Rapport hijack rsit. ordi qui rame
Dernière réponse : dans Sécurité
Bonjour,
Depuis une semaine mon ordi rame, le conseil était de faire un rapport RSIT, mais apres je sais pas trop quoi supprimer.
Si qelqu'un peut m'aider.
Merci
Logfile of random's system information tool 1.06 (written by random/random)
Run by darty at 2009-11-19 12:22:46
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 24 GB (35%) free of 69 GB
Total RAM: 1023 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:57, on 19/11/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\darty\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\darty.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
--
End of file - 5446 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{6AD8BF81-6EB3-441D-AD5F-B915DBEB3EB4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-17 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-09 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-17 149280]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooquickpdfv7]
C:\Windows\system32\oopmagentts.exe [2007-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2007-12-10 695808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-11 778240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MultiFrame.lnk]
C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-12-29 991600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
C:\PROGRA~1\PDFCRE~1\PDFCRE~1.EXE [2009-03-20 2859008]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}]
shell\AutoRun\command - F:\setup.exe -SMS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}]
shell\AutoRun\command - eyt.exe
shell\open\command - eyt.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}]
shell\AutoRun\command - H:\fsaht.cmd
shell\open\command - H:\fsaht.cmd
======List of files/folders created in the last 1 months======
2009-11-19 11:36:20 ----D---- C:\rsit
2009-11-18 13:08:06 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-14 10:30:19 ----D---- C:\Users\darty\AppData\Roaming\CloneSpy
2009-11-12 12:42:54 ----D---- C:\Users\darty\AppData\Roaming\Icones
2009-11-12 12:42:54 ----D---- C:\Program Files\Winsudate
2009-11-12 12:35:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 14:52:50 ----A---- C:\Windows\IsUn040c.exe
2009-11-09 14:20:03 ----D---- C:\Users\darty\AppData\Roaming\DAEMON Tools Lite
2009-11-09 14:19:59 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-11-04 12:19:16 ----HD---- C:\ProgramData\CanonBJ
2009-11-04 10:20:33 ----A---- C:\Windows\system32\mshtml.dll
2009-10-29 00:05:27 ----D---- C:\Users\darty\AppData\Roaming\vlc
2009-10-28 10:36:18 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 10:36:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 10:36:03 ----A---- C:\Windows\system32\spwmp.dll
2009-10-28 10:36:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-10-28 10:35:58 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-25 15:32:58 ----D---- C:\Users\darty\AppData\Roaming\Faerie Solitaire
2009-10-25 14:34:07 ----D---- C:\ProgramData\Adobe
2009-10-23 09:42:27 ----D---- C:\Windows\system32\QuickTime
2009-10-23 09:42:20 ----A---- C:\Windows\system32\rmoc3260.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5032.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5016.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\MACDec.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp6vfw.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp31vfw.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\mpg4c32.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\huffyuv.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vsfilter.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vorbisfile.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vobsub.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\unrar.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\OpenQuicktimeLib.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivxVfWCodec.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivx.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidvfw.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidcore.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbisenc.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbis.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\OggDS.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\ogg.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\WMV9VCM.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\divx.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\msvcr70.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\cpuinf32.dll
2009-10-23 09:42:12 ----D---- C:\Users\darty\AppData\Roaming\Real
2009-10-23 09:42:12 ----D---- C:\ProgramData\Real
2009-10-22 22:23:43 ----D---- C:\Program Files\Movie Maker 2.6
2009-10-22 21:41:03 ----D---- C:\ProgramData\FLEXnet
2009-10-22 15:55:49 ----D---- C:\Program Files\Solitaire Cruise
2009-10-22 14:10:55 ----A---- C:\Windows\system32\wininet.dll
2009-10-22 14:10:52 ----A---- C:\Windows\system32\urlmon.dll
2009-10-22 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\mstime.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-22 14:10:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\occache.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\iertutil.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\ieencode.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\icardie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\ieui.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\advpack.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\admparse.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iesetup.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iernonce.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieakui.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-20 18:43:34 ----D---- C:\Users\darty\AppData\Roaming\PoBros
2009-10-20 13:04:36 ----D---- C:\Users\darty\AppData\Roaming\MBT
======List of files/folders modified in the last 1 months======
2009-11-19 12:22:55 ----D---- C:\Windows\Temp
2009-11-19 12:22:09 ----HD---- C:\ProgramData
2009-11-19 12:20:04 ----SHD---- C:\Windows\Installer
2009-11-19 12:19:45 ----D---- C:\Windows\system32\drivers
2009-11-19 12:18:56 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Adobe
2009-11-19 12:10:16 ----D---- C:\Program Files\Adobe
2009-11-19 12:09:35 ----RD---- C:\Program Files
2009-11-19 12:09:35 ----D---- C:\Windows\System32
2009-11-19 12:07:55 ----D---- C:\Windows\Prefetch
2009-11-19 12:03:07 ----D---- C:\Windows\winsxs
2009-11-19 11:59:13 ----D---- C:\Users\darty\AppData\Roaming\Adobe
2009-11-19 11:56:12 ----D---- C:\Program Files\Common Files
2009-11-19 11:33:07 ----SD---- C:\Windows\Downloaded Program Files
2009-11-19 11:27:14 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 01:57:15 ----D---- C:\Windows
2009-11-19 01:03:29 ----D---- C:\Program Files\Google
2009-11-19 01:01:36 ----SHD---- C:\System Volume Information
2009-11-19 01:00:29 ----D---- C:\Users\darty\AppData\Roaming\uTorrent
2009-11-18 21:40:30 ----D---- C:\Users\darty\AppData\Roaming\Identities
2009-11-18 21:40:28 ----D---- C:\Users\darty\AppData\Roaming\Zylom
2009-11-17 22:55:57 ----D---- C:\ProgramData\Google
2009-11-14 15:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-14 15:14:57 ----D---- C:\Windows\inf
2009-11-14 15:13:14 ----D---- C:\Users\darty\AppData\Roaming\dvdcss
2009-11-14 11:05:41 ----D---- C:\Users\darty\AppData\Roaming\LimeWire
2009-11-12 21:36:12 ----D---- C:\Windows\system32\catroot
2009-11-12 21:33:18 ----D---- C:\Program Files\Windows Mail
2009-11-12 21:28:08 ----D---- C:\ProgramData\Microsoft Help
2009-11-12 12:45:49 ----SHD---- C:\$Recycle.Bin
2009-11-12 12:42:54 ----D---- C:\Program Files\Internet Explorer
2009-11-12 12:27:52 ----D---- C:\Windows\system32\catroot2
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-31 10:08:31 ----D---- C:\Program Files\Windows Media Player
2009-10-31 10:08:30 ----D---- C:\Windows\system32\fr-FR
2009-10-24 09:18:27 ----D---- C:\Windows\system32\migration
2009-10-24 09:18:26 ----D---- C:\Windows\AppPatch
2009-10-22 21:40:09 ----D---- C:\Windows\system32\Tasks
2009-10-22 14:49:50 ----D---- C:\Program Files\VideoLAN
2009-10-21 21:06:50 ----AD---- C:\ProgramData\TEMP
2009-10-21 13:11:01 ----D---- C:\Program Files\RealArcade
2009-10-21 13:11:01 ----D---- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-24 12464]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-16 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 2305536]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-09 82432]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-21 1132544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-12-21 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-24 54784]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-10 24576]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S4 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-11 69120]
-----------------EOF-----------------
Depuis une semaine mon ordi rame, le conseil était de faire un rapport RSIT, mais apres je sais pas trop quoi supprimer.
Si qelqu'un peut m'aider.
Merci
Logfile of random's system information tool 1.06 (written by random/random)
Run by darty at 2009-11-19 12:22:46
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 24 GB (35%) free of 69 GB
Total RAM: 1023 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:57, on 19/11/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\darty\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\darty.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
--
End of file - 5446 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{6AD8BF81-6EB3-441D-AD5F-B915DBEB3EB4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-17 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-09 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-17 149280]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooquickpdfv7]
C:\Windows\system32\oopmagentts.exe [2007-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2007-12-10 695808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-11 778240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MultiFrame.lnk]
C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-12-29 991600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
C:\PROGRA~1\PDFCRE~1\PDFCRE~1.EXE [2009-03-20 2859008]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}]
shell\AutoRun\command - F:\setup.exe -SMS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}]
shell\AutoRun\command - eyt.exe
shell\open\command - eyt.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}]
shell\Auto\command - F:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}]
shell\Auto\command - AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}]
shell\AutoRun\command - H:\fsaht.cmd
shell\open\command - H:\fsaht.cmd
======List of files/folders created in the last 1 months======
2009-11-19 11:36:20 ----D---- C:\rsit
2009-11-18 13:08:06 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-14 10:30:19 ----D---- C:\Users\darty\AppData\Roaming\CloneSpy
2009-11-12 12:42:54 ----D---- C:\Users\darty\AppData\Roaming\Icones
2009-11-12 12:42:54 ----D---- C:\Program Files\Winsudate
2009-11-12 12:35:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 14:52:50 ----A---- C:\Windows\IsUn040c.exe
2009-11-09 14:20:03 ----D---- C:\Users\darty\AppData\Roaming\DAEMON Tools Lite
2009-11-09 14:19:59 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-11-04 12:19:16 ----HD---- C:\ProgramData\CanonBJ
2009-11-04 10:20:33 ----A---- C:\Windows\system32\mshtml.dll
2009-10-29 00:05:27 ----D---- C:\Users\darty\AppData\Roaming\vlc
2009-10-28 10:36:18 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 10:36:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 10:36:03 ----A---- C:\Windows\system32\spwmp.dll
2009-10-28 10:36:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-10-28 10:35:58 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-25 15:32:58 ----D---- C:\Users\darty\AppData\Roaming\Faerie Solitaire
2009-10-25 14:34:07 ----D---- C:\ProgramData\Adobe
2009-10-23 09:42:27 ----D---- C:\Windows\system32\QuickTime
2009-10-23 09:42:20 ----A---- C:\Windows\system32\rmoc3260.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5032.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5016.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\MACDec.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp6vfw.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp31vfw.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\mpg4c32.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\huffyuv.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vsfilter.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vorbisfile.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vobsub.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\unrar.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\OpenQuicktimeLib.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivxVfWCodec.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivx.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidvfw.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidcore.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbisenc.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbis.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\OggDS.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\ogg.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\WMV9VCM.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\divx.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\msvcr70.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\cpuinf32.dll
2009-10-23 09:42:12 ----D---- C:\Users\darty\AppData\Roaming\Real
2009-10-23 09:42:12 ----D---- C:\ProgramData\Real
2009-10-22 22:23:43 ----D---- C:\Program Files\Movie Maker 2.6
2009-10-22 21:41:03 ----D---- C:\ProgramData\FLEXnet
2009-10-22 15:55:49 ----D---- C:\Program Files\Solitaire Cruise
2009-10-22 14:10:55 ----A---- C:\Windows\system32\wininet.dll
2009-10-22 14:10:52 ----A---- C:\Windows\system32\urlmon.dll
2009-10-22 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\mstime.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-22 14:10:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\occache.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\iertutil.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\ieencode.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\icardie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\ieui.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\advpack.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\admparse.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iesetup.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iernonce.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieakui.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-20 18:43:34 ----D---- C:\Users\darty\AppData\Roaming\PoBros
2009-10-20 13:04:36 ----D---- C:\Users\darty\AppData\Roaming\MBT
======List of files/folders modified in the last 1 months======
2009-11-19 12:22:55 ----D---- C:\Windows\Temp
2009-11-19 12:22:09 ----HD---- C:\ProgramData
2009-11-19 12:20:04 ----SHD---- C:\Windows\Installer
2009-11-19 12:19:45 ----D---- C:\Windows\system32\drivers
2009-11-19 12:18:56 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Adobe
2009-11-19 12:10:16 ----D---- C:\Program Files\Adobe
2009-11-19 12:09:35 ----RD---- C:\Program Files
2009-11-19 12:09:35 ----D---- C:\Windows\System32
2009-11-19 12:07:55 ----D---- C:\Windows\Prefetch
2009-11-19 12:03:07 ----D---- C:\Windows\winsxs
2009-11-19 11:59:13 ----D---- C:\Users\darty\AppData\Roaming\Adobe
2009-11-19 11:56:12 ----D---- C:\Program Files\Common Files
2009-11-19 11:33:07 ----SD---- C:\Windows\Downloaded Program Files
2009-11-19 11:27:14 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 01:57:15 ----D---- C:\Windows
2009-11-19 01:03:29 ----D---- C:\Program Files\Google
2009-11-19 01:01:36 ----SHD---- C:\System Volume Information
2009-11-19 01:00:29 ----D---- C:\Users\darty\AppData\Roaming\uTorrent
2009-11-18 21:40:30 ----D---- C:\Users\darty\AppData\Roaming\Identities
2009-11-18 21:40:28 ----D---- C:\Users\darty\AppData\Roaming\Zylom
2009-11-17 22:55:57 ----D---- C:\ProgramData\Google
2009-11-14 15:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-14 15:14:57 ----D---- C:\Windows\inf
2009-11-14 15:13:14 ----D---- C:\Users\darty\AppData\Roaming\dvdcss
2009-11-14 11:05:41 ----D---- C:\Users\darty\AppData\Roaming\LimeWire
2009-11-12 21:36:12 ----D---- C:\Windows\system32\catroot
2009-11-12 21:33:18 ----D---- C:\Program Files\Windows Mail
2009-11-12 21:28:08 ----D---- C:\ProgramData\Microsoft Help
2009-11-12 12:45:49 ----SHD---- C:\$Recycle.Bin
2009-11-12 12:42:54 ----D---- C:\Program Files\Internet Explorer
2009-11-12 12:27:52 ----D---- C:\Windows\system32\catroot2
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-31 10:08:31 ----D---- C:\Program Files\Windows Media Player
2009-10-31 10:08:30 ----D---- C:\Windows\system32\fr-FR
2009-10-24 09:18:27 ----D---- C:\Windows\system32\migration
2009-10-24 09:18:26 ----D---- C:\Windows\AppPatch
2009-10-22 21:40:09 ----D---- C:\Windows\system32\Tasks
2009-10-22 14:49:50 ----D---- C:\Program Files\VideoLAN
2009-10-21 21:06:50 ----AD---- C:\ProgramData\TEMP
2009-10-21 13:11:01 ----D---- C:\Program Files\RealArcade
2009-10-21 13:11:01 ----D---- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-24 12464]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-16 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 2305536]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-09 82432]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-21 1132544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-12-21 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-24 54784]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-10 24576]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S4 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-11 69120]
-----------------EOF-----------------
Autres pages sur : rapport hijack rsit ordi rame
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
Double-clique sur UsbFix pour l'exécuter.
Choisis l'option 1 (Recherche).
Laisse travailler l'outil.
Poste le rapport UsbFix.txt.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Kaspersky, etc.) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Et voila
merci de votre aide par avance
############################## | UsbFix V6.055 |
User : darty (Administrateurs) # AMANDINE
Update on 18/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:18:58 | 19/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6000 32-bit) #
Internet Explorer 7.0.6000.16916
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 091119-1] 4.8.1356 [ Enabled | Updated ]
C:\ -> Disque fixe local # 67,07 Go (28,62 Go free) [VistaOS] # NTFS
D:\ -> Disque fixe local # 39,83 Go (12,12 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Windows\System32\smss.exe 416
C:\Windows\system32\csrss.exe 540
C:\Windows\system32\wininit.exe 588
C:\Windows\system32\csrss.exe 600
C:\Windows\system32\services.exe 632
C:\Windows\system32\lsass.exe 644
C:\Windows\system32\lsm.exe 652
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 832
C:\Windows\system32\svchost.exe 904
C:\Windows\System32\svchost.exe 960
C:\Windows\system32\Ati2evxx.exe 1044
C:\Windows\System32\svchost.exe 1060
C:\Windows\System32\svchost.exe 1104
C:\Windows\system32\svchost.exe 1132
C:\Windows\system32\SLsvc.exe 1240
C:\Windows\system32\svchost.exe 1280
C:\Windows\system32\svchost.exe 1432
C:\Windows\system32\Ati2evxx.exe 1504
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1604
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1624
C:\Program Files\ATK Hotkey\Hcontrol.exe 1648
C:\Program Files\ATKOSD2\ATKOSD2.exe 1656
C:\Program Files\Wireless Console 2\wcourier.exe 1668
C:\Program Files\ASUS\Splendid\ACMON.exe 1676
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1684
C:\Program Files\P4G\BatteryLife.exe 1692
C:\Windows\System32\ACEngSvr.exe 1748
C:\Program Files\ATK Hotkey\ATKOSD.exe 1824
C:\Windows\system32\Dwm.exe 408
C:\Windows\Explorer.EXE 1372
C:\Windows\System32\spoolsv.exe 1800
C:\Windows\system32\svchost.exe 1008
C:\Windows\system32\taskeng.exe 680
C:\Program Files\Windows Defender\MSASCui.exe 2308
C:\Windows\RtHDVCpl.exe 2408
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2620
C:\Program Files\Java\jre6\bin\jusched.exe 2656
C:\Program Files\ASUS\ATK Media\DMedia.exe 2664
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2752
C:\Program Files\Windows Sidebar\sidebar.exe 2948
C:\Windows\ehome\ehtray.exe 2956
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2996
C:\Windows\ehome\ehmsas.exe 3004
C:\Windows\system32\svchost.exe 3288
C:\Windows\system32\drivers\CDAC11BA.EXE 3328
C:\Program Files\CDBurnerXP\NMSAccessU.exe 3404
C:\Windows\system32\svchost.exe 3560
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe 3576
C:\Windows\system32\svchost.exe 3588
C:\Windows\System32\StkCSrv.exe 3608
C:\Windows\System32\svchost.exe 3660
C:\Windows\system32\SearchIndexer.exe 3684
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 4012
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 4048
C:\Windows\system32\taskeng.exe 2560
C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2568
C:\Windows\system32\wbem\wmiprvse.exe 2864
C:\Windows\system32\wbem\unsecapp.exe 2280
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3176
C:\Windows\system32\wuauclt.exe 5740
C:\Program Files\Mozilla Firefox\firefox.exe 5148
C:\Windows\system32\SearchProtocolHost.exe 4612
C:\Windows\system32\conime.exe 4716
C:\Windows\system32\wbem\wmiprvse.exe 3148
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\G
shell\AutoRun\command =eyt.exe
shell\open\Command =eyt.exe
HKCU\..\..\Explorer\MountPoints2\H
shell\Auto\command =AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}
shell\Auto\command =F:\AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}
shell\AutoRun\command =F:\setup.exe -SMS
HKCU\..\..\Explorer\MountPoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}
shell\AutoRun\command =eyt.exe
shell\open\Command =eyt.exe
HKCU\..\..\Explorer\MountPoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}
shell\Auto\command =F:\AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}
shell\Auto\command =AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}
shell\AutoRun\command =H:\fsaht.cmd
shell\open\Command =H:\fsaht.cmd
################## | Cracks / Keygens / Serials |
"C:\Users\darty\Documents\Virtual DJ Pro v5.0 (Crack)\virtualdj_trial.exe"
16/09/2007 21:24 |Size 13283830 |Crc32 73cea9cd |Md5 f5e4257248f26f66b25e49d4595ccdf5
################## | ! Fin du rapport # UsbFix V6.055 ! |
merci de votre aide par avance
############################## | UsbFix V6.055 |
User : darty (Administrateurs) # AMANDINE
Update on 18/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:18:58 | 19/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6000 32-bit) #
Internet Explorer 7.0.6000.16916
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 091119-1] 4.8.1356 [ Enabled | Updated ]
C:\ -> Disque fixe local # 67,07 Go (28,62 Go free) [VistaOS] # NTFS
D:\ -> Disque fixe local # 39,83 Go (12,12 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Windows\System32\smss.exe 416
C:\Windows\system32\csrss.exe 540
C:\Windows\system32\wininit.exe 588
C:\Windows\system32\csrss.exe 600
C:\Windows\system32\services.exe 632
C:\Windows\system32\lsass.exe 644
C:\Windows\system32\lsm.exe 652
C:\Windows\system32\winlogon.exe 728
C:\Windows\system32\svchost.exe 832
C:\Windows\system32\svchost.exe 904
C:\Windows\System32\svchost.exe 960
C:\Windows\system32\Ati2evxx.exe 1044
C:\Windows\System32\svchost.exe 1060
C:\Windows\System32\svchost.exe 1104
C:\Windows\system32\svchost.exe 1132
C:\Windows\system32\SLsvc.exe 1240
C:\Windows\system32\svchost.exe 1280
C:\Windows\system32\svchost.exe 1432
C:\Windows\system32\Ati2evxx.exe 1504
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1604
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1624
C:\Program Files\ATK Hotkey\Hcontrol.exe 1648
C:\Program Files\ATKOSD2\ATKOSD2.exe 1656
C:\Program Files\Wireless Console 2\wcourier.exe 1668
C:\Program Files\ASUS\Splendid\ACMON.exe 1676
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1684
C:\Program Files\P4G\BatteryLife.exe 1692
C:\Windows\System32\ACEngSvr.exe 1748
C:\Program Files\ATK Hotkey\ATKOSD.exe 1824
C:\Windows\system32\Dwm.exe 408
C:\Windows\Explorer.EXE 1372
C:\Windows\System32\spoolsv.exe 1800
C:\Windows\system32\svchost.exe 1008
C:\Windows\system32\taskeng.exe 680
C:\Program Files\Windows Defender\MSASCui.exe 2308
C:\Windows\RtHDVCpl.exe 2408
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 2620
C:\Program Files\Java\jre6\bin\jusched.exe 2656
C:\Program Files\ASUS\ATK Media\DMedia.exe 2664
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 2752
C:\Program Files\Windows Sidebar\sidebar.exe 2948
C:\Windows\ehome\ehtray.exe 2956
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 2996
C:\Windows\ehome\ehmsas.exe 3004
C:\Windows\system32\svchost.exe 3288
C:\Windows\system32\drivers\CDAC11BA.EXE 3328
C:\Program Files\CDBurnerXP\NMSAccessU.exe 3404
C:\Windows\system32\svchost.exe 3560
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe 3576
C:\Windows\system32\svchost.exe 3588
C:\Windows\System32\StkCSrv.exe 3608
C:\Windows\System32\svchost.exe 3660
C:\Windows\system32\SearchIndexer.exe 3684
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 4012
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 4048
C:\Windows\system32\taskeng.exe 2560
C:\Program Files\ASUS\ASUS Live Update\ALU.exe 2568
C:\Windows\system32\wbem\wmiprvse.exe 2864
C:\Windows\system32\wbem\unsecapp.exe 2280
C:\Program Files\Windows Live\Contacts\wlcomm.exe 3176
C:\Windows\system32\wuauclt.exe 5740
C:\Program Files\Mozilla Firefox\firefox.exe 5148
C:\Windows\system32\SearchProtocolHost.exe 4612
C:\Windows\system32\conime.exe 4716
C:\Windows\system32\wbem\wmiprvse.exe 3148
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
HKCU\..\..\Explorer\MountPoints2\G
shell\AutoRun\command =eyt.exe
shell\open\Command =eyt.exe
HKCU\..\..\Explorer\MountPoints2\H
shell\Auto\command =AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}
shell\Auto\command =F:\AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}
shell\AutoRun\command =F:\setup.exe -SMS
HKCU\..\..\Explorer\MountPoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}
shell\AutoRun\command =eyt.exe
shell\open\Command =eyt.exe
HKCU\..\..\Explorer\MountPoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}
shell\Auto\command =F:\AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}
shell\Auto\command =AdobeR.exe e
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
HKCU\..\..\Explorer\MountPoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}
shell\AutoRun\command =H:\fsaht.cmd
shell\open\Command =H:\fsaht.cmd
################## | Cracks / Keygens / Serials |
"C:\Users\darty\Documents\Virtual DJ Pro v5.0 (Crack)\virtualdj_trial.exe"
16/09/2007 21:24 |Size 13283830 |Crc32 73cea9cd |Md5 f5e4257248f26f66b25e49d4595ccdf5
################## | ! Fin du rapport # UsbFix V6.055 ! |
Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
############################## | UsbFix V6.055 |
User : darty (Administrateurs) # AMANDINE
Update on 18/11/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:51:44 | 19/11/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6000 32-bit) #
Internet Explorer 7.0.6000.16916
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1356 [VPS 091119-1] 4.8.1356 [ Enabled | Updated ]
C:\ -> Disque fixe local # 67,07 Go (28,82 Go free) [VistaOS] # NTFS
D:\ -> Disque fixe local # 39,83 Go (12,12 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
############################## | Processus actifs |
C:\Windows\System32\smss.exe 416
C:\Windows\system32\csrss.exe 544
C:\Windows\system32\wininit.exe 592
C:\Windows\system32\csrss.exe 604
C:\Windows\system32\services.exe 636
C:\Windows\system32\lsass.exe 648
C:\Windows\system32\lsm.exe 656
C:\Windows\system32\winlogon.exe 732
C:\Windows\system32\svchost.exe 844
C:\Windows\system32\svchost.exe 916
C:\Windows\System32\svchost.exe 948
C:\Windows\system32\Ati2evxx.exe 1040
C:\Windows\System32\svchost.exe 1064
C:\Windows\System32\svchost.exe 1088
C:\Windows\system32\svchost.exe 1108
C:\Windows\system32\SLsvc.exe 1244
C:\Windows\system32\svchost.exe 1292
C:\Windows\system32\svchost.exe 1440
C:\Program Files\ATK Hotkey\ASLDRSrv.exe 1560
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1572
C:\Program Files\ATK Hotkey\Hcontrol.exe 1592
C:\Program Files\ATKOSD2\ATKOSD2.exe 1600
C:\Program Files\Wireless Console 2\wcourier.exe 1608
C:\Program Files\ASUS\Splendid\ACMON.exe 1616
C:\Program Files\P4G\BatteryLife.exe 1624
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1636
C:\Windows\System32\ACEngSvr.exe 1712
C:\Program Files\ATK Hotkey\ATKOSD.exe 1868
C:\Windows\system32\Ati2evxx.exe 124
C:\Windows\system32\Dwm.exe 588
C:\Windows\Explorer.EXE 1412
C:\Windows\System32\spoolsv.exe 1012
C:\Windows\system32\runonce.exe 1864
C:\Windows\system32\svchost.exe 1972
C:\Windows\system32\taskeng.exe 348
C:\Windows\system32\svchost.exe 2588
C:\Windows\system32\drivers\CDAC11BA.EXE 2616
C:\Program Files\CDBurnerXP\NMSAccessU.exe 2716
C:\Windows\system32\svchost.exe 2864
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe 2880
C:\Windows\system32\svchost.exe 2900
C:\Windows\System32\StkCSrv.exe 2912
C:\Windows\System32\svchost.exe 2964
C:\Windows\system32\SearchIndexer.exe 2984
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3268
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 3288
C:\Program Files\ASUS\ASUS Live Update\ALU.exe 3436
C:\Windows\system32\taskeng.exe 3452
C:\Windows\system32\wbem\wmiprvse.exe 3680
C:\Windows\system32\PresentationSettings.exe 3732
C:\Windows\system32\wbem\wmiprvse.exe 3800
C:\Program Files\Alwil Software\Avast4\setup\avast.setup 3888
################## | Fichiers # Dossiers infectieux |
################## | Registre # Clés infectieuses |
################## | Registre # Mountpoints2 |
Supprimé ! HKCU\...\Explorer\MountPoints2\G\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\H\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1e48e719-3ba7-11de-848c-a095d13e9ef0}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{21e91871-7723-11dc-a8d8-001a92e82eea}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{2d6a5b54-affd-11de-b81f-001a92e82eea}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9fd48958-1216-11dd-931d-0019d2cf6708}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{aa6928d1-36f3-11dd-ad5f-001a92e82eea}\Shell\Auto\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{e6547f0c-8393-11de-907a-0019d2cf6708}\Shell\AutoRun\Command
################## | Listing des fichiers présent |
[29/05/2009 10:41|--a------|1788] C:\aaw7boot.log
[16/02/2006 19:24|--a------|2076] C:\ASUS_22620015.icm
[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[02/11/2006 10:53|-rahs----|438840] C:\bootmgr
[10/01/2007 20:35|-ra-s----|8192] C:\BOOTSECT.BAK
[07/12/2006 04:00|--a------|23] C:\CA.txt
[18/09/2006 22:43|--a------|10] C:\config.sys
[07/10/2007 18:25|--a------|286720] C:\Debug.txt
[03/04/2007 16:59|--a------|15854] C:\devlist.txt
[18/09/2009 22:15|--a------|1967] C:\ErrLog.txt
[20/12/2006 10:45|-rah-----|524288] C:\F3JP.BIN
[09/01/2007 12:07|--a------|15] C:\F3JP_F3JR_Vista.10
[03/01/2007 12:32|-rah-----|524288] C:\F3JR.BIN
[03/04/2007 16:59|--a------|9] C:\Finish.log
[?|?|?] C:\hiberfil.sys
[08/01/2008 16:33|-rahs----|0] C:\IO.SYS
[08/01/2008 16:33|-rahs----|0] C:\MSDOS.SYS
[29/02/2004 16:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[03/04/2007 16:43|--a------|284] C:\RHDSetup.log
[16/05/2006 01:22|--a------|5] C:\Store.LOG
[19/11/2009 18:55|--a------|4935] C:\UsbFix.txt
[26/10/2009 13:04|--a------|367296342] D:\Desperate.Housewives.S06E05.HDTV.XviD-NoTV.avi
[03/11/2009 22:18|--a------|333254072] D:\Desperate.Housewives.S06E06.VOSTFR.Gillop.avi
[10/11/2009 01:08|--a------|366269186] D:\Desperate.Housewives.S06E07.HDTV.XviD-P0W4.avi
[12/11/2009 15:12|--a------|366993408] D:\Desperate.Housewives.S06E07.VOSTFR.HDTV.XviD-DRAGONS.avi
[27/07/2008 23:08|--ahs----|285696] D:\ehthumbs_vista.db
[25/10/2009 15:53|--a------|324178280] D:\FlashForward.S01E05.VOSTFR.Gillop.avi
[31/10/2009 22:28|--a------|365597942] D:\FlashForward.S01E06.VOSTFR.HDTV.XviD-GKS.avi
[24/10/2009 09:57|--a------|355208528] D:\Greys.Anatomy.S06E06.VOSTFR.FASTSUB.HDTV.XviD-DFX.avi
[02/11/2009 11:43|--a------|364319794] D:\Greys.Anatomy.S06E07.VOSTFR.HDTV.XviD-GKS.avi
[12/11/2009 15:13|--a------|364851042] D:\Greys.Anatomy.S06E08.REPACK.VOSTFR.HDTV.XviD-GKS [tracker-surfer.fr].avi
[29/10/2009 16:50|--a------|725704704] D:\Loose Change - 11 septembre 2001 - Fr par Slayer91acph.avi
[27/10/2009 23:08|--a------|732997324] D:\ukd-confessions-xvid.avi
[19/09/2009 22:20|--a------|100263] D:\VirtualDJ Local Database v6.xml
[29/10/2009 17:10|--a------|719558492] D:\ZERO - Enquete sur le 11 Septembre Vostfr.avi
################## | Vaccination |
# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
################## | Suspect | http://www.virustotal.com |
################## | Cracks / Keygens / Serials |
"C:\Users\darty\Documents\Virtual DJ Pro v5.0 (Crack)\virtualdj_trial.exe"
16/09/2007 21:24 |Size 13283830 |Crc32 73cea9cd |Md5 f5e4257248f26f66b25e49d4595ccdf5
################## | ! Fin du rapport # UsbFix V6.055 ! |
Citation :
L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3196
Windows 6.0.6000
19/11/2009 19:31:34
mbam-log-2009-11-19 (19-31-34).txt
Type de recherche: Examen rapide
Eléments examinés: 90434
Temps écoulé: 5 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
Version de la base de données: 3196
Windows 6.0.6000
19/11/2009 19:31:34
mbam-log-2009-11-19 (19-31-34).txt
Type de recherche: Examen rapide
Eléments examinés: 90434
Temps écoulé: 5 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\Winsudate (Adware.Gibmedia) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Program Files\Winsudate\gibsvc.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
C:\Program Files\Winsudate\gibusr.exe (Adware.Gibmedia) -> Quarantined and deleted successfully.
Logfile of random's system information tool 1.06 (written by random/random)
Run by darty at 2009-11-19 20:05:36
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 29 GB (43%) free of 69 GB
Total RAM: 1023 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:46, on 19/11/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\darty\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\darty.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\darty\Desktop\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
--
End of file - 5309 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{6AD8BF81-6EB3-441D-AD5F-B915DBEB3EB4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-17 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-09 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-17 149280]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"uTorrent"=C:\Users\darty\Desktop\utorrent.exe [2009-11-19 289072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooquickpdfv7]
C:\Windows\system32\oopmagentts.exe [2007-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2007-12-10 695808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-11 778240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2009-11-19 289072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MultiFrame.lnk]
C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-12-29 991600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
C:\PROGRA~1\PDFCRE~1\PDFCRE~1.EXE [2009-03-20 2859008]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-11-19 18:55:03 ----RASHD---- C:\autorun.inf
2009-11-19 18:17:42 ----D---- C:\UsbFix
2009-11-19 15:50:26 ----D---- C:\Users\darty\AppData\Roaming\Ashtons Family Resort
2009-11-19 15:50:26 ----D---- C:\ProgramData\Ashtons Family Resort
2009-11-19 14:01:53 ----D---- C:\Users\darty\AppData\Roaming\Malwarebytes
2009-11-19 14:01:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-19 13:41:01 ----D---- C:\Program Files\Zylom Games
2009-11-19 12:50:59 ----D---- C:\Program Files\uTorrent
2009-11-19 11:36:20 ----D---- C:\rsit
2009-11-18 13:08:06 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-14 10:30:19 ----D---- C:\Users\darty\AppData\Roaming\CloneSpy
2009-11-12 12:42:54 ----D---- C:\Users\darty\AppData\Roaming\Icones
2009-11-12 12:35:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 14:52:50 ----A---- C:\Windows\IsUn040c.exe
2009-11-09 14:20:03 ----D---- C:\Users\darty\AppData\Roaming\DAEMON Tools Lite
2009-11-09 14:19:59 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-11-04 12:19:16 ----HD---- C:\ProgramData\CanonBJ
2009-11-04 10:20:33 ----A---- C:\Windows\system32\mshtml.dll
2009-10-29 00:05:27 ----D---- C:\Users\darty\AppData\Roaming\vlc
2009-10-28 10:36:18 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 10:36:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 10:36:03 ----A---- C:\Windows\system32\spwmp.dll
2009-10-28 10:36:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-10-28 10:35:58 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-25 15:32:58 ----D---- C:\Users\darty\AppData\Roaming\Faerie Solitaire
2009-10-25 14:34:07 ----D---- C:\ProgramData\Adobe
2009-10-23 09:42:27 ----D---- C:\Windows\system32\QuickTime
2009-10-23 09:42:20 ----A---- C:\Windows\system32\rmoc3260.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5032.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5016.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\MACDec.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp6vfw.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp31vfw.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\mpg4c32.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\huffyuv.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vsfilter.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vorbisfile.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vobsub.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\unrar.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\OpenQuicktimeLib.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivxVfWCodec.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivx.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidvfw.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidcore.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbisenc.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbis.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\OggDS.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\ogg.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\WMV9VCM.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\divx.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\msvcr70.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\cpuinf32.dll
2009-10-23 09:42:12 ----D---- C:\Users\darty\AppData\Roaming\Real
2009-10-23 09:42:12 ----D---- C:\ProgramData\Real
2009-10-22 22:23:43 ----D---- C:\Program Files\Movie Maker 2.6
2009-10-22 21:41:03 ----D---- C:\ProgramData\FLEXnet
2009-10-22 15:55:49 ----D---- C:\Program Files\Solitaire Cruise
2009-10-22 14:10:55 ----A---- C:\Windows\system32\wininet.dll
2009-10-22 14:10:52 ----A---- C:\Windows\system32\urlmon.dll
2009-10-22 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\mstime.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-22 14:10:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\occache.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\iertutil.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\ieencode.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\icardie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\ieui.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\advpack.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\admparse.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iesetup.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iernonce.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieakui.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-20 18:43:34 ----D---- C:\Users\darty\AppData\Roaming\PoBros
2009-10-20 13:04:36 ----D---- C:\Users\darty\AppData\Roaming\MBT
======List of files/folders modified in the last 1 months======
2009-11-19 20:05:36 ----D---- C:\Windows\Temp
2009-11-19 20:02:30 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 19:54:07 ----D---- C:\Windows\system32\drivers
2009-11-19 19:53:14 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-19 19:43:56 ----D---- C:\Windows
2009-11-19 19:39:22 ----D---- C:\Windows\system32\catroot2
2009-11-19 19:31:33 ----RD---- C:\Program Files
2009-11-19 19:23:48 ----HD---- C:\ProgramData
2009-11-19 19:23:48 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-11-19 18:55:00 ----SD---- C:\Windows\Downloaded Program Files
2009-11-19 18:52:46 ----SHD---- C:\$Recycle.Bin
2009-11-19 15:50:24 ----D---- C:\Windows\Prefetch
2009-11-19 15:50:16 ----D---- C:\Users\darty\AppData\Roaming\Identities
2009-11-19 15:50:14 ----D---- C:\Users\darty\AppData\Roaming\Zylom
2009-11-19 15:49:25 ----D---- C:\Users\darty\AppData\Roaming\uTorrent
2009-11-19 14:17:43 ----D---- C:\Windows\System32
2009-11-19 14:15:29 ----SD---- C:\ProgramData\Microsoft
2009-11-19 12:45:47 ----SHD---- C:\System Volume Information
2009-11-19 12:20:04 ----SHD---- C:\Windows\Installer
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Adobe
2009-11-19 12:10:16 ----D---- C:\Program Files\Adobe
2009-11-19 12:03:07 ----D---- C:\Windows\winsxs
2009-11-19 11:59:13 ----D---- C:\Users\darty\AppData\Roaming\Adobe
2009-11-19 11:56:12 ----D---- C:\Program Files\Common Files
2009-11-19 01:03:29 ----D---- C:\Program Files\Google
2009-11-17 22:55:57 ----D---- C:\ProgramData\Google
2009-11-14 15:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-14 15:14:57 ----D---- C:\Windows\inf
2009-11-14 15:13:14 ----D---- C:\Users\darty\AppData\Roaming\dvdcss
2009-11-14 11:05:41 ----D---- C:\Users\darty\AppData\Roaming\LimeWire
2009-11-12 21:36:12 ----D---- C:\Windows\system32\catroot
2009-11-12 21:33:18 ----D---- C:\Program Files\Windows Mail
2009-11-12 21:28:08 ----D---- C:\ProgramData\Microsoft Help
2009-11-12 12:42:54 ----D---- C:\Program Files\Internet Explorer
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-31 10:08:31 ----D---- C:\Program Files\Windows Media Player
2009-10-31 10:08:30 ----D---- C:\Windows\system32\fr-FR
2009-10-24 09:18:27 ----D---- C:\Windows\system32\migration
2009-10-24 09:18:26 ----D---- C:\Windows\AppPatch
2009-10-22 21:40:09 ----D---- C:\Windows\system32\Tasks
2009-10-22 14:49:50 ----D---- C:\Program Files\VideoLAN
2009-10-21 21:06:50 ----AD---- C:\ProgramData\TEMP
2009-10-21 13:11:01 ----D---- C:\Program Files\RealArcade
2009-10-21 13:11:01 ----D---- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-24 12464]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-16 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 2305536]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-09 82432]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-21 1132544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-12-21 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-24 54784]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-10 24576]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S4 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-11 69120]
-----------------EOF-----------------
Run by darty at 2009-11-19 20:05:36
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 29 GB (43%) free of 69 GB
Total RAM: 1023 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:46, on 19/11/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\darty\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\darty.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\darty\Desktop\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
--
End of file - 5309 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{6AD8BF81-6EB3-441D-AD5F-B915DBEB3EB4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-17 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-09 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-17 149280]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-10 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"uTorrent"=C:\Users\darty\Desktop\utorrent.exe [2009-11-19 289072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [2007-03-16 63712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooquickpdfv7]
C:\Windows\system32\oopmagentts.exe [2007-10-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [2007-12-10 695808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-11 778240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2009-11-19 289072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MultiFrame.lnk]
C:\PROGRA~1\ASUS\ASUSMU~1\MULTIF~1.EXE [2006-12-29 991600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
C:\PROGRA~1\PDFCRE~1\PDFCRE~1.EXE [2009-03-20 2859008]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-11-19 18:55:03 ----RASHD---- C:\autorun.inf
2009-11-19 18:17:42 ----D---- C:\UsbFix
2009-11-19 15:50:26 ----D---- C:\Users\darty\AppData\Roaming\Ashtons Family Resort
2009-11-19 15:50:26 ----D---- C:\ProgramData\Ashtons Family Resort
2009-11-19 14:01:53 ----D---- C:\Users\darty\AppData\Roaming\Malwarebytes
2009-11-19 14:01:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-19 13:41:01 ----D---- C:\Program Files\Zylom Games
2009-11-19 12:50:59 ----D---- C:\Program Files\uTorrent
2009-11-19 11:36:20 ----D---- C:\rsit
2009-11-18 13:08:06 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-14 10:30:19 ----D---- C:\Users\darty\AppData\Roaming\CloneSpy
2009-11-12 12:42:54 ----D---- C:\Users\darty\AppData\Roaming\Icones
2009-11-12 12:35:21 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 14:52:50 ----A---- C:\Windows\IsUn040c.exe
2009-11-09 14:20:03 ----D---- C:\Users\darty\AppData\Roaming\DAEMON Tools Lite
2009-11-09 14:19:59 ----D---- C:\ProgramData\DAEMON Tools Lite
2009-11-04 12:19:16 ----HD---- C:\ProgramData\CanonBJ
2009-11-04 10:20:33 ----A---- C:\Windows\system32\mshtml.dll
2009-10-29 00:05:27 ----D---- C:\Users\darty\AppData\Roaming\vlc
2009-10-28 10:36:18 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 10:36:05 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 10:36:03 ----A---- C:\Windows\system32\spwmp.dll
2009-10-28 10:36:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-10-28 10:35:58 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-25 15:32:58 ----D---- C:\Users\darty\AppData\Roaming\Faerie Solitaire
2009-10-25 14:34:07 ----D---- C:\ProgramData\Adobe
2009-10-23 09:42:27 ----D---- C:\Windows\system32\QuickTime
2009-10-23 09:42:20 ----A---- C:\Windows\system32\rmoc3260.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5032.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\pndx5016.dll
2009-10-23 09:42:20 ----A---- C:\Windows\system32\MACDec.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp6vfw.dll
2009-10-23 09:42:19 ----A---- C:\Windows\system32\vp31vfw.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\mpg4c32.dll
2009-10-23 09:42:17 ----A---- C:\Windows\system32\huffyuv.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vsfilter.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vorbisfile.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\vobsub.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\unrar.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\OpenQuicktimeLib.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivxVfWCodec.dll
2009-10-23 09:42:16 ----A---- C:\Windows\system32\3ivx.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidvfw.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\xvidcore.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbisenc.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\vorbis.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\OggDS.dll
2009-10-23 09:42:15 ----A---- C:\Windows\system32\ogg.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\WMV9VCM.dll
2009-10-23 09:42:14 ----A---- C:\Windows\system32\divx.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\msvcr70.dll
2009-10-23 09:42:13 ----A---- C:\Windows\system32\cpuinf32.dll
2009-10-23 09:42:12 ----D---- C:\Users\darty\AppData\Roaming\Real
2009-10-23 09:42:12 ----D---- C:\ProgramData\Real
2009-10-22 22:23:43 ----D---- C:\Program Files\Movie Maker 2.6
2009-10-22 21:41:03 ----D---- C:\ProgramData\FLEXnet
2009-10-22 15:55:49 ----D---- C:\Program Files\Solitaire Cruise
2009-10-22 14:10:55 ----A---- C:\Windows\system32\wininet.dll
2009-10-22 14:10:52 ----A---- C:\Windows\system32\urlmon.dll
2009-10-22 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\mstime.dll
2009-10-22 14:10:47 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-22 14:10:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\occache.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\iertutil.dll
2009-10-22 14:10:45 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-22 14:10:44 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\ieencode.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\icardie.dll
2009-10-22 14:10:43 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\ieui.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\advpack.dll
2009-10-22 14:10:42 ----A---- C:\Windows\system32\admparse.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iesetup.dll
2009-10-22 14:10:41 ----A---- C:\Windows\system32\iernonce.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ieakui.dll
2009-10-22 14:10:40 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-20 18:43:34 ----D---- C:\Users\darty\AppData\Roaming\PoBros
2009-10-20 13:04:36 ----D---- C:\Users\darty\AppData\Roaming\MBT
======List of files/folders modified in the last 1 months======
2009-11-19 20:05:36 ----D---- C:\Windows\Temp
2009-11-19 20:02:30 ----D---- C:\Program Files\Mozilla Firefox
2009-11-19 19:54:07 ----D---- C:\Windows\system32\drivers
2009-11-19 19:53:14 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-19 19:43:56 ----D---- C:\Windows
2009-11-19 19:39:22 ----D---- C:\Windows\system32\catroot2
2009-11-19 19:31:33 ----RD---- C:\Program Files
2009-11-19 19:23:48 ----HD---- C:\ProgramData
2009-11-19 19:23:48 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-11-19 18:55:00 ----SD---- C:\Windows\Downloaded Program Files
2009-11-19 18:52:46 ----SHD---- C:\$Recycle.Bin
2009-11-19 15:50:24 ----D---- C:\Windows\Prefetch
2009-11-19 15:50:16 ----D---- C:\Users\darty\AppData\Roaming\Identities
2009-11-19 15:50:14 ----D---- C:\Users\darty\AppData\Roaming\Zylom
2009-11-19 15:49:25 ----D---- C:\Users\darty\AppData\Roaming\uTorrent
2009-11-19 14:17:43 ----D---- C:\Windows\System32
2009-11-19 14:15:29 ----SD---- C:\ProgramData\Microsoft
2009-11-19 12:45:47 ----SHD---- C:\System Volume Information
2009-11-19 12:20:04 ----SHD---- C:\Windows\Installer
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-11-19 12:16:29 ----D---- C:\Program Files\Common Files\Adobe
2009-11-19 12:10:16 ----D---- C:\Program Files\Adobe
2009-11-19 12:03:07 ----D---- C:\Windows\winsxs
2009-11-19 11:59:13 ----D---- C:\Users\darty\AppData\Roaming\Adobe
2009-11-19 11:56:12 ----D---- C:\Program Files\Common Files
2009-11-19 01:03:29 ----D---- C:\Program Files\Google
2009-11-17 22:55:57 ----D---- C:\ProgramData\Google
2009-11-14 15:15:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-14 15:14:57 ----D---- C:\Windows\inf
2009-11-14 15:13:14 ----D---- C:\Users\darty\AppData\Roaming\dvdcss
2009-11-14 11:05:41 ----D---- C:\Users\darty\AppData\Roaming\LimeWire
2009-11-12 21:36:12 ----D---- C:\Windows\system32\catroot
2009-11-12 21:33:18 ----D---- C:\Program Files\Windows Mail
2009-11-12 21:28:08 ----D---- C:\ProgramData\Microsoft Help
2009-11-12 12:42:54 ----D---- C:\Program Files\Internet Explorer
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-31 10:08:31 ----D---- C:\Program Files\Windows Media Player
2009-10-31 10:08:30 ----D---- C:\Windows\system32\fr-FR
2009-10-24 09:18:27 ----D---- C:\Windows\system32\migration
2009-10-24 09:18:26 ----D---- C:\Windows\AppPatch
2009-10-22 21:40:09 ----D---- C:\Windows\system32\Tasks
2009-10-22 14:49:50 ----D---- C:\Program Files\VideoLAN
2009-10-21 21:06:50 ----AD---- C:\ProgramData\TEMP
2009-10-21 13:11:01 ----D---- C:\Program Files\RealArcade
2009-10-21 13:11:01 ----D---- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-09-15 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-09-15 52368]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2008-11-24 12464]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-12-16 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-12-21 2305536]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-09 82432]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-21 1132544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-12-21 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2008-11-24 54784]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-10 24576]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
S4 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-11-11 69120]
-----------------EOF-----------------
C'est le rapport log que tu m'as posté et non le rapport info.
Mets à jour Vista :
http://update.microsoft.com/
http://update.microsoft.com/
Lassé par la pub ? Créez un compte
- Contenus similaires :
- Forum[Résolu] Rapport Hijack
- SolutionsJai un probleme avec mon ordi il rame de plus en plus!quoi faire?
- ForumJ'ai un virus (avec rapport hijack)
- ForumVirus msn voici mon rapport hijack
- ForumRapport Hijack this
- ForumInfectée para ScanMessenger. Rapport Hijack This. Ai-je un virus?
- ForumRapport hijack probleme avec google
- ForumPb spyware => rapport hijack
- ForumRapport Hijack This : comment supprimer les entrées néfastes ?
- Voir plus
