes > in the current context!
Error: Unable to interpret <======Scheduled tasks folder====== > in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job > in the current context!
Error: Unable to interpret <======Registry dump====== > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] > in the current context!
Error: Unable to interpret <Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] > in the current context!
Error: Unable to interpret <Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] > in the current context!
Error: Unable to interpret <Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] > in the current context!
Error: Unable to interpret <SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] > in the current context!
Error: Unable to interpret <Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] > in the current context!
Error: Unable to interpret <Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] > in the current context!
Error: Unable to interpret <Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] > in the current context!
Error: Unable to interpret <Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] > in the current context!
Error: Unable to interpret <Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] > in the current context!
Error: Unable to interpret <EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] > in the current context!
Error: Unable to interpret <{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112] > in the current context!
Error: Unable to interpret <{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] > in the current context!
Error: Unable to interpret <{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] > in the current context!
Error: Unable to interpret <{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696] > in the current context!
Error: Unable to interpret <{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] > in the current context!
Error: Unable to interpret <"LaunchApp"=Alaunch [] > in the current context!
Error: Unable to interpret <"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824] > in the current context!
Error: Unable to interpret <"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056] > in the current context!
Error: Unable to interpret <""= [] > in the current context!
Error: Unable to interpret <"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768] > in the current context!
Error: Unable to interpret <"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952] > in the current context!
Error: Unable to interpret <"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392] > in the current context!
Error: Unable to interpret <"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] > in the current context!
Error: Unable to interpret <"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] > in the current context!
Error: Unable to interpret <"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256] > in the current context!
Error: Unable to interpret <"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248] > in the current context!
Error: Unable to interpret <"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360] > in the current context!
Error: Unable to interpret <"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263] > in the current context!
Error: Unable to interpret <"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592] > in the current context!
Error: Unable to interpret <"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888] > in the current context!
Error: Unable to interpret <"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816] > in the current context!
Error: Unable to interpret <"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] > in the current context!
Error: Unable to interpret <"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 [] > in the current context!
Error: Unable to interpret <"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280] > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] > in the current context!
Error: Unable to interpret <"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] > in the current context!
Error: Unable to interpret <"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] > in the current context!
Error: Unable to interpret <"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048] > in the current context!
Error: Unable to interpret <"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856] > in the current context!
Error: Unable to interpret <"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] > in the current context!
Error: Unable to interpret <"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184] > in the current context!
Error: Unable to interpret <"Antivirus"=C:\Program Files\VAV\vav.exe [] > in the current context!
Error: Unable to interpret <"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] > in the current context!
Error: Unable to interpret <WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] > in the current context!
Error: Unable to interpret <"dontdisplaylastusername"=0 > in the current context!
Error: Unable to interpret <"legalnoticecaption"= > in the current context!
Error: Unable to interpret <"legalnoticetext"= > in the current context!
Error: Unable to interpret <"shutdownwithoutlogon"=1 > in the current context!
Error: Unable to interpret <"undockwithoutlogon"=1 > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] > in the current context!
Error: Unable to interpret <"NoDriveTypeAutoRun"=145 > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] > in the current context!
Error: Unable to interpret <"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" > in the current context!
Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" > in the current context!
Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole" > in the current context!
Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" > in the current context!
Error: Unable to interpret <"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*isabled:LimeWire" > in the current context!
Error: Unable to interpret <"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*isabled:Internet Explorer" > in the current context!
Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" > in the current context!
Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" > in the current context!
Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" > in the current context!
Error: Unable to interpret <"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed" > in the current context!
Error: Unable to interpret <"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*isabled:Exécuter une DLL en tant qu'application" > in the current context!
Error: Unable to interpret <"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" > in the current context!
Error: Unable to interpret <"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] > in the current context!
Error: Unable to interpret <"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" > in the current context!
Error: Unable to interpret <"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}] > in the current context!
Error: Unable to interpret <shell\AutoRun\command - F:\InstallTomTomHOME.exe > in the current context!
Error: Unable to interpret <======List of files/folders created in the last 1 months====== > in the current context!
Error: Unable to interpret <2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro > in the current context!
Error: Unable to interpret <2009-06-01 20:44:27 ----D---- C:\rsit > in the current context!
Error: Unable to interpret <2009-06-01 16:58:18 ----D---- C:\WINDOWS\LastGood > in the current context!
Error: Unable to interpret <2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes > in the current context!
Error: Unable to interpret <2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes > in the current context!
Error: Unable to interpret <2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware > in the current context!
Error: Unable to interpret <2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss > in the current context!
Error: Unable to interpret <2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump > in the current context!
Error: Unable to interpret <2009-05-31 17:45:32 ----SHD---- C:\FOUND.002 > in the current context!
Error: Unable to interpret <2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL > in the current context!
Error: Unable to interpret <2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec > in the current context!
Error: Unable to interpret <2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared > in the current context!
Error: Unable to interpret <2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar > in the current context!
Error: Unable to interpret <2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security > in the current context!
Error: Unable to interpret <2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton > in the current context!
Error: Unable to interpret <2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller > in the current context!
Error: Unable to interpret <2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller > in the current context!
Error: Unable to interpret <======List of files/folders modified in the last 1 months====== > in the current context!
Error: Unable to interpret <2009-06-01 16:58:18 ----N---- C:\WINDOWS\system32\eRLog.ini > in the current context!
Error: Unable to interpret <2009-06-01 16:57:04 ----A---- C:\WINDOWS\SchedLgU.Txt > in the current context!
Error: Unable to interpret <2009-05-31 22:33:58 ----A---- C:\WINDOWS\win.ini > in the current context!
Error: Unable to interpret <2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini > in the current context!
Error: Unable to interpret <======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== > in the current context!
Error: Unable to interpret <R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608] > in the current context!
Error: Unable to interpret <R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352] > in the current context!
Error: Unable to interpret <R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] > in the current context!
Error: Unable to interpret <R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090528.001\IDSxpx86.sys [] > in the current context!
Error: Unable to interpret <R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS [] > in the current context!
Error: Unable to interpret <R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392] > in the current context!
Error: Unable to interpret <R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952] > in the current context!
Error: Unable to interpret <R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys [] > in the current context!
Error: Unable to interpret <R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781] > in the current context!
Error: Unable to interpret <R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] > in the current context!
Error: Unable to interpret <R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680] > in the current context!
Error: Unable to interpret <R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS [] > in the current context!
Error: Unable to interpret <R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] > in the current context!
Error: Unable to interpret <R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] > in the current context!
Error: Unable to interpret <R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] > in the current context!
Error: Unable to interpret <R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVENG.SYS [] > in the current context!
Error: Unable to interpret <R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVEX15.SYS [] > in the current context!
Error: Unable to interpret <R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144] > in the current context!
Error: Unable to interpret <R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841] > in the current context!
Error: Unable to interpret <R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544] > in the current context!
Error: Unable to interpret <R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496] > in the current context!
Error: Unable to interpret <R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760] > in the current context!
Error: Unable to interpret <R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] > in the current context!
Error: Unable to interpret <R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776] > in the current context!
Error: Unable to interpret <R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736] > in the current context!
Error: Unable to interpret <R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400] > in the current context!
Error: Unable to interpret <R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296] > in the current context!
Error: Unable to interpret <R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] > in the current context!
Error: Unable to interpret <R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] > in the current context!
Error: Unable to interpret <R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] > in the current context!
Error: Unable to interpret <R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] > in the current context!
Error: Unable to interpret <R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] > in the current context!
Error: Unable to interpret <R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] > in the current context!
Error: Unable to interpret <R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480] > in the current context!
Error: Unable to interpret <R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544] > in the current context!
Error: Unable to interpret <S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] > in the current context!
Error: Unable to interpret <S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600] > in the current context!
Error: Unable to interpret <S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] > in the current context!
Error: Unable to interpret <S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] > in the current context!
Error: Unable to interpret <S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] > in the current context!
Error: Unable to interpret <S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] > in the current context!
Error: Unable to interpret <S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] > in the current context!
Error: Unable to interpret <S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] > in the current context!
Error: Unable to interpret <S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136] > in the current context!
Error: Unable to interpret <S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] > in the current context!
Error: Unable to interpret <S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360] > in the current context!
Error: Unable to interpret <S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS [] > in the current context!
Error: Unable to interpret <S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400] > in the current context!
Error: Unable to interpret <S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS [] > in the current context!
Error: Unable to interpret <S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] > in the current context!
Error: Unable to interpret <S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] > in the current context!
Error: Unable to interpret <S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] > in the current context!
Error: Unable to interpret <S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] > in the current context!
Error: Unable to interpret <======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== > in the current context!
Error: Unable to interpret <R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368] > in the current context!
Error: Unable to interpret <R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] > in the current context!
Error: Unable to interpret <R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560] > in the current context!
Error: Unable to interpret <R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] > in the current context!
Error: Unable to interpret <R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] > in the current context!
Error: Unable to interpret <S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800] > in the current context!
Error: Unable to interpret <S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] > in the current context!
Error: Unable to interpret <S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] > in the current context!
Error: Unable to interpret <S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768] > in the current context!
Error: Unable to interpret <S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] > in the current context!
Error: Unable to interpret <S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] > in the current context!
Error: Unable to interpret <-----------------EOF----------------- > in the current context!
OTM by OldTimer - Version 2.1.0.0 log created on 06022009_223305
Files moved on Reboot...
File C:\DOCUME~1\Bernard\LOCALS~1\Temp\JETA920.tmp not found!
C:\DOCUME~1\Bernard\LOCALS~1\Temp\~DF6370.tmp moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\01[2].htm moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\287642-11-infostealer-daonol[1] moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\InboxLight[1].aspx moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\287642-11-infostealer-daonol[1] moved successfully.
C:\WINDOWS\temp\JETC4B8.tmp moved successfully.
File C:\WINDOWS\temp\JETA3CC.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_ef8.dat moved successfully.
C:\WINDOWS\temp\JET5C.tmp moved successfully.
C:\WINDOWS\temp\RMS5D.tmp moved successfully.
C:\WINDOWS\temp\RMS5E.tmp moved successfully.
C:\WINDOWS\temp\JET46A.tmp moved successfully.
Registry entries deleted on Reboot...
J espère que c le bon rapport car je pense avoir fait une fausse manoeuvre.
========= PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Program Files\VAV not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Bernard\LOCALS~1\Temp\JETA920.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Bernard\LOCALS~1\Temp\~DF6370.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\01[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\287642-11-infostealer-daonol[1] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\InboxLight[1].aspx scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\287642-11-infostealer-daonol[1] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\JETC4B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JETA3CC.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_ef8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JET5C.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\RMS5D.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\RMS5E.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JET46A.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Error: Unable to interpret <Logfile of random's system information tool 1.06 (written by random/random) > in the current context!
Error: Unable to interpret <Run by Bernard at 2009-06-01 20:44:27 > in the current context!
Error: Unable to interpret <Microsoft Windows XP Édition familiale Service Pack 2 > in the current context!
Error: Unable to interpret <System drive C: has 3 GB (4%) free of 74 GB > in the current context!
Error: Unable to interpret <Total RAM: 447 MB (25% free) > in the current context!
Error: Unable to interpret <Logfile of Trend Micro HijackThis v2.0.2 > in the current context!
Error: Unable to interpret <Scan saved at 20:44:42, on 1/06/2009 > in the current context!
Error: Unable to interpret <Platform: Windows XP SP2 (WinNT 5.01.2600) > in the current context!
Error: Unable to interpret <MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) > in the current context!
Error: Unable to interpret <Boot mode: Normal > in the current context!
Error: Unable to interpret <Running processes: > in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\smss.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\winlogon.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\services.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\lsass.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\svchost.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\spoolsv.exe > in the current context!
Error: Unable to interpret <C:\Program Files\acer\Acer eConsole\MediaServerService.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\System32\svchost.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE > in the current context!
Error: Unable to interpret <C:\WINDOWS\Explorer.EXE > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\wscntfy.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\SOUNDMAN.EXE > in the current context!
Error: Unable to interpret <C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Acer\eRecovery\Monitor.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\VTTimer.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\VTtrayp.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Acer\Acer eMode Management\AspireService.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Acer\Acer eConsole\MediaSync.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\RunDLL32.exe > in the current context!
Error: Unable to interpret <C:\Program Files\ASUS\WLAN Card Utilities\Center.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\ctfmon.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Messenger\msmsgs.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Creative\Shared Files\CamTray.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Windows Media Player\WMPNSCFG.exe > in the current context!
Error: Unable to interpret <C:\Program Files\TomTom HOME 2\HOMERunner.exe > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
Error: Unable to interpret <C:\Program Files\Internet Explorer\iexplore.exe > in the current context!
Error: Unable to interpret <C:\Program Files\MSN Messenger\msnmsgr.exe > in the current context!
Error: Unable to interpret <C:\Documents and Settings\Bernard\Bureau\RSIT.exe > in the current context!
Error: Unable to interpret <C:\Program Files\trend micro\Bernard.exe > in the current context!
Error: Unable to interpret <R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php > in the current context!
Error: Unable to interpret <R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php > in the current context!
Error: Unable to interpret <R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens > in the current context!
Error: Unable to interpret <O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL > in the current context!
Error: Unable to interpret <O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) > in the current context!
Error: Unable to interpret <O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll > in the current context!
Error: Unable to interpret <O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll > in the current context!
Error: Unable to interpret <O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll > in the current context!
Error: Unable to interpret <O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [LaunchApp] Alaunch > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [VTTimer] VTTimer.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 > in the current context!
Error: Unable to interpret <O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe > in the current context!
Error: Unable to interpret <O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU" > in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') > in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') > in the current context!
Error: Unable to interpret <O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') > in the current context!
Error: Unable to interpret <O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199 > in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199 > in the current context!
Error: Unable to interpret <O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
Error: Unable to interpret <O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL > in the current context!
Error: Unable to interpret <O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe > in the current context!
Error: Unable to interpret <O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe > in the current context!
Error: Unable to interpret <O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url= > in the current context!
Error: Unable to interpret <O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url= > in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22 > in the current context!
Error: Unable to interpret <O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
Error: Unable to interpret <O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll > in the current context!
Error: Unable to interpret <O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe > in the current context!
Error: Unable to interpret <O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe > in the current context!
Error: Unable to interpret <O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
Error: Unable to interpret <-- > in the current context!
Error: Unable to interpret <End of file - 9425 bytes > in the current context!
Error: Unable to interpret <======Scheduled tasks folder====== > in the current context!
Error: Unable to interpret <C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job > in the current context!
Error: Unable to interpret <======Registry dump====== > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] > in the current context!
Error: Unable to interpret <Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] > in the current context!
Error: Unable to interpret <Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] > in the current context!
Error: Unable to interpret <Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] > in the current context!
Error: Unable to interpret <SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] > in the current context!
Error: Unable to interpret <Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] > in the current context!
Error: Unable to interpret <Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] > in the current context!
Error: Unable to interpret <Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] > in the current context!
Error: Unable to interpret <Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] > in the current context!
Error: Unable to interpret <Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] > in the current context!
Error: Unable to interpret <EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] > in the current context!
Error: Unable to interpret <{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112] > in the current context!
Error: Unable to interpret <{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] > in the current context!
Error: Unable to interpret <{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] > in the current context!
Error: Unable to interpret <{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696] > in the current context!
Error: Unable to interpret <{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] > in the current context!
Error: Unable to interpret <"LaunchApp"=Alaunch [] > in the current context!
Error: Unable to interpret <"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824] > in the current context!
Error: Unable to interpret <"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056] > in the current context!
Error: Unable to interpret <""= [] > in the current context!
Error: Unable to interpret <"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768] > in the current context!
Error: Unable to interpret <"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952] > in the current context!
Error: Unable to interpret <"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392] > in the current context!
Error: Unable to interpret <"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] > in the current context!
Error: Unable to interpret <"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] > in the current context!
Error: Unable to interpret <"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256] > in the current context!
Error: Unable to interpret <"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248] > in the current context!
Error: Unable to interpret <"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360] > in the current context!
Error: Unable to interpret <"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263] > in the current context!
Error: Unable to interpret <"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592] > in the current context!
Error: Unable to interpret <"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888] > in the current context!
Error: Unable to interpret <"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816] > in the current context!
Error: Unable to interpret <"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] > in the current context!
Error: Unable to interpret <"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 [] > in the current context!
Error: Unable to interpret <"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280] > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] > in the current context!
Error: Unable to interpret <"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] > in the current context!
Error: Unable to interpret <"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] > in the current context!
Error: Unable to interpret <"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048] > in the current context!
Error: Unable to interpret <"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856] > in the current context!
Error: Unable to interpret <"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] > in the current context!
Error: Unable to interpret <"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184] > in the current context!
Error: Unable to interpret <"Antivirus"=C:\Program Files\VAV\vav.exe [] > in the current context!
Error: Unable to interpret <"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] > in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] > in the current context!
Error: Unable to interpret <WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] > in the current context!
Error: Unable to interpret <"dontdisplaylastusername"=0 > in the current context!
Error: Unable to interpret <"legalnoticecaption"= > in the current context!
Error: Unable to interpret <"legalnoticetext"= > in the current context!
Error: Unable to interpret <"shutdownwithoutlogon"=1 > in the current context!
Error: Unable to interpret <"undockwithoutlogon"=1 > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] > in the current context!
Error: Unable to interpret <"NoDriveTypeAutoRun"=145 > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] > in the current context!
Error: Unable to interpret <"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" > in the current context!
Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" > in the current context!
Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole" > in the current context!
Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" > in the current context!
Error: Unable to interpret <"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*isabled:LimeWire" > in the current context!
Error: Unable to interpret <"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*isabled:Internet Explorer" > in the current context!
Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" > in the current context!
Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" > in the current context!
Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" > in the current context!
Error: Unable to interpret <"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed" > in the current context!
Error: Unable to interpret <"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*isabled:Exécuter une DLL en tant qu'application" > in the current context!
Error: Unable to interpret <"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" > in the current context!
Error: Unable to interpret <"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" > in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] > in the current context!
Error: Unable to interpret <"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" > in the current context!
Error: Unable to interpret <"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" > in the current context!
Error: Unable to interpret <"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" > in the current context!
Error: Unable to interpret <[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}] > in the current context!
Error: Unable to interpret <shell\AutoRun\command - F:\InstallTomTomHOME.exe > in the current context!
Error: Unable to interpret <======List of files/folders created in the last 1 months====== > in the current context!
Error: Unable to interpret <2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro > in the current context!
Error: Unable to interpret <2009-06-01 20:44:27 ----D---- C:\rsit > in the current context!
Error: Unable to interpret <2009-06-01 16:58:18 ----D---- C:\WINDOWS\LastGood > in the current context!
Error: Unable to interpret <2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes > in the current context!
Error: Unable to interpret <2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes > in the current context!
Error: Unable to interpret <2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware > in the current context!
Error: Unable to interpret <2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss > in the current context!
Error: Unable to interpret <2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump > in the current context!
Error: Unable to interpret <2009-05-31 17:45:32 ----SHD---- C:\FOUND.002 > in the current context!
Error: Unable to interpret <2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL > in the current context!
Error: Unable to interpret <2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec > in the current context!
Error: Unable to interpret <2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared > in the current context!
Error: Unable to interpret <2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar > in the current context!
Error: Unable to interpret <2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security > in the current context!
Error: Unable to interpret <2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton > in the current context!
Error: Unable to interpret <2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller > in the current context!
Error: Unable to interpret <2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller > in the current context!
Error: Unable to interpret <======List of files/folders modified in the last 1 months====== > in the current context!
Error: Unable to interpret <2009-06-01 16:58:18 ----N---- C:\WINDOWS\system32\eRLog.ini > in the current context!
Error: Unable to interpret <2009-06-01 16:57:04 ----A---- C:\WINDOWS\SchedLgU.Txt > in the current context!
Error: Unable to interpret <2009-05-31 22:33:58 ----A---- C:\WINDOWS\win.ini > in the current context!
Error: Unable to interpret <2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini > in the current context!
Error: Unable to interpret <======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== > in the current context!
Error: Unable to interpret <R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608] > in the current context!
Error: Unable to interpret <R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352] > in the current context!
Error: Unable to interpret <R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] > in the current context!
Error: Unable to interpret <R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090528.001\IDSxpx86.sys [] > in the current context!
Error: Unable to interpret <R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS [] > in the current context!
Error: Unable to interpret <R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392] > in the current context!
Error: Unable to interpret <R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952] > in the current context!
Error: Unable to interpret <R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys [] > in the current context!
Error: Unable to interpret <R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781] > in the current context!
Error: Unable to interpret <R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] > in the current context!
Error: Unable to interpret <R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680] > in the current context!
Error: Unable to interpret <R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS [] > in the current context!
Error: Unable to interpret <R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] > in the current context!
Error: Unable to interpret <R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] > in the current context!
Error: Unable to interpret <R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] > in the current context!
Error: Unable to interpret <R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVENG.SYS [] > in the current context!
Error: Unable to interpret <R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVEX15.SYS [] > in the current context!
Error: Unable to interpret <R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144] > in the current context!
Error: Unable to interpret <R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841] > in the current context!
Error: Unable to interpret <R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544] > in the current context!
Error: Unable to interpret <R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496] > in the current context!
Error: Unable to interpret <R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760] > in the current context!
Error: Unable to interpret <R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] > in the current context!
Error: Unable to interpret <R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776] > in the current context!
Error: Unable to interpret <R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736] > in the current context!
Error: Unable to interpret <R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400] > in the current context!
Error: Unable to interpret <R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296] > in the current context!
Error: Unable to interpret <R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] > in the current context!
Error: Unable to interpret <R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] > in the current context!
Error: Unable to interpret <R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] > in the current context!
Error: Unable to interpret <R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] > in the current context!
Error: Unable to interpret <R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] > in the current context!
Error: Unable to interpret <R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] > in the current context!
Error: Unable to interpret <R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480] > in the current context!
Error: Unable to interpret <R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544] > in the current context!
Error: Unable to interpret <S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] > in the current context!
Error: Unable to interpret <S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600] > in the current context!
Error: Unable to interpret <S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] > in the current context!
Error: Unable to interpret <S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] > in the current context!
Error: Unable to interpret <S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] > in the current context!
Error: Unable to interpret <S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] > in the current context!
Error: Unable to interpret <S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] > in the current context!
Error: Unable to interpret <S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] > in the current context!
Error: Unable to interpret <S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136] > in the current context!
Error: Unable to interpret <S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] > in the current context!
Error: Unable to interpret <S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360] > in the current context!
Error: Unable to interpret <S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS [] > in the current context!
Error: Unable to interpret <S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400] > in the current context!
Error: Unable to interpret <S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS [] > in the current context!
Error: Unable to interpret <S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] > in the current context!
Error: Unable to interpret <S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] > in the current context!
Error: Unable to interpret <S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] > in the current context!
Error: Unable to interpret <S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] > in the current context!
Error: Unable to interpret <======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== > in the current context!
Error: Unable to interpret <R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368] > in the current context!
Error: Unable to interpret <R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] > in the current context!
Error: Unable to interpret <R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560] > in the current context!
Error: Unable to interpret <R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] > in the current context!
Error: Unable to interpret <R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] > in the current context!
Error: Unable to interpret <S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800] > in the current context!
Error: Unable to interpret <S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] > in the current context!
Error: Unable to interpret <S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] > in the current context!
Error: Unable to interpret <S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768] > in the current context!
Error: Unable to interpret <S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] > in the current context!
Error: Unable to interpret <S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] > in the current context!
Error: Unable to interpret <-----------------EOF----------------- > in the current context!
OTM by OldTimer - Version 2.1.0.0 log created on 06022009_223305
Files moved on Reboot...
File C:\DOCUME~1\Bernard\LOCALS~1\Temp\JETA920.tmp not found!
C:\DOCUME~1\Bernard\LOCALS~1\Temp\~DF6370.tmp moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\01[2].htm moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\287642-11-infostealer-daonol[1] moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\InboxLight[1].aspx moved successfully.
C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\287642-11-infostealer-daonol[1] moved successfully.
C:\WINDOWS\temp\JETC4B8.tmp moved successfully.
File C:\WINDOWS\temp\JETA3CC.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_ef8.dat moved successfully.
C:\WINDOWS\temp\JET5C.tmp moved successfully.
C:\WINDOWS\temp\RMS5D.tmp moved successfully.
C:\WINDOWS\temp\RMS5E.tmp moved successfully.
C:\WINDOWS\temp\JET46A.tmp moved successfully.
Registry entries deleted on Reboot...
Tutoriel : Scanner le(s) disque(s) dur(s)
Bonjour,
Voilà, je viens à l'instant d effectuer ce rapport
Avira AntiVir Personal
Date de création du fichier de rapport : mardi 16 juin 2009 20:37
La recherche porte sur 1284893 souches de virus.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur : ACER-73356C3771
Informations de version :
BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:56
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:04
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:12
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:32
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:28
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:16
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:22
Version du moteur : 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:58
AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:26
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:42
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:12
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:58
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:58
AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:12
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:32
AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:28
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:30
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:44
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:24
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:38
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:58
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:41:00
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:34
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:06
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:, D:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : mardi 16 juin 2009 20:37
La recherche d'objets cachés commence.
'51308' objets ont été contrôlés, '0' objets cachés ont été trouvés.
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HOMERunner.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WMPNSCFG.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CamTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Center.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RunDLL32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Dragdiag.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MediaSync.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AspireService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VTTrayp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VTTimer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Monitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SOUNDMAN.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'EXPLORER.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ccSvcHst.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WMPNETWK.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ccSvcHst.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MediaServerService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LSASS.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CSRSS.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'46' processus ont été contrôlés avec '46' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD1
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD2
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD3
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD4
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '69' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\' <ACER>
C:\hiberfil.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
Recherche débutant dans 'D:\' <ACERDATA>
Fin de la recherche : mardi 16 juin 2009 21:20
Temps nécessaire: 42:06 Minute(s)
La recherche a été effectuée intégralement
4729 Les répertoires ont été contrôlés
276376 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
276374 Fichiers non infectés
7137 Les archives ont été contrôlées
2 Avertissements
2 Consignes
51308 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés
Voilà, je viens à l'instant d effectuer ce rapport
Avira AntiVir Personal
Date de création du fichier de rapport : mardi 16 juin 2009 20:37
La recherche porte sur 1284893 souches de virus.
Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
Numéro de série : 0000149996-ADJIE-0000001
Plateforme : Windows XP
Version de Windows : (Service Pack 2) [5.1.2600]
Mode Boot : Démarré normalement
Identifiant : SYSTEM
Nom de l'ordinateur : ACER-73356C3771
Informations de version :
BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:56
AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:04
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:12
LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:32
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:28
ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:16
ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:22
Version du moteur : 8.2.0.100
AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42
AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:58
AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:26
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:42
AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:12
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:58
AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:58
AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:12
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:32
AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:28
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:30
AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:44
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:24
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:38
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:58
NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:41:00
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:34
RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:06
Configuration pour la recherche actuelle :
Nom de la tâche...............................: Contrôle intégral du système
Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Documentation.................................: bas
Action principale.............................: interactif
Action secondaire.............................: ignorer
Recherche sur les secteurs d'amorçage maître..: marche
Recherche sur les secteurs d'amorçage.........: marche
Secteurs d'amorçage...........................: C:, D:,
Recherche dans les programmes actifs..........: marche
Recherche en cours sur l'enregistrement.......: marche
Recherche de Rootkits.........................: marche
Contrôle d'intégrité de fichiers système......: arrêt
Fichier mode de recherche.....................: Tous les fichiers
Recherche sur les archives....................: marche
Limiter la profondeur de récursivité..........: 20
Archive Smart Extensions......................: marche
Heuristique de macrovirus.....................: marche
Heuristique fichier...........................: moyen
Début de la recherche : mardi 16 juin 2009 20:37
La recherche d'objets cachés commence.
'51308' objets ont été contrôlés, '0' objets cachés ont été trouvés.
La recherche sur les processus démarrés commence :
Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés
Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'HOMERunner.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WMPNSCFG.exe' - '1' module(s) sont contrôlés
Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CamTray.exe' - '1' module(s) sont contrôlés
Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Center.exe' - '1' module(s) sont contrôlés
Processus de recherche 'RunDLL32.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Dragdiag.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MediaSync.exe' - '1' module(s) sont contrôlés
Processus de recherche 'AspireService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VTTrayp.exe' - '1' module(s) sont contrôlés
Processus de recherche 'VTTimer.exe' - '1' module(s) sont contrôlés
Processus de recherche 'Monitor.exe' - '1' module(s) sont contrôlés
Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés
Processus de recherche 'SOUNDMAN.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
Processus de recherche 'EXPLORER.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ccSvcHst.exe' - '1' module(s) sont contrôlés
Processus de recherche 'WMPNETWK.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'ccSvcHst.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'MediaServerService.exe' - '1' module(s) sont contrôlés
Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
Processus de recherche 'LSASS.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
Processus de recherche 'CSRSS.EXE' - '1' module(s) sont contrôlés
Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
'46' processus ont été contrôlés avec '46' modules
La recherche sur les secteurs d'amorçage maître commence :
Secteur d'amorçage maître HD0
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD1
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD2
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD3
[INFO] Aucun virus trouvé !
Secteur d'amorçage maître HD4
[INFO] Aucun virus trouvé !
La recherche sur les secteurs d'amorçage commence :
Secteur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !
Secteur d'amorçage 'D:\'
[INFO] Aucun virus trouvé !
La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '69' fichiers).
La recherche sur les fichiers sélectionnés commence :
Recherche débutant dans 'C:\' <ACER>
C:\hiberfil.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
C:\pagefile.sys
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
Recherche débutant dans 'D:\' <ACERDATA>
Fin de la recherche : mardi 16 juin 2009 21:20
Temps nécessaire: 42:06 Minute(s)
La recherche a été effectuée intégralement
4729 Les répertoires ont été contrôlés
276376 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
276374 Fichiers non infectés
7137 Les archives ont été contrôlées
2 Avertissements
2 Consignes
51308 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés
Logfile of random's system information tool 1.06 (written by random/random)
Run by Bernard at 2009-06-23 06:39:36
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 1 GB (2%) free of 74 GB
Total RAM: 447 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:39:38, on 23/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Bernard\Bureau\RSIT.exe
C:\Program Files\trend micro\Bernard.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
--
End of file - 9202 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
""= []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592]
"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 []
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]
"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*![:D]( ":D")
isabled:LimeWire"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*![:D]( ":D")
isabled:Internet Explorer"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*![:D]( ":D")
isabled:Exécuter une DLL en tant qu'application"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-06-18 15:39:18 ----SHD---- C:\FOUND.003
2009-06-15 00:23:22 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-06-02 22:33:05 ----D---- C:\_OTM
2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro
2009-06-01 20:44:27 ----D---- C:\rsit
2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes
2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss
2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump
2009-05-31 17:45:32 ----SHD---- C:\FOUND.002
2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec
2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar
2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security
2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller
2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
======List of files/folders modified in the last 1 months======
2009-06-22 16:09:22 ----A---- C:\WINDOWS\win.ini
2009-06-22 16:03:14 ----N---- C:\WINDOWS\system32\eRLog.ini
2009-06-22 16:01:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-09 19:37:42 ----A---- C:\WINDOWS\NeroDigital.ini
2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090618.002\IDSxpx86.sys []
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090622.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090622.002\NAVEX15.SYS []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144]
R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841]
R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Run by Bernard at 2009-06-23 06:39:36
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 1 GB (2%) free of 74 GB
Total RAM: 447 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:39:38, on 23/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Bernard\Bureau\RSIT.exe
C:\Program Files\trend micro\Bernard.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
--
End of file - 9202 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824]
"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
""= []
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592]
"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888]
"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 []
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]
"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*
isabled:LimeWire""C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*
isabled:Internet Explorer""C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*
isabled:Exécuter une DLL en tant qu'application""C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2009-06-18 15:39:18 ----SHD---- C:\FOUND.003
2009-06-15 00:23:22 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-06-02 22:33:05 ----D---- C:\_OTM
2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro
2009-06-01 20:44:27 ----D---- C:\rsit
2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes
2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss
2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump
2009-05-31 17:45:32 ----SHD---- C:\FOUND.002
2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec
2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar
2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security
2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller
2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
======List of files/folders modified in the last 1 months======
2009-06-22 16:09:22 ----A---- C:\WINDOWS\win.ini
2009-06-22 16:03:14 ----N---- C:\WINDOWS\system32\eRLog.ini
2009-06-22 16:01:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-09 19:37:42 ----A---- C:\WINDOWS\NeroDigital.ini
2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090618.002\IDSxpx86.sys []
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090622.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090622.002\NAVEX15.SYS []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144]
R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841]
R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
Lassé par la pub ? Créez un compte
- Contenus similaires :
