Aller au contenu

dudulesx

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    6

  • Inscription

  • Dernière visite

dudulesx's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. dudulesx
    C'est fait. Rien d'autre? Encore merci pour votre support.
  2. dudulesx
    Merci, Je ferai ça lundi matin.
  3. dudulesx
    Tout marche à merveille. Encore merci! Et pour Angélique, oui, j'avais commençé sur un autre forum mais la solution ne fonctionnait pas. Je voulais remercier l'helper de Maleka mais le post est fermé, dommage... Encore désolé d'avoir demandé sur 2 forums,. Les approches me paraissaient différentes et donc demander à 2 personnes différentes semblait utile. Je ne le ferai plus...
  4. dudulesx
    Merci mille fois! Tout semble ok, regedit marche, l'invite de commande aussi et je n'ai plus de redirections. Ci-dessous le rapport. Y-a-t'il d'autres manips à faire? Encore merci AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\404Fix.exe c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\dumphive.exe c:\windows\system32\IEDFix.C.exe c:\windows\system32\IEDFix.exe c:\windows\system32\o4Patch.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\tmp.reg c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_poof ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-27 au 2009-03-27 )))))))))))))))))))))))))))))))))))) . 2009-03-27 13:39 . 2009-03-27 13:39 16,236,122 --a------ C:\upload_moi_FD.tar.gz 2009-03-27 13:09 . 2009-03-27 13:15 <REP> d-------- C:\Gamer 2009-03-27 12:11 . 2009-03-27 12:11 <REP> d-------- C:\rsit 2009-03-27 11:35 . 2009-03-27 11:36 <REP> d-------- C:\32788R22FWJFW.3.tmp 2009-03-27 11:34 . 2009-03-27 11:35 <REP> d-------- C:\32788R22FWJFW.2.tmp 2009-03-27 11:34 . 2009-03-27 11:34 <REP> d-------- C:\32788R22FWJFW.1.tmp 2009-03-27 11:13 . 2009-03-27 11:27 <REP> d-------- C:\32788R22FWJFW.0.tmp 2009-03-26 18:45 . 2009-03-26 18:45 <REP> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-03-26 17:11 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2009-03-26 17:10 . 2009-03-26 17:10 <REP> d-------- c:\program files\Panda Security 2009-03-26 15:40 . 2009-03-26 15:43 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-03-26 14:54 . 2009-03-26 14:54 <REP> d-------- c:\program files\CCleaner 2009-03-26 14:39 . 2009-03-26 14:38 410,984 --a------ c:\windows\system32\deploytk.dll 2009-03-26 11:19 . 2009-03-26 11:37 101,287 --a------ c:\windows\system32\drivers\klin.dat 2009-03-26 11:19 . 2009-03-26 11:37 89,601 --a------ c:\windows\system32\drivers\klick.dat 2009-03-26 11:18 . 2009-03-26 11:18 <REP> d-------- c:\program files\Kaspersky Lab 2009-03-26 11:18 . 2009-03-27 12:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-03-26 11:18 . 2009-03-27 16:32 4,996,128 --ahs---- c:\windows\system32\drivers\fidbox.dat 2009-03-26 11:18 . 2009-03-27 16:31 68,984 --ahs---- c:\windows\system32\drivers\fidbox.idx 2009-03-26 11:18 . 2009-03-27 16:31 62,240 --ahs---- c:\windows\system32\drivers\fidbox2.dat 2009-03-26 11:18 . 2009-03-27 16:31 7,904 --ahs---- c:\windows\system32\drivers\fidbox2.idx 2009-03-26 11:13 . 2009-03-26 11:13 <REP> d-------- C:\KAV 2009-03-26 09:08 . 2009-03-26 09:08 <REP> d-------- c:\documents and settings\All Users\Application Data\Symantec 2009-03-25 08:04 . 2009-03-25 08:04 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared 2009-03-24 17:14 . 2009-03-24 17:14 <REP> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-03-24 15:08 . 2009-03-24 15:08 <REP> d-------- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2009-03-24 15:08 . 2009-03-24 15:08 <REP> d-------- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2009-03-04 16:55 . 2009-03-04 16:55 <REP> d-------- c:\program files\CapAlpha . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-27 14:07 --------- d-----w c:\program files\Fichiers communs\Adobe 2009-03-27 13:59 --------- d-----w c:\documents and settings\separex\Application Data\AdobeUM 2009-03-27 11:26 --------- d-----w c:\program files\Trend Micro 2009-03-27 08:56 --------- d-----w c:\program files\Bonjour 2009-03-26 14:43 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-26 13:56 --------- d-----w c:\documents and settings\separex\Application Data\Lavasoft 2009-03-26 13:38 --------- d-----w c:\program files\Java 2009-03-26 10:37 112,144 ----a-w c:\windows\system32\drivers\kl1.sys 2009-03-24 14:08 --------- d-----w c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-02-17 14:25 --------- d-----w c:\program files\Google 2009-01-29 13:51 --------- d-----w c:\documents and settings\separex\Application Data\webex . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-11-25 335872] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-26 136600] "Drag'n'Drop_Autolaunch"="c:\program files\Iomega HotBurn Pro\Autolaunch.exe" [2004-08-10 131072] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe" [2009-03-26 231952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"= c:\windows\system32\..\xjems.cfm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk backup=c:\windows\pss\Démarrage d'Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^True Internet Color Icon.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\True Internet Color Icon.lnk backup=c:\windows\pss\True Internet Color Icon.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] --a------ 2008-07-22 19:42 116040 c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-07-30 09:47 289064 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-06-13 08:34 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "<NO NAME>"= "vptray"=c:\program files\NavNT\vptray.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"= "c:\\Documents and Settings\\separex\\Mes documents\\BIBLIO\\CONGRES\\PSWC07 (D)\\server\\mmserv.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\wamp\\Apache2\\bin\\httpd.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-03-26 28544] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-05-30 24344] S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [2008-05-28 61504] S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [2008-05-28 9328] S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [2008-05-28 97056] S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [2008-05-28 88560] S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [2008-05-28 86368] S4 Napiilspe;Napiilspe; [x] --- Autres Services/Pilotes en mémoire --- *Deregistered* - dnbudf [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91326301-48dd-11dd-ac53-00112f35b584}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\ISASF.htm [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0f02a17-d038-11dd-acc5-00112f35b584}] \Shell\AutoRun\command - E:\wdsync.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df79b853-1694-11dd-ac27-00112f35b584}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\ISASF.htm . Contenu du dossier 'Tâches planifiées' 2006-09-04 c:\windows\Tasks\sauvegarde email.job - c:\windows\system32\ntbackup.exe [2008-04-14 03:34] . - - - - ORPHELINS SUPPRIMES - - - - Notify-dimsntfy - (no file) MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.pharmanetwork.info/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {748EA5DD-0869-4901-8047-4CC384AB450B} = 194.2.0.20,194.2.0.50 . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-27 16:32:22 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2] "ImagePath"="\"\"" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1008) c:\windows\system32\Ati2evxx.dll c:\windows\system32\klogon.dll c:\windows\System32\NavLogon.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\ati2evxx.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\progra~1\Iomega\System32\AppServices.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Heure de fin: 2009-03-27 16:36:22 - La machine a redémarré ComboFix-quarantined-files.txt 2009-03-27 15:36:13 Avant-CF: 34 037 551 104 octets libres Après-CF: 34,388,566,016 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn 198 --- E O F --- 2009-03-16 18:05:14
  5. dudulesx
    Merci mille fois pour cette réponse rapide. Voila, c'est fait. GMER 1.0.15.14944 - http://www.gmer.net Rootkit scan 2009-03-27 13:16:16 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT \??\C:\WINDOWS\system32\drivers\klif.sys (spuper-ptor/Kaspersky Lab) ZwEnumerateKey [0xB2E378E0] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys (spuper-ptor/Kaspersky Lab) ZwEnumerateValueKey [0xB2E37990] SSDT \??\C:\WINDOWS\system32\drivers\klif.sys (spuper-ptor/Kaspersky Lab) ZwQuerySystemInformation [0xB2E46FC0] Code \??\C:\WINDOWS\system32\drivers\klif.sys (spuper-ptor/Kaspersky Lab) FsRtlCheckLockForReadAccess Code \??\C:\WINDOWS\system32\drivers\klif.sys (spuper-ptor/Kaspersky Lab) IoIsOperationSynchronous Code 560AA546 KeFindConfigurationNextEntry ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs klif.sys (spuper-ptor/Kaspersky Lab) AttachedDevice \FileSystem\Fastfat \Fat klif.sys (spuper-ptor/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) ---- Threads - GMER 1.0.15 ---- Thread System [4:524] 81DD67A0 Thread System [4:528] 81DD67A0 Thread System [4:532] 81DA6A30 Thread System [4:536] 81DA6A30 Thread System [4:540] 81DA6A30 ---- EOF - GMER 1.0.15 ----
  6. dudulesx
    Bonjour, des choses très bizarres! dans la barre google, je tape les mots clefs xxxx , puis rechercher : ouverture directe d'une page non sollicitée; - toujours en recherchant dans google, les liens sur lesquels je clique peuvent me rediriger sur un site tiers- en navigant directement et en cliquant sur des liens hypertexe, même résultat. Les pages affichées sont sexeaaaanyc.com, pornotube, monstermarketplace.com, findresearchhere.us ,une page blanche mentionnant "no-output". Autre symptome : impossible de lancer l'invite de commande et quand j'ouvre Regedit, il se ferme tout seul en quelques secondes. Kaspersky ne voit rien. Voici le log de RSIT, merci pour vos lumières! Logfile of random's system information tool 1.06 (written by random/random) Run by separex at 2009-03-27 12:26:06 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 33 GB (42%) free of 78 GB Total RAM: 511 MB (27% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:26:24, on 27/03/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Documents and Settings\separex\Bureau\RSIT.exe C:\Program Files\trend micro\separex.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pharmanetwork.info/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\SCIEPlgn.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} (AlternaTIFF ActiveX) - http://www.alternatiff.com/install-ie/alttiff.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/029f45fe7b4238...RdxIE601_fr.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200411...meInstaller.exe O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://malvernevents.webex.com/client/v_my...bex/ieatgpc.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{748EA5DD-0869-4901-8047-4CC384AB450B}: NameServer = 194.2.0.20,194.2.0.50 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DefWatch - Unknown owner - C:\Program Files\NavNT\defwatch.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Unknown owner - C:\Program Files\NavNT\rtvscan.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe -- End of file - 8673 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\sauvegarde email.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-26 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-17 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-17 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-17 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-26 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-26 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-17 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-11-25 335872] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-26 136600] "Drag'n'Drop_Autolaunch"=C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe [2004-08-10 131072] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe [2009-03-26 231952] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-13 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2005-10-24 307200] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage d'Office.lnk] C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1998-04-14 51984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~3.0\Reader\READER~1.EXE [2005-09-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^True Internet Color Icon.lnk] C:\PROGRA~1\E-Color\TRUEIN~1\TICIcon.exe [2000-03-06 221184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2003-12-02 86016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2007-11-19 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] C:\WINDOWS\System32\NavLogon.dll [2000-12-22 28672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "D:\server\mmserv.exe"="D:\server\mmserv.exe:*:Enabled:Simple Python web application server with Snakelets and Python Server Pages" "C:\Documents and Settings\separex\Mes documents\BIBLIO\CONGRES\PSWC07 (D)\server\mmserv.exe"="C:\Documents and Settings\separex\Mes documents\BIBLIO\CONGRES\PSWC07 (D)\server\mmserv.exe:*:Enabled:Simple Python web application server with Snakelets and Python Server Pages" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\SETUP.EXE"="D:\SETUP.EXE:*:Enabled:Setup" "C:\wamp\Apache2\bin\httpd.exe"="C:\wamp\Apache2\bin\httpd.exe:*:Enabled:Apache HTTP Server" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\separex\Local Settings\Temp\WZSE0.TMP\SymNRT.exe"="C:\Documents and Settings\separex\Local Settings\Temp\WZSE0.TMP\SymNRT.exe:*:Enabled:Norton Removal Tool" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91326301-48dd-11dd-ac53-00112f35b584}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\ISASF.htm [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0f02a17-d038-11dd-acc5-00112f35b584}] shell\AutoRun\command - E:\wdsync.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df79b853-1694-11dd-ac27-00112f35b584}] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\ISASF.htm ======File associations====== .js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2009-03-27 12:11:34 ----D---- C:\rsit 2009-03-27 11:57:39 ----A---- C:\WINDOWS\system32\tmp.txt 2009-03-27 11:57:21 ----A---- C:\rapport.txt 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\WS2Fix.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\VCCLSID.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\VACFix.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\swxcacls.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\swsc.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\swreg.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\SrchSTS.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\Process.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\o4Patch.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\IEDFix.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\IEDFix.C.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\dumphive.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe 2009-03-27 11:57:04 ----A---- C:\WINDOWS\system32\404Fix.exe 2009-03-27 11:36:02 ----D---- C:\32788R22FWJFW 2009-03-27 11:35:32 ----D---- C:\32788R22FWJFW.3.tmp 2009-03-27 11:34:35 ----D---- C:\32788R22FWJFW.2.tmp 2009-03-27 11:34:11 ----D---- C:\32788R22FWJFW.1.tmp 2009-03-27 11:32:34 ----A---- C:\WINDOWS\ntbtlog.txt 2009-03-27 11:13:49 ----D---- C:\32788R22FWJFW.0.tmp 2009-03-27 09:42:17 ----SHD---- C:\Config.Msi 2009-03-26 18:45:17 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2009-03-26 18:20:05 ----A---- C:\WINDOWS\system32\cmd.execf 2009-03-26 17:10:44 ----D---- C:\Program Files\Panda Security 2009-03-26 15:40:36 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-26 14:54:39 ----D---- C:\Program Files\CCleaner 2009-03-26 14:39:26 ----A---- C:\WINDOWS\system32\javaws.exe 2009-03-26 14:39:26 ----A---- C:\WINDOWS\system32\javaw.exe 2009-03-26 14:39:26 ----A---- C:\WINDOWS\system32\java.exe 2009-03-26 14:39:26 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-03-26 11:18:22 ----D---- C:\Program Files\Kaspersky Lab 2009-03-26 11:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2009-03-26 11:13:46 ----D---- C:\KAV 2009-03-26 09:08:44 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-03-26 08:50:55 ----D---- C:\WINDOWS\pss 2009-03-25 08:04:36 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2009-03-24 17:14:29 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller 2009-03-24 15:08:27 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy) 2009-03-24 15:08:27 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy) 2009-03-11 18:39:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-03-11 18:38:58 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-03-11 18:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-03-04 16:55:38 ----D---- C:\Program Files\CapAlpha 2009-03-02 18:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ ======List of files/folders modified in the last 1 months====== 2009-03-27 12:26:10 ----D---- C:\Program Files\Trend Micro 2009-03-27 12:24:40 ----D---- C:\WINDOWS\Temp 2009-03-27 12:19:12 ----D---- C:\WINDOWS\system32\CatRoot2 2009-03-27 12:17:18 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-03-27 12:15:33 ----D---- C:\WINDOWS\Prefetch 2009-03-27 11:57:40 ----D---- C:\WINDOWS\system32 2009-03-27 11:32:34 ----D---- C:\WINDOWS 2009-03-27 11:15:12 ----RD---- C:\Program Files 2009-03-27 11:03:21 ----SHD---- C:\WINDOWS\Installer 2009-03-27 09:56:30 ----D---- C:\Program Files\Bonjour 2009-03-27 09:44:12 ----D---- C:\WINDOWS\WinSxS 2009-03-27 09:44:03 ----D---- C:\Program Files\Fichiers communs 2009-03-27 09:43:59 ----HD---- C:\WINDOWS\inf 2009-03-26 17:15:03 ----D---- C:\WINDOWS\system32\drivers 2009-03-26 17:09:36 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-03-26 15:43:00 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-26 14:59:03 ----D---- C:\WINDOWS\Debug 2009-03-26 14:56:26 ----D---- C:\Documents and Settings\separex\Application Data\Lavasoft 2009-03-26 14:56:25 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-03-26 14:38:27 ----D---- C:\Program Files\Java 2009-03-26 14:34:30 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-03-26 14:28:55 ----D---- C:\Documents and Settings\separex\Application Data\Adobe 2009-03-26 14:28:50 ----D---- C:\Program Files\Adobe 2009-03-26 14:28:49 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-03-24 15:08:28 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy) 2009-03-11 18:39:08 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-03-11 09:27:44 ----HD---- C:\WINDOWS\$hf_mig$ 2009-03-04 16:55:52 ----SD---- C:\Documents and Settings\separex\Application Data\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856] R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys [] R2 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys [] R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys [] R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-12-02 641536] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-05-30 24344] R3 ms_mpu401;Pilote UART MIDI MPU-401 Microsoft; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 nvax;Service for NVIDIA® nForce Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056] R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-09-23 80896] R3 nvnforce;Service for NVIDIA® nForce Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152] S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504] S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328] S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056] S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560] S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-12-02 385024] R2 AVP;Kaspersky Anti-Virus 6.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe [2009-03-26 231952] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2003-09-24 73728] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-26 152984] R2 MSSQL$MICROSOFTBCM;MSSQL$MICROSOFTBCM; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe [2003-05-31 7544916] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-12-02 516096] S2 DefWatch;DefWatch; C:\Program Files\NavNT\defwatch.exe [] S2 Norton AntiVirus Server;Norton AntiVirus Client; C:\Program Files\NavNT\rtvscan.exe [] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-17 137200] S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264] S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe [2004-12-29 68096] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SQLAgent$MICROSOFTBCM;SQLAgent$MICROSOFTBCM; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE [2002-12-17 311872] S3 wampapache;wampapache; c:\wamp\apache2\bin\httpd.exe [2007-01-09 20539] S3 wampmysqld;wampmysqld; c:\wamp\mysql\bin\mysqld-nt.exe [2007-05-04 5701632] S4 Iomega Activity Disk2;Iomega Activity Disk2; [] -----------------EOF-----------------
×
×
  • Créer...