[Résolu] Virus Packed.Generic et Trojan
Dernière réponse : dans Sécurité
Bonjour à tous.
Mon antivirus (Norton) m'a signalé que mon pc était infecté par les virus Packed.Generic.214 et Trojan.Vundo et je ne suis pas très au courant de la façon dont on les supprime, alors merci d'avance pour votre aide.
Mon antivirus (Norton) m'a signalé que mon pc était infecté par les virus Packed.Generic.214 et Trojan.Vundo et je ne suis pas très au courant de la façon dont on les supprime, alors merci d'avance pour votre aide.
Autres pages sur : resolu virus packed generic trojan
Lassé par la pub ? Créez un compte
Bonjour,
On va regarder ça :
Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
On va regarder ça :
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Voici le contenu de log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 16:34:45
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 40 GB (57%) free of 70 GB
Total RAM: 1023 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:35:07, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NavNT\VPC32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {44b8d762-7797-481f-8262-b1ef5643f480} - C:\WINDOWS\system32\vidajadu.dll (file missing)
O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccb8fd6b] rundll32.exe "C:\WINDOWS\system32\kekasika.dll",b
O4 - HKLM\..\Run: [CPMcf8bcef7] Rundll32.exe "c:\windows\system32\waremilo.dll",a
O4 - HKLM\..\Run: [pomadekayi] Rundll32.exe "C:\WINDOWS\system32\nozuzito.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: c:\windows\system32\waremilo.dll,C:\WINDOWS\system32\gikosiha.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 11173 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44b8d762-7797-481f-8262-b1ef5643f480}]
C:\WINDOWS\system32\vidajadu.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]
PBFRV2 - C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 820736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - PBFRV2 - C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 820736]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-04-12 65536]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"ccb8fd6b"=C:\WINDOWS\system32\kekasika.dll,b []
"CPMcf8bcef7"=c:\windows\system32\waremilo.dll [2009-06-11 88064]
"pomadekayi"=C:\WINDOWS\system32\nozuzito.dll,s []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
""= []
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\waremilo.dll,C:\WINDOWS\system32\gikosiha.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll [2009-06-11 88064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll [2009-06-11 88064]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\gikosiha.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"_NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled![:p]( ":p")
ANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*![:D]( ":D")
isabled:RealPlayer"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*![:D]( ":D")
isabled:Internet Explorer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*![:D]( ":D")
isabled:jeu de tarot"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*![:D]( ":D")
isabled:Veoh Client"
"C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*![:D]( ":D")
isabled:EA Download Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\solene\Local Settings\Temp\rasesnet.tmp"="C:\Documents and Settings\solene\Local Settings\Temp\rasesnet.tmp:*:Enabled:rasesnet"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ctfmon"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
2009-06-11 17:50:45 ----SH---- C:\WINDOWS\system32\idafanip.ini
2009-06-10 16:22:37 ----SH---- C:\WINDOWS\system32\akisakek.ini
2009-06-09 14:31:27 ----SH---- C:\WINDOWS\system32\ufagekel.ini
2009-06-08 17:57:02 ----SH---- C:\WINDOWS\system32\usivabiy.ini
2009-06-07 14:06:55 ----SH---- C:\WINDOWS\system32\umabufav.ini
2009-06-06 12:09:31 ----SH---- C:\WINDOWS\system32\azarosom.ini
2009-06-04 17:15:02 ----SH---- C:\WINDOWS\system32\ohunotep.ini
2009-06-03 20:37:53 ----SH---- C:\WINDOWS\system32\ofalonoy.ini
2009-06-02 16:59:17 ----SH---- C:\WINDOWS\system32\inovijul.ini
2009-06-01 17:04:20 ----SH---- C:\WINDOWS\system32\onikunuy.ini
2009-05-27 20:54:27 ----SH---- C:\WINDOWS\system32\iluzuduw.ini
2009-05-20 18:33:45 ----SH---- C:\WINDOWS\system32\eponipof.ini
2009-05-19 09:48:30 ----SH---- C:\WINDOWS\system32\iwovifoy.ini
======List of files/folders modified in the last 1 months======
2009-06-12 16:34:49 ----RD---- C:\Program Files
2009-06-12 16:34:36 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 15:53:17 ----D---- C:\WINDOWS\Temp
2009-06-12 15:53:13 ----D---- C:\WINDOWS\system32
2009-06-12 14:35:43 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 14:34:00 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 14:30:48 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 14:30:23 ----SD---- C:\WINDOWS\Tasks
2009-06-12 14:28:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-06-12 10:21:59 ----D---- C:\WINDOWS
2009-06-11 17:50:21 ----N---- C:\WINDOWS\system32\waremilo.dll
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
2009-05-18 23:09:39 ----HD---- C:\WINDOWS\inf
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NAVAP;NAVAP; \??\C:\Program Files\NavNT\NAVAP.sys []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090610.002\NAVENG.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090610.002\NAVEX15.sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-01-18 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Et voici celui de info.txt:
info.txt logfile of random's system information tool 1.06 2009-06-12 16:35:10
======Uninstall list======
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
-->c:\apps\skype\phone\unins000.exe
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove /NONGUI
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\system32\drivers\UnRMC.exe
-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class![:D]( ":D")
ISPLAY -clean
-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
Apple Mobile Device Support-->MsiExec.exe /I{C7C895CA-331B-4D7D-A0FB-D3BC637949F9}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Panorama Maker 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5F68DC8-0278-4AD8-B413-861509B5F25B}\Setup.exe" -l0x40c
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes-->MsiExec.exe /I{EA418519-2160-43A0-AABD-6608DDD8D87F}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nikon FotoShare-->C:\Program Files\Nikon\FotoShare\Uninstal.exe C:\PROGRA~1\Nikon\FOTOSH~1\INSTALL.LOG
Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x40c UNINSTALL
Norton AntiVirus Corporate Edition-->MsiExec.exe /I{BD12EB47-DBDF-11D3-BEEA-00A0CC272509}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Packard Bell InfoCentre-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B04AC0A3-7A0F-4E38-9DE7-FD1E4CE47D8C}\setup.exe"
Packard Bell Toolbar 1.0-->"C:\Program Files\Dynamic Toolbar\unins000.exe"
Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"
PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x40c UNINSTALL
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Réussir son Code de la Route 2005-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E88CBF0C-500C-401C-BED2-47973423C7AA}\SETUP.EXE" -l0x40c
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
WebTarot 1.20-->"C:\Program Files\Webtarot\unins000.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WWP Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4B56EBE-6C53-4346-8F73-E380C123F4EF}\Setup.exe"
======Security center information======
AV: Norton Internet Security
FW: Norton Internet Security (disabled)
======System event log======
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84325
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84324
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84323
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84322
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84321
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
=====Application event log=====
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus![:p]( ":p")
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\waremilo.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refusé
Record Number: 138052
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus![:p]( ":p")
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\gikosiha.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refusé
Record Number: 138051
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus![:p]( ":p")
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\kekasika.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refusé
Record Number: 138050
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus![:p]( ":p")
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\nozuzito.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refusé
Record Number: 138049
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus![:p]( ":p")
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\kekasika.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refusé
Record Number: 138048
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 36 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2402
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 16:34:45
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 40 GB (57%) free of 70 GB
Total RAM: 1023 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:35:07, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NavNT\VPC32.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {44b8d762-7797-481f-8262-b1ef5643f480} - C:\WINDOWS\system32\vidajadu.dll (file missing)
O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccb8fd6b] rundll32.exe "C:\WINDOWS\system32\kekasika.dll",b
O4 - HKLM\..\Run: [CPMcf8bcef7] Rundll32.exe "c:\windows\system32\waremilo.dll",a
O4 - HKLM\..\Run: [pomadekayi] Rundll32.exe "C:\WINDOWS\system32\nozuzito.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: c:\windows\system32\waremilo.dll,C:\WINDOWS\system32\gikosiha.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 11173 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44b8d762-7797-481f-8262-b1ef5643f480}]
C:\WINDOWS\system32\vidajadu.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]
PBFRV2 - C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 820736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - PBFRV2 - C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 820736]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-04-12 65536]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"ccb8fd6b"=C:\WINDOWS\system32\kekasika.dll,b []
"CPMcf8bcef7"=c:\windows\system32\waremilo.dll [2009-06-11 88064]
"pomadekayi"=C:\WINDOWS\system32\nozuzito.dll,s []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
""= []
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\waremilo.dll,C:\WINDOWS\system32\gikosiha.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll [2009-06-11 88064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll [2009-06-11 88064]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\gikosiha.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"_NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled
ANDORA""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*
isabled:RealPlayer""C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*
isabled:Internet Explorer""C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*
isabled:jeu de tarot""C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*
isabled:Veoh Client""C:\Program Files\Cyanide\GameCenter\GameCenter.exe"="C:\Program Files\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*
isabled:EA Download Manager""C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\solene\Local Settings\Temp\rasesnet.tmp"="C:\Documents and Settings\solene\Local Settings\Temp\rasesnet.tmp:*:Enabled:rasesnet"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ctfmon"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
2009-06-11 17:50:45 ----SH---- C:\WINDOWS\system32\idafanip.ini
2009-06-10 16:22:37 ----SH---- C:\WINDOWS\system32\akisakek.ini
2009-06-09 14:31:27 ----SH---- C:\WINDOWS\system32\ufagekel.ini
2009-06-08 17:57:02 ----SH---- C:\WINDOWS\system32\usivabiy.ini
2009-06-07 14:06:55 ----SH---- C:\WINDOWS\system32\umabufav.ini
2009-06-06 12:09:31 ----SH---- C:\WINDOWS\system32\azarosom.ini
2009-06-04 17:15:02 ----SH---- C:\WINDOWS\system32\ohunotep.ini
2009-06-03 20:37:53 ----SH---- C:\WINDOWS\system32\ofalonoy.ini
2009-06-02 16:59:17 ----SH---- C:\WINDOWS\system32\inovijul.ini
2009-06-01 17:04:20 ----SH---- C:\WINDOWS\system32\onikunuy.ini
2009-05-27 20:54:27 ----SH---- C:\WINDOWS\system32\iluzuduw.ini
2009-05-20 18:33:45 ----SH---- C:\WINDOWS\system32\eponipof.ini
2009-05-19 09:48:30 ----SH---- C:\WINDOWS\system32\iwovifoy.ini
======List of files/folders modified in the last 1 months======
2009-06-12 16:34:49 ----RD---- C:\Program Files
2009-06-12 16:34:36 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 15:53:17 ----D---- C:\WINDOWS\Temp
2009-06-12 15:53:13 ----D---- C:\WINDOWS\system32
2009-06-12 14:35:43 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 14:34:00 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 14:30:48 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 14:30:23 ----SD---- C:\WINDOWS\Tasks
2009-06-12 14:28:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-06-12 10:21:59 ----D---- C:\WINDOWS
2009-06-11 17:50:21 ----N---- C:\WINDOWS\system32\waremilo.dll
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
2009-05-18 23:09:39 ----HD---- C:\WINDOWS\inf
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NAVAP;NAVAP; \??\C:\Program Files\NavNT\NAVAP.sys []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090610.002\NAVENG.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20090610.002\NAVEX15.sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-01-18 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Et voici celui de info.txt:
info.txt logfile of random's system information tool 1.06 2009-06-12 16:35:10
======Uninstall list======
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
-->c:\apps\skype\phone\unins000.exe
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove /NONGUI
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->C:\WINDOWS\system32\drivers\UnRMC.exe
-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x40c
-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -clean-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002}
Apple Mobile Device Support-->MsiExec.exe /I{C7C895CA-331B-4D7D-A0FB-D3BC637949F9}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Panorama Maker 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5F68DC8-0278-4AD8-B413-861509B5F25B}\Setup.exe" -l0x40c
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
Correctif Windows XP - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB890923-->"C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB893066-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes-->MsiExec.exe /I{EA418519-2160-43A0-AABD-6608DDD8D87F}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Les Sims 2 Académie-->C:\Program Files\EA GAMES\Les Sims 2 Académie\EAUninstall.exe
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
LiveUpdate 1.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nikon FotoShare-->C:\Program Files\Nikon\FotoShare\Uninstal.exe C:\PROGRA~1\Nikon\FOTOSH~1\INSTALL.LOG
Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x40c UNINSTALL
Norton AntiVirus Corporate Edition-->MsiExec.exe /I{BD12EB47-DBDF-11D3-BEEA-00A0CC272509}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Packard Bell InfoCentre-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B04AC0A3-7A0F-4E38-9DE7-FD1E4CE47D8C}\setup.exe"
Packard Bell Toolbar 1.0-->"C:\Program Files\Dynamic Toolbar\unins000.exe"
Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"
PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x40c UNINSTALL
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Réussir son Code de la Route 2005-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E88CBF0C-500C-401C-BED2-47973423C7AA}\SETUP.EXE" -l0x40c
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sonic MyDVD-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
WebTarot 1.20-->"C:\Program Files\Webtarot\unins000.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WWP Demo-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4B56EBE-6C53-4346-8F73-E380C123F4EF}\Setup.exe"
======Security center information======
AV: Norton Internet Security
FW: Norton Internet Security (disabled)
======System event log======
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84325
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84324
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84323
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84322
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84321
Source Name: Service Control Manager
Time Written: 20090418113433.000000+120
Event Type: erreur
User:
=====Application event log=====
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\waremilo.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refuséRecord Number: 138052
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\gikosiha.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refuséRecord Number: 138051
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\kekasika.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refuséRecord Number: 138050
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\nozuzito.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refuséRecord Number: 138049
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
Computer Name: SOLÈNE
Event Code: 5
Message:
Virus détecté !Nom du virus
acked.Generic.214 dans le fichier : C:\WINDOWS\system32\kekasika.dll par : analyse Protection en temps réel. Opération : Nettoyer - échec : Quarantaine - échec : Accès refuséRecord Number: 138048
Source Name: Norton AntiVirus
Time Written: 20090612142706.000000+120
Event Type: erreur
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\PROGRA~1\FICHIE~1\SONICS~1\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 36 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2402
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
-----------------EOF-----------------
Oula oui ![:D]( ":D")
[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]
Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Il va te demander d'installer la console de récupération : accepte.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
Voici le rapport:
ComboFix 09-06-11.06 - solene 12/06/2009 17:16.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.1023.320 [GMT 2:00]
Lancé depuis: c:\documents and settings\solene\Bureau\ComboFix.exe
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Un nouveau point de restauration a été créé
.
Les fichiers ci-dessous ont été désactivés pendant l'exécution:
c:\windows\system32\waremilo.dll
c:\windows\system32\gikosiha.dll
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\Dynamic Toolbar
c:\program files\Dynamic Toolbar\batch.bat
c:\program files\Dynamic Toolbar\Cache\go.bmp
c:\program files\Dynamic Toolbar\Cache\home.bmp
c:\program files\Dynamic Toolbar\Cache\logo_pb.bmp
c:\program files\Dynamic Toolbar\Cache\parent_off.bmp
c:\program files\Dynamic Toolbar\Cache\parent_on.bmp
c:\program files\Dynamic Toolbar\Cache\pbfrv2tb0200.cfg
c:\program files\Dynamic Toolbar\Cache\popup_off.bmp
c:\program files\Dynamic Toolbar\Cache\popup_on.bmp
c:\program files\Dynamic Toolbar\Cache\search.bmp
c:\program files\Dynamic Toolbar\Cache\services.bmp
c:\program files\Dynamic Toolbar\Cache\skin.bmp
c:\program files\Dynamic Toolbar\Cache\skin1.bmp
c:\program files\Dynamic Toolbar\Cache\skin2.bmp
c:\program files\Dynamic Toolbar\Cache\skin3.bmp
c:\program files\Dynamic Toolbar\Cache\skin4.bmp
c:\program files\Dynamic Toolbar\Cache\skin5.bmp
c:\program files\Dynamic Toolbar\Cache\store.bmp
c:\program files\Dynamic Toolbar\Cache\style.css
c:\program files\Dynamic Toolbar\Cache\support.bmp
c:\program files\Dynamic Toolbar\Cache\ticker.xml
c:\program files\Dynamic Toolbar\PBFRV2\Cache\ErrorLog.txt
c:\program files\Dynamic Toolbar\PBFRV2\Cache\go.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\home.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\logo_pb.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\parent_off.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\parent_on.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\popup_off.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\popup_on.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\search.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\services.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin1.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin2.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin3.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin4.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin5.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\store.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\style.css
c:\program files\Dynamic Toolbar\PBFRV2\Cache\support.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\T15265.tmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\ticker.xml
c:\program files\Dynamic Toolbar\unins000.dat
c:\program files\Dynamic Toolbar\unins000.exe
c:\windows\system32\akisakek.ini
c:\windows\system32\azarosom.ini
c:\windows\system32\eponipof.ini
c:\windows\system32\idafanip.ini
c:\windows\system32\iluzuduw.ini
c:\windows\system32\inovijul.ini
c:\windows\system32\iwovifoy.ini
c:\windows\system32\ofalonoy.ini
c:\windows\system32\ohunotep.ini
c:\windows\system32\onikunuy.ini
c:\windows\system32\ufagekel.ini
c:\windows\system32\umabufav.ini
c:\windows\system32\usivabiy.ini
----- BITS: Il y a peut-être des sites infectés -----
hxxp://62.4.83.201
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-12 au 2009-06-12 ))))))))))))))))))))))))))))))))))))
.
2009-06-12 14:34 . 2009-06-12 14:35 -------- d-----w- c:\program files\trend micro
2009-06-12 14:34 . 2009-06-12 14:35 -------- d-----w- C:\rsit
2009-06-12 08:27 . 2009-06-12 10:19 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP13.dll
2009-06-11 16:26 . 2009-06-11 16:32 73536 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP12.dll
2009-06-11 16:26 . 2009-06-11 16:32 8000 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP11.dll
2009-06-11 16:14 . 2009-06-11 16:18 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP10.dll
2009-06-11 16:06 . 2009-06-11 16:18 8000 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP9.dll
2009-05-25 20:42 . 2009-05-25 21:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP8.dll
2009-05-25 20:40 . 2009-05-25 21:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP7.dll
2009-05-25 20:21 . 2009-05-25 20:35 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP6.dll
2009-05-25 20:18 . 2009-05-25 20:18 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Help
2009-05-25 15:15 . 2009-05-25 15:42 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP5.dll
2009-05-25 15:03 . 2009-05-25 15:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP4.dll
2009-05-25 14:59 . 2009-05-25 15:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP3.dll
2009-05-25 14:56 . 2009-05-25 15:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP2.dll
2009-05-25 14:55 . 2009-05-25 15:08 8000 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP1.dll
2009-05-24 21:20 . 2009-05-24 21:23 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP0.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-12 08:22 . 2008-05-12 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-11 15:50 . 2009-03-11 15:50 88064 ----a-w- c:\windows\system32\waremilo.dll.vir
2009-05-25 20:18 . 2006-06-29 13:22 -------- d-----w- c:\program files\NavNT
2009-05-09 08:43 . 2006-02-27 18:41 49624 ----a-w- c:\documents and settings\solene\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 18:18 . 1999-07-28 07:55 927 ----a-w- c:\windows\Fonts\Another.txt
2009-05-08 18:16 . 2009-04-01 14:13 744 ----a-w- c:\windows\Fonts\Celebrate the Day- TOU.txt
2009-05-08 18:15 . 2004-06-21 01:22 1792 ----a-w- c:\windows\Fonts\!Relay Fonts ReadMe.rtf
2009-05-08 18:12 . 2002-09-13 12:42 1624 ----a-w- c:\windows\Fonts\BlackJack_README.txt
2009-05-08 18:10 . 2001-09-20 13:51 1152 ----a-w- c:\windows\Fonts\fontinfo.txt
2009-05-08 18:06 . 2007-11-25 08:57 688 ----a-w- c:\windows\Fonts\promisedfreedom-tou.txt
2009-05-08 18:04 . 2007-08-30 16:34 688 ----a-w- c:\windows\Fonts\justmeagaindownhere-TOU.txt
2009-04-18 11:43 . 2007-06-29 19:04 -------- d-----w- c:\program files\Picasa2
2009-04-18 09:40 . 2004-08-16 15:41 75704 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-18 09:40 . 2004-08-16 15:41 468728 ----a-w- c:\windows\system32\perfh00C.dat
2009-04-15 21:29 . 2009-04-15 21:29 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2006-03-02 15:54 . 2006-03-02 15:54 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-10-01 190024]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2007-11-01 3317760]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"RMC"="c:\windows\system32\drivers\RMC.exe" [2005-03-28 24576]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-04 102490]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-04 708698]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 339968]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 49263]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-09-13 180269]
"vptray"="c:\program files\NavNT\vptray.exe" [2001-09-26 73728]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-08 289576]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-04-12 14156800]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2006-3-11 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\APPS\\Inventime\\my.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Webtarot\\webtarot.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\QuickTime\\QTTask.exe"=
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [01/01/1980 13912]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [13/09/2005 16:39 226768]
R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [01/01/1980 28160]
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver;c:\windows\system32\Drivers\ATHFMWDL.sys --> c:\windows\system32\Drivers\ATHFMWDL.sys [?]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\drivers\WlanUIG.sys [27/02/2006 20:44 379456]
.
Contenu du dossier 'Tâches planifiées'
2009-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2009-06-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 20:56]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{44b8d762-7797-481f-8262-b1ef5643f480} - c:\windows\system32\vidajadu.dll
HKLM-Run-ccb8fd6b - c:\windows\system32\kekasika.dll
HKLM-Run-CPMcf8bcef7 - c:\windows\system32\waremilo.dll
HKLM-Run-pomadekayi - c:\windows\system32\nozuzito.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} - hxxp://mannequin.redoute.fr/activex/Mannequin.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game13.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\solene\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJPI150_10.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-12 17:23
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(896)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\NavLogon.dll
- - - - - - - > 'explorer.exe'(3976)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\program files\NavNT\defwatch.exe
c:\apps\HIDSERVICE\HidService.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\NavNT\rtvscan.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\slserv.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\MSGSYS.EXE
c:\windows\system32\CF17779.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Java\jre1.5.0_10\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-06-12 17:34 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-12 15:33
Avant-CF: 41 795 395 584 octets libres
Après-CF: 41 831 157 760 octets libres
279 --- E O F --- 2009-05-18 18:08
ComboFix 09-06-11.06 - solene 12/06/2009 17:16.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.1023.320 [GMT 2:00]
Lancé depuis: c:\documents and settings\solene\Bureau\ComboFix.exe
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Un nouveau point de restauration a été créé
.
Les fichiers ci-dessous ont été désactivés pendant l'exécution:
c:\windows\system32\waremilo.dll
c:\windows\system32\gikosiha.dll
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\Dynamic Toolbar
c:\program files\Dynamic Toolbar\batch.bat
c:\program files\Dynamic Toolbar\Cache\go.bmp
c:\program files\Dynamic Toolbar\Cache\home.bmp
c:\program files\Dynamic Toolbar\Cache\logo_pb.bmp
c:\program files\Dynamic Toolbar\Cache\parent_off.bmp
c:\program files\Dynamic Toolbar\Cache\parent_on.bmp
c:\program files\Dynamic Toolbar\Cache\pbfrv2tb0200.cfg
c:\program files\Dynamic Toolbar\Cache\popup_off.bmp
c:\program files\Dynamic Toolbar\Cache\popup_on.bmp
c:\program files\Dynamic Toolbar\Cache\search.bmp
c:\program files\Dynamic Toolbar\Cache\services.bmp
c:\program files\Dynamic Toolbar\Cache\skin.bmp
c:\program files\Dynamic Toolbar\Cache\skin1.bmp
c:\program files\Dynamic Toolbar\Cache\skin2.bmp
c:\program files\Dynamic Toolbar\Cache\skin3.bmp
c:\program files\Dynamic Toolbar\Cache\skin4.bmp
c:\program files\Dynamic Toolbar\Cache\skin5.bmp
c:\program files\Dynamic Toolbar\Cache\store.bmp
c:\program files\Dynamic Toolbar\Cache\style.css
c:\program files\Dynamic Toolbar\Cache\support.bmp
c:\program files\Dynamic Toolbar\Cache\ticker.xml
c:\program files\Dynamic Toolbar\PBFRV2\Cache\ErrorLog.txt
c:\program files\Dynamic Toolbar\PBFRV2\Cache\go.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\home.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\logo_pb.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\parent_off.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\parent_on.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\popup_off.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\popup_on.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\search.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\services.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin1.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin2.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin3.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin4.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\skin5.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\store.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\style.css
c:\program files\Dynamic Toolbar\PBFRV2\Cache\support.bmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\T15265.tmp
c:\program files\Dynamic Toolbar\PBFRV2\Cache\ticker.xml
c:\program files\Dynamic Toolbar\unins000.dat
c:\program files\Dynamic Toolbar\unins000.exe
c:\windows\system32\akisakek.ini
c:\windows\system32\azarosom.ini
c:\windows\system32\eponipof.ini
c:\windows\system32\idafanip.ini
c:\windows\system32\iluzuduw.ini
c:\windows\system32\inovijul.ini
c:\windows\system32\iwovifoy.ini
c:\windows\system32\ofalonoy.ini
c:\windows\system32\ohunotep.ini
c:\windows\system32\onikunuy.ini
c:\windows\system32\ufagekel.ini
c:\windows\system32\umabufav.ini
c:\windows\system32\usivabiy.ini
----- BITS: Il y a peut-être des sites infectés -----
hxxp://62.4.83.201
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-12 au 2009-06-12 ))))))))))))))))))))))))))))))))))))
.
2009-06-12 14:34 . 2009-06-12 14:35 -------- d-----w- c:\program files\trend micro
2009-06-12 14:34 . 2009-06-12 14:35 -------- d-----w- C:\rsit
2009-06-12 08:27 . 2009-06-12 10:19 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP13.dll
2009-06-11 16:26 . 2009-06-11 16:32 73536 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP12.dll
2009-06-11 16:26 . 2009-06-11 16:32 8000 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP11.dll
2009-06-11 16:14 . 2009-06-11 16:18 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP10.dll
2009-06-11 16:06 . 2009-06-11 16:18 8000 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP9.dll
2009-05-25 20:42 . 2009-05-25 21:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP8.dll
2009-05-25 20:40 . 2009-05-25 21:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP7.dll
2009-05-25 20:21 . 2009-05-25 20:35 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP6.dll
2009-05-25 20:18 . 2009-05-25 20:18 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Help
2009-05-25 15:15 . 2009-05-25 15:42 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP5.dll
2009-05-25 15:03 . 2009-05-25 15:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP4.dll
2009-05-25 14:59 . 2009-05-25 15:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP3.dll
2009-05-25 14:56 . 2009-05-25 15:08 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP2.dll
2009-05-25 14:55 . 2009-05-25 15:08 8000 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP1.dll
2009-05-24 21:20 . 2009-05-24 21:23 0 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\APTemp\AP0.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-12 08:22 . 2008-05-12 10:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-11 15:50 . 2009-03-11 15:50 88064 ----a-w- c:\windows\system32\waremilo.dll.vir
2009-05-25 20:18 . 2006-06-29 13:22 -------- d-----w- c:\program files\NavNT
2009-05-09 08:43 . 2006-02-27 18:41 49624 ----a-w- c:\documents and settings\solene\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 18:18 . 1999-07-28 07:55 927 ----a-w- c:\windows\Fonts\Another.txt
2009-05-08 18:16 . 2009-04-01 14:13 744 ----a-w- c:\windows\Fonts\Celebrate the Day- TOU.txt
2009-05-08 18:15 . 2004-06-21 01:22 1792 ----a-w- c:\windows\Fonts\!Relay Fonts ReadMe.rtf
2009-05-08 18:12 . 2002-09-13 12:42 1624 ----a-w- c:\windows\Fonts\BlackJack_README.txt
2009-05-08 18:10 . 2001-09-20 13:51 1152 ----a-w- c:\windows\Fonts\fontinfo.txt
2009-05-08 18:06 . 2007-11-25 08:57 688 ----a-w- c:\windows\Fonts\promisedfreedom-tou.txt
2009-05-08 18:04 . 2007-08-30 16:34 688 ----a-w- c:\windows\Fonts\justmeagaindownhere-TOU.txt
2009-04-18 11:43 . 2007-06-29 19:04 -------- d-----w- c:\program files\Picasa2
2009-04-18 09:40 . 2004-08-16 15:41 75704 ----a-w- c:\windows\system32\perfc00C.dat
2009-04-18 09:40 . 2004-08-16 15:41 468728 ----a-w- c:\windows\system32\perfh00C.dat
2009-04-15 21:29 . 2009-04-15 21:29 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2006-03-02 15:54 . 2006-03-02 15:54 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-10-01 190024]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2007-11-01 3317760]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-05 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-05 455168]
"RMC"="c:\windows\system32\drivers\RMC.exe" [2005-03-28 24576]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-03-04 102490]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-03-04 708698]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 339968]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 49263]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-05-11 127118]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-09-13 180269]
"vptray"="c:\program files\NavNT\vptray.exe" [2001-09-26 73728]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-08 289576]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-04-12 14156800]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2006-3-11 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"=
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\APPS\\Inventime\\my.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Webtarot\\webtarot.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\QuickTime\\QTTask.exe"=
R2 MTC0001_RMC;Remove Control Device;c:\windows\system32\drivers\RMC.sys [01/01/1980 13912]
R3 Slazldrv;SmartLink AMR_PCI Driver;c:\windows\system32\drivers\SLDRV\slazldrv.sys [13/09/2005 16:39 226768]
R3 ULI5261;ULi Based Ethernet NT Driver;c:\windows\system32\drivers\ULILAN.SYS [01/01/1980 28160]
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver;c:\windows\system32\Drivers\ATHFMWDL.sys --> c:\windows\system32\Drivers\ATHFMWDL.sys [?]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;c:\windows\system32\drivers\WlanUIG.sys [27/02/2006 20:44 379456]
.
Contenu du dossier 'Tâches planifiées'
2009-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2009-06-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 20:56]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{44b8d762-7797-481f-8262-b1ef5643f480} - c:\windows\system32\vidajadu.dll
HKLM-Run-ccb8fd6b - c:\windows\system32\kekasika.dll
HKLM-Run-CPMcf8bcef7 - c:\windows\system32\waremilo.dll
HKLM-Run-pomadekayi - c:\windows\system32\nozuzito.dll
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} - hxxp://mannequin.redoute.fr/activex/Mannequin.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game13.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\solene\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPJPI150_10.dll
FF - plugin: c:\program files\Java\jre1.5.0_10\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-12 17:23
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySqlInventime]
"ImagePath"="c:\mysql\bin\mysqld-max-nt MySqlInventime"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(896)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\NavLogon.dll
- - - - - - - > 'explorer.exe'(3976)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\program files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\program files\NavNT\defwatch.exe
c:\apps\HIDSERVICE\HidService.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\NavNT\rtvscan.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\slserv.exe
c:\program files\Inventel\Gateway\WLANCFG.EXE
c:\apps\Powercinema\Kernel\TV\CLSched.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\MSGSYS.EXE
c:\windows\system32\CF17779.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Java\jre1.5.0_10\bin\jucheck.exe
.
**************************************************************************
.
Heure de fin: 2009-06-12 17:34 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-06-12 15:33
Avant-CF: 41 795 395 584 octets libres
Après-CF: 41 831 157 760 octets libres
279 --- E O F --- 2009-05-18 18:08
C'est mieux.
Menu Démarrer > Exécuter > Tape combofix /u et valide.
Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :
Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Voici le rapport:
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2266
Windows 5.1.2600 Service Pack 2
12/06/2009 17:55:55
mbam-log-2009-06-12 (17-55-55).txt
Type de recherche: Examen rapide
Eléments examinés: 102332
Temps écoulé: 4 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\pbfrv2.pbfrv2 (Adware.2020Search) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gikosiha.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2266
Windows 5.1.2600 Service Pack 2
12/06/2009 17:55:55
mbam-log-2009-06-12 (17-55-55).txt
Type de recherche: Examen rapide
Eléments examinés: 102332
Temps écoulé: 4 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\pbfrv2.pbfrv2 (Adware.2020Search) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\WINDOWS\system32\pbfrv2.dll (Adware.2020Search) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gikosiha.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Voici le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 18:11:48
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 41 GB (58%) free of 70 GB
Total RAM: 1023 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:55, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 10288 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled![:p]( ":p")
ANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*![:D]( ":D")
isabled:RealPlayer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*![:D]( ":D")
isabled:jeu de tarot"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*![:D]( ":D")
isabled:Veoh Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-06-12 17:49:27 ----D---- C:\Documents and Settings\solene\Application Data\Malwarebytes
2009-06-12 17:49:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-12 17:49:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-12 17:46:46 ----SD---- C:\ComboFix
2009-06-12 17:34:42 ----D---- C:\WINDOWS\temp
2009-06-12 17:34:40 ----A---- C:\ComboFix.txt
2009-06-12 17:12:37 ----D---- C:\WINDOWS\ERDNT
2009-06-12 17:12:34 ----A---- C:\WINDOWS\system32\CF17779.exe
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-06-12 18:03:14 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 18:00:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 17:59:32 ----D---- C:\WINDOWS
2009-06-12 17:59:03 ----SD---- C:\WINDOWS\Tasks
2009-06-12 17:58:01 ----D---- C:\WINDOWS\system32\drivers
2009-06-12 17:57:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 17:55:55 ----D---- C:\WINDOWS\system32
2009-06-12 17:49:20 ----RD---- C:\Program Files
2009-06-12 17:47:11 ----D---- C:\WINDOWS\system32\Restore
2009-06-12 17:47:10 ----SHD---- C:\System Volume Information
2009-06-12 17:40:29 ----HD---- C:\WINDOWS\inf
2009-06-12 17:39:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 17:24:43 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 17:24:23 ----A---- C:\WINDOWS\system.ini
2009-06-12 17:19:45 ----D---- C:\WINDOWS\system32\config
2009-06-12 17:17:55 ----D---- C:\WINDOWS\AppPatch
2009-06-12 17:17:48 ----D---- C:\Program Files\Fichiers communs
2009-06-12 16:49:13 ----SHD---- C:\WINDOWS\Installer
2009-06-12 16:47:41 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-06-11 17:50:21 ----A---- C:\WINDOWS\system32\waremilo.dll
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 18:11:48
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 41 GB (58%) free of 70 GB
Total RAM: 1023 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:55, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 10288 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled
ANDORA""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*
isabled:RealPlayer""C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*
isabled:jeu de tarot""C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*
isabled:Veoh Client""C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 1 months======
2009-06-12 17:49:27 ----D---- C:\Documents and Settings\solene\Application Data\Malwarebytes
2009-06-12 17:49:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-12 17:49:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-12 17:46:46 ----SD---- C:\ComboFix
2009-06-12 17:34:42 ----D---- C:\WINDOWS\temp
2009-06-12 17:34:40 ----A---- C:\ComboFix.txt
2009-06-12 17:12:37 ----D---- C:\WINDOWS\ERDNT
2009-06-12 17:12:34 ----A---- C:\WINDOWS\system32\CF17779.exe
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-06-12 18:03:14 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 18:00:32 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 17:59:32 ----D---- C:\WINDOWS
2009-06-12 17:59:03 ----SD---- C:\WINDOWS\Tasks
2009-06-12 17:58:01 ----D---- C:\WINDOWS\system32\drivers
2009-06-12 17:57:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 17:55:55 ----D---- C:\WINDOWS\system32
2009-06-12 17:49:20 ----RD---- C:\Program Files
2009-06-12 17:47:11 ----D---- C:\WINDOWS\system32\Restore
2009-06-12 17:47:10 ----SHD---- C:\System Volume Information
2009-06-12 17:40:29 ----HD---- C:\WINDOWS\inf
2009-06-12 17:39:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 17:24:43 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 17:24:23 ----A---- C:\WINDOWS\system.ini
2009-06-12 17:19:45 ----D---- C:\WINDOWS\system32\config
2009-06-12 17:17:55 ----D---- C:\WINDOWS\AppPatch
2009-06-12 17:17:48 ----D---- C:\Program Files\Fichiers communs
2009-06-12 16:49:13 ----SHD---- C:\WINDOWS\Installer
2009-06-12 16:47:41 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-06-11 17:50:21 ----A---- C:\WINDOWS\system32\waremilo.dll
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
:processes
explorer.exe
:files
C:\WINDOWS\system32\CF17779.exe
C:\WINDOWS\system32\waremilo.dll
c:\windows\system32\waremilo.dll.vir
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
:commands
[purity]
[emptytemp]
[reboot]
explorer.exe
:files
C:\WINDOWS\system32\CF17779.exe
C:\WINDOWS\system32\waremilo.dll
c:\windows\system32\waremilo.dll.vir
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
:commands
[purity]
[emptytemp]
[reboot]
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Voici le rapport:
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\WINDOWS\system32\CF17779.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\waremilo.dll
C:\WINDOWS\system32\waremilo.dll NOT unregistered.
C:\WINDOWS\system32\waremilo.dll moved successfully.
File/Folder c:\windows\system32\waremilo.dll.vir not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\solene\LOCALS~1\Temp\etilqs_XPbxMloQKNMs7WRDAhTW scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\solene\LOCALS~1\Temp\fla34.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\solene\LOCALS~1\Temp\~DFB025.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\solene\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
OTM by OldTimer - Version 2.1.0.1 log created on 06122009_183155
Files moved on Reboot...
File C:\DOCUME~1\solene\LOCALS~1\Temp\etilqs_XPbxMloQKNMs7WRDAhTW not found!
File C:\DOCUME~1\solene\LOCALS~1\Temp\fla34.tmp not found!
File C:\DOCUME~1\solene\LOCALS~1\Temp\~DFB025.tmp not found!
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\XUL.mfl moved successfully.
Registry entries deleted on Reboot...
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\WINDOWS\system32\CF17779.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\waremilo.dll
C:\WINDOWS\system32\waremilo.dll NOT unregistered.
C:\WINDOWS\system32\waremilo.dll moved successfully.
File/Folder c:\windows\system32\waremilo.dll.vir not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\solene\LOCALS~1\Temp\etilqs_XPbxMloQKNMs7WRDAhTW scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\solene\LOCALS~1\Temp\fla34.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\solene\LOCALS~1\Temp\~DFB025.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\solene\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
OTM by OldTimer - Version 2.1.0.1 log created on 06122009_183155
Files moved on Reboot...
File C:\DOCUME~1\solene\LOCALS~1\Temp\etilqs_XPbxMloQKNMs7WRDAhTW not found!
File C:\DOCUME~1\solene\LOCALS~1\Temp\fla34.tmp not found!
File C:\DOCUME~1\solene\LOCALS~1\Temp\~DFB025.tmp not found!
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\solene\Local Settings\Application Data\Mozilla\Firefox\Profiles\5qed8kqj.default\XUL.mfl moved successfully.
Registry entries deleted on Reboot...
Bien.
Désinstalle les programmes suivants :
- J2SE Runtime Environment 5.0 Update 10
- J2SE Runtime Environment 5.0 Update 6
- J2SE Runtime Environment 5.0 Update 9
- Java 2 Runtime Environment, SE v1.4.2_05
Mets à jour Java.
Mets à jour Adobe Reader.
Mets à jour Internet Explorer.
Refais un scan RSIT et poste le rapport log.
- J2SE Runtime Environment 5.0 Update 10
- J2SE Runtime Environment 5.0 Update 6
- J2SE Runtime Environment 5.0 Update 9
- Java 2 Runtime Environment, SE v1.4.2_05
J'ai mis à jour Java et Adobe Reader, mais la mise à jour d'Internet Explorer s'est interrompue (j'ai essayé 2 fois).
Sinon, voici le rapport log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 20:12:05
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 40 GB (57%) free of 70 GB
Total RAM: 1023 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:10, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CPMcf8bcef7] Rundll32.exe "C:\WINDOWS\system32\waremilo.dll",a
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: c:\windows\system32\waremilo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 10931 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-12 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-12 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"CPMcf8bcef7"=C:\WINDOWS\system32\waremilo.dll,a []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-12 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1 []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\waremilo.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled![:p]( ":p")
ANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*![:D]( ":D")
isabled:RealPlayer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*![:D]( ":D")
isabled:jeu de tarot"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*![:D]( ":D")
isabled:Veoh Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\java.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-12 20:08:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-06-12 20:07:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 20:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-12 20:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 20:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 20:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-12 20:02:00 ----D---- C:\WINDOWS\LastGood
2009-06-12 19:22:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-06-12 19:21:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-06-12 19:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-06-12 19:21:02 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-06-12 19:17:03 ----A---- C:\WINDOWS\system32\MRT.exe
2009-06-12 19:16:57 ----D---- C:\WINDOWS\network diagnostic
2009-06-12 19:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-06-12 19:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-06-12 19:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-12 19:04:24 ----D---- C:\Program Files\NOS
2009-06-12 19:04:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-06-12 18:31:55 ----D---- C:\_OTM
2009-06-12 17:49:27 ----D---- C:\Documents and Settings\solene\Application Data\Malwarebytes
2009-06-12 17:49:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-12 17:49:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-12 17:46:46 ----SD---- C:\ComboFix
2009-06-12 17:34:42 ----D---- C:\WINDOWS\temp
2009-06-12 17:34:40 ----A---- C:\ComboFix.txt
2009-06-12 17:12:37 ----D---- C:\WINDOWS\ERDNT
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-06-12 20:10:40 ----D---- C:\WINDOWS\system32
2009-06-12 20:09:54 ----SHD---- C:\WINDOWS\Installer
2009-06-12 20:09:46 ----D---- C:\Program Files\Java
2009-06-12 20:07:33 ----HD---- C:\WINDOWS\inf
2009-06-12 20:07:33 ----D---- C:\WINDOWS
2009-06-12 20:07:31 ----D---- C:\WINDOWS\system32\dllcache
2009-06-12 20:07:23 ----A---- C:\WINDOWS\imsins.BAK
2009-06-12 20:07:11 ----D---- C:\Program Files\Internet Explorer
2009-06-12 20:06:01 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 20:05:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 19:45:48 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 19:45:03 ----SD---- C:\WINDOWS\Tasks
2009-06-12 19:43:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 19:42:32 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-12 19:08:25 ----D---- C:\Program Files\Adobe
2009-06-12 19:04:24 ----RD---- C:\Program Files
2009-06-12 19:00:42 ----D---- C:\Program Files\Fichiers communs
2009-06-12 18:41:23 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 17:58:01 ----D---- C:\WINDOWS\system32\drivers
2009-06-12 17:47:11 ----D---- C:\WINDOWS\system32\Restore
2009-06-12 17:47:10 ----SHD---- C:\System Volume Information
2009-06-12 17:24:23 ----A---- C:\WINDOWS\system.ini
2009-06-12 17:19:45 ----D---- C:\WINDOWS\system32\config
2009-06-12 17:17:55 ----D---- C:\WINDOWS\AppPatch
2009-06-12 16:47:41 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-12 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Sinon, voici le rapport log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 20:12:05
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 40 GB (57%) free of 70 GB
Total RAM: 1023 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:12:10, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CPMcf8bcef7] Rundll32.exe "C:\WINDOWS\system32\waremilo.dll",a
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: c:\windows\system32\waremilo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 10931 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-12 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-12 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"CPMcf8bcef7"=C:\WINDOWS\system32\waremilo.dll,a []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-12 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1 []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\waremilo.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled
ANDORA""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*
isabled:RealPlayer""C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*
isabled:jeu de tarot""C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*
isabled:Veoh Client""C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\java.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-12 20:08:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-06-12 20:07:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 20:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-12 20:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 20:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 20:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-12 20:02:00 ----D---- C:\WINDOWS\LastGood
2009-06-12 19:22:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-06-12 19:21:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-06-12 19:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-06-12 19:21:02 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-06-12 19:17:03 ----A---- C:\WINDOWS\system32\MRT.exe
2009-06-12 19:16:57 ----D---- C:\WINDOWS\network diagnostic
2009-06-12 19:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-06-12 19:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-06-12 19:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-12 19:04:24 ----D---- C:\Program Files\NOS
2009-06-12 19:04:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-06-12 18:31:55 ----D---- C:\_OTM
2009-06-12 17:49:27 ----D---- C:\Documents and Settings\solene\Application Data\Malwarebytes
2009-06-12 17:49:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-12 17:49:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-12 17:46:46 ----SD---- C:\ComboFix
2009-06-12 17:34:42 ----D---- C:\WINDOWS\temp
2009-06-12 17:34:40 ----A---- C:\ComboFix.txt
2009-06-12 17:12:37 ----D---- C:\WINDOWS\ERDNT
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-06-12 20:10:40 ----D---- C:\WINDOWS\system32
2009-06-12 20:09:54 ----SHD---- C:\WINDOWS\Installer
2009-06-12 20:09:46 ----D---- C:\Program Files\Java
2009-06-12 20:07:33 ----HD---- C:\WINDOWS\inf
2009-06-12 20:07:33 ----D---- C:\WINDOWS
2009-06-12 20:07:31 ----D---- C:\WINDOWS\system32\dllcache
2009-06-12 20:07:23 ----A---- C:\WINDOWS\imsins.BAK
2009-06-12 20:07:11 ----D---- C:\Program Files\Internet Explorer
2009-06-12 20:06:01 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 20:05:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 19:45:48 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 19:45:03 ----SD---- C:\WINDOWS\Tasks
2009-06-12 19:43:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 19:42:32 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-12 19:08:25 ----D---- C:\Program Files\Adobe
2009-06-12 19:04:24 ----RD---- C:\Program Files
2009-06-12 19:00:42 ----D---- C:\Program Files\Fichiers communs
2009-06-12 18:41:23 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 17:58:01 ----D---- C:\WINDOWS\system32\drivers
2009-06-12 17:47:11 ----D---- C:\WINDOWS\system32\Restore
2009-06-12 17:47:10 ----SHD---- C:\System Volume Information
2009-06-12 17:24:23 ----A---- C:\WINDOWS\system.ini
2009-06-12 17:19:45 ----D---- C:\WINDOWS\system32\config
2009-06-12 17:17:55 ----D---- C:\WINDOWS\AppPatch
2009-06-12 16:47:41 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-12 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Pour Internet Explorer :
http://download.microsoft.com/download/B/B/F/BBFCC870-E...
Lance ce fichier : C:\Program Files\trend micro\solene.exe
Choisis Do a system scan only.
Coche les cases qui sont devant les lignes suivantes :
Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
Ferme HijackThis et redémarre ton PC.
Refais un scan RSIT et poste le rapport log.
http://download.microsoft.com/download/B/B/F/BBFCC870-E...
O4 - HKLM\..\Run: [CPMcf8bcef7] Rundll32.exe "C:\WINDOWS\system32\waremilo.dll",a
O20 - AppInit_DLLs: c:\windows\system32\waremilo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O20 - AppInit_DLLs: c:\windows\system32\waremilo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\waremilo.dll (file missing)
Voici le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 21:00:11
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 40 GB (57%) free of 70 GB
Total RAM: 1023 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00:25, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 10663 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-12 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-12 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-12 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1 []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled![:p]( ":p")
ANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*![:D]( ":D")
isabled:RealPlayer"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*![:D]( ":D")
isabled:jeu de tarot"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*![:D]( ":D")
isabled:Veoh Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-06-12 20:44:04 ----D---- C:\WINDOWS\ie8updates
2009-06-12 20:41:21 ----D---- C:\WINDOWS\WBEM
2009-06-12 20:38:28 ----HDC---- C:\WINDOWS\ie8
2009-06-12 20:38:28 ----D---- C:\WINDOWS\system32\fr-FR
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\java.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-12 20:08:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-06-12 20:07:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 20:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-12 20:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 20:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 20:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-12 19:22:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-06-12 19:21:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-06-12 19:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-06-12 19:21:02 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-06-12 19:17:03 ----A---- C:\WINDOWS\system32\MRT.exe
2009-06-12 19:16:57 ----D---- C:\WINDOWS\network diagnostic
2009-06-12 19:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-06-12 19:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-06-12 19:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-12 19:04:24 ----D---- C:\Program Files\NOS
2009-06-12 19:04:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-06-12 18:31:55 ----D---- C:\_OTM
2009-06-12 17:49:27 ----D---- C:\Documents and Settings\solene\Application Data\Malwarebytes
2009-06-12 17:49:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-12 17:49:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-12 17:46:46 ----SD---- C:\ComboFix
2009-06-12 17:34:42 ----D---- C:\WINDOWS\temp
2009-06-12 17:34:40 ----A---- C:\ComboFix.txt
2009-06-12 17:12:37 ----D---- C:\WINDOWS\ERDNT
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-06-12 21:00:26 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 20:57:54 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 20:57:15 ----SD---- C:\WINDOWS\Tasks
2009-06-12 20:55:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 20:47:51 ----D---- C:\WINDOWS
2009-06-12 20:47:45 ----D---- C:\WINDOWS\system32
2009-06-12 20:46:19 ----D---- C:\WINDOWS\Help
2009-06-12 20:46:19 ----D---- C:\Program Files\Internet Explorer
2009-06-12 20:46:18 ----D---- C:\WINDOWS\system32\dllcache
2009-06-12 20:44:48 ----HD---- C:\WINDOWS\inf
2009-06-12 20:44:12 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 20:44:08 ----A---- C:\WINDOWS\imsins.BAK
2009-06-12 20:41:02 ----D---- C:\WINDOWS\Media
2009-06-12 20:23:02 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 20:09:54 ----SHD---- C:\WINDOWS\Installer
2009-06-12 20:09:46 ----D---- C:\Program Files\Java
2009-06-12 19:42:32 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-12 19:08:25 ----D---- C:\Program Files\Adobe
2009-06-12 19:04:24 ----RD---- C:\Program Files
2009-06-12 19:00:42 ----D---- C:\Program Files\Fichiers communs
2009-06-12 17:58:01 ----D---- C:\WINDOWS\system32\drivers
2009-06-12 17:47:11 ----D---- C:\WINDOWS\system32\Restore
2009-06-12 17:47:10 ----SHD---- C:\System Volume Information
2009-06-12 17:24:23 ----A---- C:\WINDOWS\system.ini
2009-06-12 17:19:45 ----D---- C:\WINDOWS\system32\config
2009-06-12 17:17:55 ----D---- C:\WINDOWS\AppPatch
2009-06-12 16:47:41 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
2009-05-13 07:04:17 ----A---- C:\WINDOWS\system32\wininet.dll
2009-05-13 07:04:17 ----A---- C:\WINDOWS\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-12 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Par contre, je dois y aller. Je serai de retour demain matin.
Merci beaucoup pour ton aide!
Logfile of random's system information tool 1.06 (written by random/random)
Run by solene at 2009-06-12 21:00:11
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 40 GB (57%) free of 70 GB
Total RAM: 1023 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00:25, on 12/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\NavNT\defwatch.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\drivers\RMC.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\solene\Bureau\RSIT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\solene.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RMC] C:\WINDOWS\system32\drivers\RMC.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {1FF43AD5-2262-4C2F-81D4-26D710C3F305} (VB2S Mannequin Virtuel Control) - http://mannequin.redoute.fr/activex/Mannequin.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game13.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
--
End of file - 10663 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-30 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-12 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-12 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-30 259696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"RMC"=C:\WINDOWS\system32\drivers\RMC.exe [2005-03-28 24576]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-03-04 102490]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-03-04 708698]
"Raccourci vers la page des propriétés de High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-12 14156800]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-22 339968]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2005-05-11 127118]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-09-13 180269]
"vptray"=C:\Program Files\NavNT\vptray.exe [2001-09-26 73728]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-12 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]
"MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-10-01 190024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-25 68856]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-11-01 3317760]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 -reboot 1 []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-22 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2001-09-24 45056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"_NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled
ANDORA""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*
isabled:RealPlayer""C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Webtarot\webtarot.exe"="C:\Program Files\Webtarot\webtarot.exe:*
isabled:jeu de tarot""C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*
isabled:Veoh Client""C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\QuickTime\QTTask.exe"="C:\Program Files\QuickTime\QTTask.exe:*:Enabled:QTTask"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-06-12 20:44:04 ----D---- C:\WINDOWS\ie8updates
2009-06-12 20:41:21 ----D---- C:\WINDOWS\WBEM
2009-06-12 20:38:28 ----HDC---- C:\WINDOWS\ie8
2009-06-12 20:38:28 ----D---- C:\WINDOWS\system32\fr-FR
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\java.exe
2009-06-12 20:10:40 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-12 20:08:55 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-06-12 20:07:27 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-06-12 20:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2009-06-12 20:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2009-06-12 20:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-06-12 20:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-06-12 19:22:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-06-12 19:21:47 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-06-12 19:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-06-12 19:21:02 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-06-12 19:17:03 ----A---- C:\WINDOWS\system32\MRT.exe
2009-06-12 19:16:57 ----D---- C:\WINDOWS\network diagnostic
2009-06-12 19:16:54 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-06-12 19:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-06-12 19:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-12 19:04:24 ----D---- C:\Program Files\NOS
2009-06-12 19:04:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-06-12 18:31:55 ----D---- C:\_OTM
2009-06-12 17:49:27 ----D---- C:\Documents and Settings\solene\Application Data\Malwarebytes
2009-06-12 17:49:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-06-12 17:49:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-12 17:46:46 ----SD---- C:\ComboFix
2009-06-12 17:34:42 ----D---- C:\WINDOWS\temp
2009-06-12 17:34:40 ----A---- C:\ComboFix.txt
2009-06-12 17:12:37 ----D---- C:\WINDOWS\ERDNT
2009-06-12 16:34:49 ----D---- C:\Program Files\trend micro
2009-06-12 16:34:45 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2009-06-12 21:00:26 ----D---- C:\Program Files\Mozilla Firefox
2009-06-12 20:57:54 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-12 20:57:15 ----SD---- C:\WINDOWS\Tasks
2009-06-12 20:55:43 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-12 20:47:51 ----D---- C:\WINDOWS
2009-06-12 20:47:45 ----D---- C:\WINDOWS\system32
2009-06-12 20:46:19 ----D---- C:\WINDOWS\Help
2009-06-12 20:46:19 ----D---- C:\Program Files\Internet Explorer
2009-06-12 20:46:18 ----D---- C:\WINDOWS\system32\dllcache
2009-06-12 20:44:48 ----HD---- C:\WINDOWS\inf
2009-06-12 20:44:12 ----HD---- C:\WINDOWS\$hf_mig$
2009-06-12 20:44:08 ----A---- C:\WINDOWS\imsins.BAK
2009-06-12 20:41:02 ----D---- C:\WINDOWS\Media
2009-06-12 20:23:02 ----D---- C:\WINDOWS\system32\Lang
2009-06-12 20:09:54 ----SHD---- C:\WINDOWS\Installer
2009-06-12 20:09:46 ----D---- C:\Program Files\Java
2009-06-12 19:42:32 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-12 19:08:25 ----D---- C:\Program Files\Adobe
2009-06-12 19:04:24 ----RD---- C:\Program Files
2009-06-12 19:00:42 ----D---- C:\Program Files\Fichiers communs
2009-06-12 17:58:01 ----D---- C:\WINDOWS\system32\drivers
2009-06-12 17:47:11 ----D---- C:\WINDOWS\system32\Restore
2009-06-12 17:47:10 ----SHD---- C:\System Volume Information
2009-06-12 17:24:23 ----A---- C:\WINDOWS\system.ini
2009-06-12 17:19:45 ----D---- C:\WINDOWS\system32\config
2009-06-12 17:17:55 ----D---- C:\WINDOWS\AppPatch
2009-06-12 16:47:41 ----D---- C:\WINDOWS\PREFETCH
2009-06-12 10:22:16 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-05-25 22:18:36 ----D---- C:\Program Files\NavNT
2009-05-13 07:04:17 ----A---- C:\WINDOWS\system32\wininet.dll
2009-05-13 07:04:17 ----A---- C:\WINDOWS\system32\mshtml.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R2 MTC0001_RMC;Remove Control Device; C:\WINDOWS\system32\drivers\RMC.sys [2005-04-22 13912]
R2 NAVAPEL;NAVAPEL; \??\C:\Program Files\NavNT\NAVAPEL.SYS []
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-22 1034752]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2004-11-01 229720]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 PRISM_A02;802.11g USB 2.0 adapter; C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-03-30 374816]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2005-02-23 228992]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584]
R3 Slazldrv;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slazldrv.sys [2005-01-05 226768]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2004-11-01 13216]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-03-04 189152]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-04-04 160768]
R3 ULI5261;ULi Based Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN.SYS [2004-12-31 28160]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-05 17024]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5523;3Com OfficeConnect Wireless 108Mbps 11g USB Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5523.sys []
S3 ATHFMWDL;3Com USB Wireless Adapter Bootloader driver; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys []
S3 HdAudAddService;Pilote de fonction Microsoft UAA pour Service High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2004-11-01 1396048]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2004-11-01 100176]
S3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-05 36864]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-22 360448]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2005-05-11 221266]
R2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2005-05-11 110672]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-05-11 61440]
R2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [2001-09-26 32768]
R2 GenericHidService;Generic Service for HID Keyboard Input Collections; c:\APPS\HIDSERVICE\HIDSERVICE.exe [2005-01-07 49152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-12 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [2001-09-26 462848]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2004-11-01 57344]
R2 Wlancfg;Service de lancement de WlanCfg; C:\Program Files\Inventel\Gateway\wlancfg.exe [2004-12-20 1462272]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MySqlInventime;MySqlInventime; c:\mysql\bin\mysqld-max-nt MySqlInventime []
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
Par contre, je dois y aller. Je serai de retour demain matin.
Merci beaucoup pour ton aide!
Ton PC va bien ?
A demain.
Fais un scan en ligne ici : http://webscanner.kaspersky.fr/ (Avec Internet Explorer)
En bas à droite, clique sur Démarrer Online-scanner.
Dans la nouvelle fenêtre qui s'affiche, clique sur J'accepte.
Accepte les Contrôles ActiveX.
Choisis Poste de travail pour le scan.
Celui-ci terminé, sauvegarde (Choisis fichier texte) et poste le rapport.
Pour t'aider à utiliser le scan en ligne : Tutoriel
Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.
A demain.
Note : Si tu reçois le message La licence de Kaspersky On-line Scanner est périmée, va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte-toi sur le site de Kaspersky pour retenter le scan en ligne.
.
Bonjour!
Voici le rapport:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: rapport d'analyse
samedi 13 juin 2009
Système d'exploitation : Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Version de Kaspersky Online Scanner : 7.0.26.13
Dernière mise à jour de la base : Saturday, June 13, 2009 10:03:36
Enregistrements dans la base : 2338930
--------------------------------------------------------------------------------
Paramètres d'analyse:
analyser avec la base suivante: étendue
Analyser les archives: oui
Analyser les bases de messagerie: oui
Zone d'analyse - Poste de travail:
C:\
D:\
Statistiques d'analyse:
Objets analysés: 66325
Menaces trouvées: 4
Objets infectés trouvés: 58
Objets suspects trouvés: 0
Durée d'analyse: 01:47:19
Nom de fichier / Menace / Compteur de menaces
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\030C0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04500000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05BC0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05BC0001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05BC0002.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\076C0000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07B40000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08980000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\089C0000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40001.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80001.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A580000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A880000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A880001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A880002.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B7C0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B7C0001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B800000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B800001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B800002.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00002.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00003.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00004.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0CE40001.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0DC00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0DC80000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E380000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E600000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E600001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740000.VBN Infecté : Trojan.Win32.Stuh.orq 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740001.VBN Infecté : Trojan.Win32.Stuh.orq 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740005.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740006.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740007.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740008.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E74000D.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E74000E.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E74000F.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740010.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740011.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740014.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740015.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740016.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740017.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0EA40000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0EC40000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F740000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FA80000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE80000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FF00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FFC0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\solene\Bureau\Setup.exe Infecté : not-a-virus:WebToolbar.Win32.Zango.ag 1
C:\_OTM\MovedFiles\06122009_183155\WINDOWS\system32\waremilo.dll Infecté : Trojan.Win32.Monder.cmwt 1
La zone sélectionnée a été analysée.
Voici le rapport:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: rapport d'analyse
samedi 13 juin 2009
Système d'exploitation : Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Version de Kaspersky Online Scanner : 7.0.26.13
Dernière mise à jour de la base : Saturday, June 13, 2009 10:03:36
Enregistrements dans la base : 2338930
--------------------------------------------------------------------------------
Paramètres d'analyse:
analyser avec la base suivante: étendue
Analyser les archives: oui
Analyser les bases de messagerie: oui
Zone d'analyse - Poste de travail:
C:\
D:\
Statistiques d'analyse:
Objets analysés: 66325
Menaces trouvées: 4
Objets infectés trouvés: 58
Objets suspects trouvés: 0
Durée d'analyse: 01:47:19
Nom de fichier / Menace / Compteur de menaces
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\030C0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04500000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05BC0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05BC0001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05BC0002.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\076C0000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07B40000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08980000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\089C0000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08B40001.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\08D80001.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A580000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A880000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A880001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0A880002.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B7C0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B7C0001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B800000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B800001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0B800002.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00002.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00003.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0BE00004.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0CE40001.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0DC00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0DC80000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E380000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E600000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E600001.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740000.VBN Infecté : Trojan.Win32.Stuh.orq 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740001.VBN Infecté : Trojan.Win32.Stuh.orq 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740005.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740006.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740007.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740008.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E74000D.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E74000E.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E74000F.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740010.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740011.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740014.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740015.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740016.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0E740017.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0EA40000.VBN Infecté : Trojan.Win32.Monder.cmwt 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0EC40000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F740000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FA80000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FE80000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FF00000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0FFC0000.VBN Infecté : Packed.Win32.Krap.q 1
C:\Documents and Settings\solene\Bureau\Setup.exe Infecté : not-a-virus:WebToolbar.Win32.Zango.ag 1
C:\_OTM\MovedFiles\06122009_183155\WINDOWS\system32\waremilo.dll Infecté : Trojan.Win32.Monder.cmwt 1
La zone sélectionnée a été analysée.
1/
Désinstalle HijackThis.
Télécharge ToolsCleaner2 sur ton Bureau.
Double-clique sur ToolsCleaner2.exe pour le lancer.
Clique sur Recherche et laisse le scan agir.
Clique sur Suppression pour finaliser.
Tu peux, si tu le souhaites, te servir des Options Facultatives.
Clique sur Quitter pour obtenir le rapport.
Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
Télécharge et installe CCleaner Slim.
Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.
3/
Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.
==Prévention==
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
Si tu estimes que ton problème est résolu :
---> Ajoute maintenant [Résolu] au titre. Pour cela :
Clique, dans ton premier message, sur le bouton Editer ![]()
.
Rajoute la mention [Résolu] devant le titre.
Clique ensuite sur Valider votre message.
Sois plus vigilant(e) sur Internet![;)]( ";)")
2/
3/
==Prévention==
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
Si tu estimes que ton problème est résolu :
---> Ajoute maintenant [Résolu] au titre. Pour cela :
.Sois plus vigilant(e) sur Internet
Voici le rapport TCleaner:
[ Rapport ToolsCleaner version 2.3.6 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\Combofix.txt: trouvé !
C:\Combofix: trouvé !
C:\_OTM: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\solene\Bureau\OTM.exe: trouvé !
C:\Documents and Settings\solene\Bureau\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\solene\Bureau\OTM.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Documents and Settings\solene\Bureau\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\_OTM: supprimé !
C:\Rsit: supprimé !
[ Rapport ToolsCleaner version 2.3.6 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\Combofix.txt: trouvé !
C:\Combofix: trouvé !
C:\_OTM: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\solene\Bureau\OTM.exe: trouvé !
C:\Documents and Settings\solene\Bureau\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\solene\Bureau\OTM.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Documents and Settings\solene\Bureau\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\_OTM: supprimé !
C:\Rsit: supprimé !
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus trojan horse generic
- ForumVirus trojan generic detecte par bitdefender
- ForumVirus trojan generic impossible a eliminer
- ForumLaggs sur mes jeux , virus trojan generic
- ForumVirus trojan generic 251238
- ForumVirus trojan generic
- ForumVirus trojan win32 generic
- ForumVirus trojan horse generic 9.awnq
- ForumVirus trojan startpage résolu
- ForumPb virus trojan dialer generic
- Voir plus
