milizen

Membres

Afficher le profil Afficher son activité

Compteur de contenus
9
Inscription
le 22 avril 2009
Dernière visite
le 24 mars 2011

Profile Information

Sexe
Female

Autres informations

Mes langues
français

milizen's Achievements

Junior Member (3/12)

Réputation sur la communauté

Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Salut Thanos, j'ai fait toutes les vérifications que tu m'as demandé et tout est ok je n'ai pas de trace du fichier que tu m'as demandé de trouver, et j'ai également supprimer les deux logiciels. j'ai installé Kério en firewall, je te remercie pour tes conseils. je pense que tout est ok maintenant et je te remercie du temps que tu as passé à désinfecter mon pc c'est vraiment sympa. Bonne continuation
- le 3 mai 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Bonjour Thanos, je t'envoi les rapports que tu m'as demandé pour le rapport lop s&d comme je n'en avais pas en faisant la manip que tu m'as demandé, j'ai pris l'initiative de supprimer manuellement les dossiers boonty qu'il y avait sur mon pc et de lancer lop s&d manuellement en demandant une recherche et voici le rapport que j'ai eu : --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Emilie BUREL ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.26 (Not Activated) C:\ (Local Disk) - NTFS - Total:92 Go (Free:62 Go) D:\ (CD or DVD) E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) F:\ (USB) - FAT - Total:484 Mo (Free:0 Go) G:\ (USB) - FAT32 - Total:3827 Mo (Free:3 Go) H:\ (USB) - FAT - Total:1929 Mo (Free:0 Go) I:\ (Local Disk) - FAT32 - Total:298 Go (Free:267 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 01/05/09|11:05 ) --------------------\\ Listing des dossiers dans APPLIC~1 [16/09/05|10:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [24/07/08|21:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba [29/03/07|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B73EC431-2F59-4E5E-9CEA-001681A75E3E} [01/12/06|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [01/05/09|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [01/02/09|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [21/11/07|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dynacom [24/04/09|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [29/04/09|14:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12/07/06|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive [13/07/06|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs [11/04/06|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar [29/04/09|14:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [25/12/06|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [23/12/07|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [16/09/05|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [23/04/06|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [02/04/09|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [28/04/09|21:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [17/01/08|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [16/02/09|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG [11/07/06|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [23/03/08|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Adobe [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\AdobeUM [16/09/05|08:57] C:\DOCUME~1\Boulot\APPLIC~1\Identities [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Macromedia [30/03/09|15:39] C:\DOCUME~1\Boulot\APPLIC~1\Microsoft [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\Mozilla [24/03/09|14:13] C:\DOCUME~1\Boulot\APPLIC~1\Real [16/09/05|11:05] C:\DOCUME~1\Boulot\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\Boulot\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\Boulot\APPLIC~1\toshiba [16/09/05|10:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [16/09/05|11:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba [05/06/06|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\Adobe [22/08/07|18:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\AdobeUM [06/02/09|17:09] C:\DOCUME~1\EMILIE~1\APPLIC~1\Ahead [01/02/09|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\AVS4YOU [22/02/07|19:37] C:\DOCUME~1\EMILIE~1\APPLIC~1\Comptabilit‚ [06/02/09|17:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\COWON [25/06/07|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\DivX [29/03/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Dynacom [03/08/06|12:55] C:\DOCUME~1\EMILIE~1\APPLIC~1\EBP [27/07/06|12:57] C:\DOCUME~1\EMILIE~1\APPLIC~1\Google [11/04/06|12:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\Help [16/02/09|14:24] C:\DOCUME~1\EMILIE~1\APPLIC~1\HP [29/05/07|13:00] C:\DOCUME~1\EMILIE~1\APPLIC~1\Identities [17/01/08|22:25] C:\DOCUME~1\EMILIE~1\APPLIC~1\InstallShield [11/04/06|12:32] C:\DOCUME~1\EMILIE~1\APPLIC~1\InterVideo [20/06/06|23:43] C:\DOCUME~1\EMILIE~1\APPLIC~1\Leadertech [11/04/06|18:53] C:\DOCUME~1\EMILIE~1\APPLIC~1\Macromedia [24/04/09|15:45] C:\DOCUME~1\EMILIE~1\APPLIC~1\Malwarebytes [23/01/08|20:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\Media Player Classic [23/03/08|18:14] C:\DOCUME~1\EMILIE~1\APPLIC~1\Microsoft [11/09/08|14:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Mozilla [11/04/06|22:44] C:\DOCUME~1\EMILIE~1\APPLIC~1\MSN Search Toolbar [04/02/09|13:54] C:\DOCUME~1\EMILIE~1\APPLIC~1\Music Recognition [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\NetMedia Providers [20/03/09|23:35] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker [20/03/09|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker4 [29/12/06|20:21] C:\DOCUME~1\EMILIE~1\APPLIC~1\Pinnacle Systems [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Publish Providers [18/08/08|18:15] C:\DOCUME~1\EMILIE~1\APPLIC~1\Real [24/10/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Samsung [30/06/08|16:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Skype [16/09/05|11:05] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sonic [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sony [14/04/06|16:58] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sun [11/04/06|22:27] C:\DOCUME~1\EMILIE~1\APPLIC~1\Symantec [06/03/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Talkback [17/01/08|22:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\TomTom [16/09/05|11:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\toshiba [01/05/09|11:04] C:\DOCUME~1\EMILIE~1\APPLIC~1\U3 [09/06/07|13:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\Wormux [10/11/06|05:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/04/09|12:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [16/09/05|08:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [01/05/09 10:50][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/04 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [18/09/07|23:57] C:\Program Files\Adobe [29/07/08|18:28] C:\Program Files\Ahead [11/12/06|18:55] C:\Program Files\Alliance MCA [05/02/07|20:01] C:\Program Files\Alwil Software [08/02/09|15:44] C:\Program Files\AmazingMIDI [16/09/05|10:22] C:\Program Files\Apoint2K [11/04/06|11:57] C:\Program Files\ATI Technologies [01/05/09|10:51] C:\Program Files\Avira [31/03/09|22:44] C:\Program Files\broadjump [16/04/07|12:51] C:\Program Files\C-Media [12/07/06|23:35] C:\Program Files\Common Files [22/09/06|10:35] C:\Program Files\DD PlayCam [31/07/08|12:23] C:\Program Files\DivX [16/04/08|14:36] C:\Program Files\DVD-RAM [14/12/08|13:15] C:\Program Files\emule [20/06/07|18:41] C:\Program Files\eMulev0.48a.-MorphXTv10.0-bin [01/05/09|09:54] C:\Program Files\Fichiers communs [17/03/07|19:43] C:\Program Files\FileZilla [13/04/06|20:33] C:\Program Files\Formation interactive Microsoft [17/05/08|21:18] C:\Program Files\Free Audio Pack [27/07/06|12:22] C:\Program Files\Google [15/04/07|14:08] C:\Program Files\HHD Software [17/08/07|20:02] C:\Program Files\IncrediMail [06/02/09|17:01] C:\Program Files\InstallShield Installation Information [03/10/06|18:53] C:\Program Files\Intel [28/04/09|20:57] C:\Program Files\Internet Explorer [11/04/06|11:59] C:\Program Files\InterVideo [29/04/09|13:46] C:\Program Files\Java [28/08/07|17:23] C:\Program Files\Lauyan [16/09/05|10:12] C:\Program Files\ltmoh [12/07/06|00:39] C:\Program Files\Macrogaming [20/09/07|17:46] C:\Program Files\Macromedia [24/04/09|15:45] C:\Program Files\Malwarebytes' Anti-Malware [28/04/09|23:25] C:\Program Files\Messenger [24/07/08|17:52] C:\Program Files\MGI [29/04/09|14:55] C:\Program Files\Microsoft [28/04/09|16:27] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [16/09/05|08:38] C:\Program Files\microsoft frontpage [27/04/06|20:14] C:\Program Files\Microsoft Office [29/04/09|14:55] C:\Program Files\Microsoft Silverlight [25/12/06|12:52] C:\Program Files\Microsoft SQL Server [23/03/08|18:28] C:\Program Files\Microsoft SQL Server Compact Edition [27/04/06|20:15] C:\Program Files\Microsoft Visual Studio [01/06/07|19:22] C:\Program Files\Microsoft Works [16/09/05|11:09] C:\Program Files\Microsoft.NET [26/09/06|13:11] C:\Program Files\Motive [16/09/05|08:35] C:\Program Files\Movie Maker [01/05/09|10:54] C:\Program Files\Mozilla Firefox [14/09/08|18:07] C:\Program Files\Mozilla Sunbird [16/09/05|08:34] C:\Program Files\MSN [16/09/05|08:34] C:\Program Files\MSN Gaming Zone [11/04/06|22:43] C:\Program Files\MSN Toolbar Suite [01/12/06|15:03] C:\Program Files\MSXML 4.0 [27/06/07|19:13] C:\Program Files\MySoftware [24/01/07|15:48] C:\Program Files\NetMeeting [30/05/07|15:34] C:\Program Files\neuf Talk [29/04/09|14:43] C:\Program Files\NOS [16/09/05|08:34] C:\Program Files\Online Services [03/12/07|18:21] C:\Program Files\Outlook Express [20/03/09|23:35] C:\Program Files\PacificPoker [20/03/09|23:26] C:\Program Files\PacificPoker4 [25/12/06|12:52] C:\Program Files\Pinnacle [04/10/08|18:29] C:\Program Files\Planning Manager [23/12/07|18:45] C:\Program Files\QuickTime [18/08/08|18:15] C:\Program Files\Real [09/04/08|12:29] C:\Program Files\Real Alternative [16/09/05|10:17] C:\Program Files\Realtek AC97 [09/08/06|19:06] C:\Program Files\ReflexiveArcade [15/08/08|13:43] C:\Program Files\SAGEM [24/10/07|14:05] C:\Program Files\Samsung [16/09/05|08:36] C:\Program Files\Services en ligne [23/04/06|17:48] C:\Program Files\Skype [15/04/09|18:40] C:\Program Files\Sonic [01/04/09|17:57] C:\Program Files\Spybot - Search & Destroy [28/04/09|21:08] C:\Program Files\SpywareBlaster [08/02/09|15:26] C:\Program Files\TallStick [13/03/09|23:47] C:\Program Files\TomTom HOME 2 [27/06/07|13:58] C:\Program Files\Toshiba [26/04/09|14:14] C:\Program Files\trend micro [12/12/06|12:30] C:\Program Files\Uninstall Information [22/09/06|10:30] C:\Program Files\VideoCAM Eye [01/08/07|12:49] C:\Program Files\VideoLAN [29/04/09|14:55] C:\Program Files\Windows Live [29/04/09|14:51] C:\Program Files\Windows Live SkyDrive [01/06/07|19:22] C:\Program Files\Windows Media Connect 2 [21/02/07|11:19] C:\Program Files\Windows Media Player [16/09/05|08:34] C:\Program Files\Windows NT [20/07/06|10:57] C:\Program Files\Wingen [03/08/06|12:41] C:\Program Files\WinRAR [21/09/07|23:02] C:\Program Files\Wormux 0.7 [16/09/05|08:38] C:\Program Files\xerox [08/02/09|15:04] C:\Program Files\YAMAHA [16/04/06|23:36] C:\Program Files\ZonejeuX --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/09/05|10:47] C:\Program Files\Fichiers communs\Adobe [29/07/08|18:28] C:\Program Files\Fichiers communs\Ahead [01/02/09|17:51] C:\Program Files\Fichiers communs\AVSMedia [15/04/09|19:56] C:\Program Files\Fichiers communs\Blizzard Entertainment [27/04/06|20:15] C:\Program Files\Fichiers communs\Designer [13/05/07|23:45] C:\Program Files\Fichiers communs\Hewlett-Packard [15/04/07|14:08] C:\Program Files\Fichiers communs\HHD Software [22/02/09|22:08] C:\Program Files\Fichiers communs\HP [16/09/05|10:26] C:\Program Files\Fichiers communs\InstallShield [16/09/05|08:49] C:\Program Files\Fichiers communs\Java [04/04/07|21:03] C:\Program Files\Fichiers communs\Micro Application Shared [28/04/09|23:25] C:\Program Files\Fichiers communs\Microsoft Shared [16/09/05|08:35] C:\Program Files\Fichiers communs\MSSoap [01/12/06|12:58] C:\Program Files\Fichiers communs\NSV [16/09/05|10:30] C:\Program Files\Fichiers communs\ODBC [18/08/08|18:16] C:\Program Files\Fichiers communs\Real [16/09/05|08:35] C:\Program Files\Fichiers communs\Services [16/09/05|10:30] C:\Program Files\Fichiers communs\SpeechEngines [05/12/06|18:42] C:\Program Files\Fichiers communs\Symantec Shared [03/12/07|18:21] C:\Program Files\Fichiers communs\System [22/09/06|10:30] C:\Program Files\Fichiers communs\VCAMEye [29/04/09|14:45] C:\Program Files\Fichiers communs\Windows Live [23/03/08|18:29] C:\Program Files\Fichiers communs\WindowsLiveInstaller [18/08/08|18:16] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 61 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-01 11:06:35 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 279 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:181][D:17]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\Temp [F:16][D:0]-> C:\DOCUME~1\EMILIE~1\Cookies [F:322][D:4]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/04/09|16:52 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 27/04/09|15:22 - Option : [2] 3 - "C:\Lop SD\LopR_3.txt" - 27/04/09|15:29 - Option : [4] 4 - "C:\Lop SD\LopR_4.txt" - 01/05/09|11:08 - Option : [1] --------------------\\ Fin du rapport a 11:08:11 le rapport de javaRa : JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Wed Apr 29 13:46:34 2009 Found and removed: C:\Program Files\Java\jre1.5.0_03 Found and removed: Software\JavaSoft\Java2D\1.5.0_03 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Classes\JavaPlugin.150_03 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_03 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_03 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510003 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150030} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_03 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_03\ ------------------------------------ Finished reporting. et enfin le rapport RSIT : Logfile of random's system information tool 1.06 (written by random/random) Run by Emilie BUREL at 2009-05-01 11:09:32 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 64 GB (68%) free of 95 GB Total RAM: 1022 MB (56% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:09:43, on 01/05/09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\ZoomingHook.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\RAMASST.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Documents and Settings\Emilie BUREL\Bureau\RSIT.exe C:\Program Files\trend micro\Emilie BUREL.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1240928330421 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1240928315953 O17 - HKLM\System\CCS\Services\Tcpip\..\{574B7C6E-34BE-4E72-B86C-07F1E30D2817}: NameServer = 86.64.145.140,84.103.237.140 O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 11082 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-05-31 118844] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-29 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-29 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Pinnacle WebUpdater"=C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe [2006-08-24 385024] "Zooming"=C:\WINDOWS\system32\ZoomingHook.exe [2005-06-06 24576] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2005-04-05 73728] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-08-12 266240] "TPNF"=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2005-08-25 53248] "TFncKy"=TFncKy.exe [] "TCtryIOHook"=C:\WINDOWS\system32\TCtrlIOHook.exe [2005-08-22 28672] "SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2006-06-06 40960] "SVPWUTIL"=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2004-05-01 65536] "snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720] "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2005-05-17 118784] "PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe [2006-09-13 176128] "PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2005-08-30 1077328] "NDSTray.exe"=NDSTray.exe [] "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2003-09-06 184320] "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-05-31 122941] "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-09-06 671744] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2004-03-24 196608] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-12-22 88358] "BJCFD"=C:\Program Files\BroadJump\Client Foundation\CFD.exe [2009-03-31 376912] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-08-18 185896] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-29 148888] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-11 65536] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2005-10-24 307200] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\HOMERunner.exe [2007-10-31 378784] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe C:\Documents and Settings\Emilie BUREL\Menu Démarrer\Programmes\Démarrage Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-07-19 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\eMule\Incoming\eMule 0.47a MorphXT 8.9 - Bin [Par Ratiatum.com]\emule\emule.exe"="C:\Program Files\eMule\Incoming\eMule 0.47a MorphXT 8.9 - Bin [Par Ratiatum.com]\emule\emule.exe:*:Enabled:eMule" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE" "C:\Program Files\neuf Talk\neuf Talk.exe"="C:\Program Files\neuf Talk\neuf Talk.exe:*:Enabled:neuf Talk" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Alliance MCA\Internet Fax\mailing.exe"="C:\Program Files\Alliance MCA\Internet Fax\mailing.exe:*:Enabled:Application fax" "C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe" "C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe" "C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Disabled:Torrent P2P application" "C:\Program Files\emule\emule.exe"="C:\Program Files\emule\emule.exe:*:Enabled:eMuleMorphXT" "C:\Program Files\Toshiba\ConfigFree\CFXFER.exe"="C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] shell\AutoRun\command - E:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb0cee9e-f52b-11dd-bf68-00166f2a333e}] shell\AutoRun\command - E:\LaunchU3.exe -a ======File associations====== .js - edit - C:\WINDOWS\system32\Notepad.exe %1 .js - open - C:\WINDOWS\system32\WScript.exe "%1" %* .vbs - edit - C:\WINDOWS\system32\Notepad.exe %1 .vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-05-01 11:05:39 ----A---- C:\lopR.txt 2009-05-01 10:51:52 ----D---- C:\WINDOWS\LastGood 2009-05-01 10:51:41 ----D---- C:\Program Files\Avira 2009-05-01 10:51:41 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-04-29 14:55:52 ----D---- C:\Program Files\Microsoft Silverlight 2009-04-29 14:51:39 ----D---- C:\Program Files\Microsoft 2009-04-29 14:51:22 ----D---- C:\Program Files\Windows Live SkyDrive 2009-04-29 14:45:17 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-04-29 14:43:09 ----D---- C:\Program Files\NOS 2009-04-29 14:43:09 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2009-04-29 13:45:48 ----A---- C:\WINDOWS\system32\javaws.exe 2009-04-29 13:45:48 ----A---- C:\WINDOWS\system32\javaw.exe 2009-04-29 13:45:48 ----A---- C:\WINDOWS\system32\java.exe 2009-04-29 13:45:48 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-28 23:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-04-28 23:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-04-28 23:24:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-28 23:24:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-04-28 23:24:15 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-04-28 23:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$ 2009-04-28 23:24:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-04-28 23:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-04-28 23:23:43 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-04-28 23:23:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-04-28 23:23:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$ 2009-04-28 23:23:13 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$ 2009-04-28 23:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-04-28 23:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-04-28 20:53:48 ----HDC---- C:\WINDOWS\ie7 2009-04-28 20:35:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-28 20:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-04-28 20:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-04-28 20:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2009-04-28 20:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-28 16:28:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-04-28 16:27:37 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2009-04-28 16:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2009-04-28 16:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-04-28 16:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2009-04-28 16:19:23 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2009-04-28 14:54:25 ----A---- C:\WINDOWS\imsins.BAK 2009-04-28 14:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-04-28 12:34:55 ----D---- C:\_OTMoveIt 2009-04-26 16:49:57 ----D---- C:\Lop SD 2009-04-26 14:14:10 ----D---- C:\rsit 2009-04-26 14:14:10 ----D---- C:\Program Files\trend micro 2009-04-24 15:45:14 ----D---- C:\Documents and Settings\Emilie BUREL\Application Data\Malwarebytes 2009-04-24 15:45:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-04-24 15:45:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware ======List of files/folders modified in the last 1 months====== 2009-05-01 11:09:18 ----D---- C:\WINDOWS\Prefetch 2009-05-01 11:04:38 ----D---- C:\Documents and Settings\Emilie BUREL\Application Data\U3 2009-05-01 10:54:31 ----D---- C:\Program Files\Mozilla Firefox 2009-05-01 10:52:23 ----D---- C:\WINDOWS\Temp 2009-05-01 10:51:54 ----D---- C:\WINDOWS\system32\drivers 2009-05-01 10:51:53 ----HD---- C:\WINDOWS\inf 2009-05-01 10:51:53 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-01 10:51:52 ----D---- C:\WINDOWS 2009-05-01 10:51:41 ----RD---- C:\Program Files 2009-05-01 10:48:52 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-01 10:00:32 ----SHD---- C:\WINDOWS\Installer 2009-05-01 10:00:32 ----HD---- C:\Config.Msi 2009-05-01 10:00:32 ----D---- C:\WINDOWS\WinSxS 2009-05-01 09:54:09 ----D---- C:\Program Files\Fichiers communs 2009-04-29 22:30:03 ----RSD---- C:\WINDOWS\assembly 2009-04-29 22:28:22 ----D---- C:\WINDOWS\Microsoft.NET 2009-04-29 14:55:30 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-04-29 14:55:28 ----D---- C:\Program Files\Windows Live 2009-04-29 14:53:39 ----D---- C:\WINDOWS\system32\DirectX 2009-04-29 14:51:59 ----D---- C:\WINDOWS\system32 2009-04-29 14:45:16 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-04-29 13:46:38 ----D---- C:\Program Files\Java 2009-04-29 11:59:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-29 11:54:23 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-04-29 11:54:23 ----D---- C:\WINDOWS\system32\wbem 2009-04-28 23:25:26 ----D---- C:\Program Files\Messenger 2009-04-28 23:25:23 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-28 23:25:11 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-04-28 21:15:50 ----A---- C:\WINDOWS\ODBC.INI 2009-04-28 21:09:10 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-04-28 21:08:28 ----D---- C:\Program Files\SpywareBlaster 2009-04-28 20:59:13 ----D---- C:\WINDOWS\Help 2009-04-28 20:59:12 ----D---- C:\WINDOWS\AppPatch 2009-04-28 20:57:08 ----D---- C:\Program Files\Internet Explorer 2009-04-28 20:56:49 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-28 20:55:56 ----D---- C:\WINDOWS\WBEM 2009-04-28 20:55:37 ----D---- C:\WINDOWS\Media 2009-04-28 20:53:54 ----D---- C:\WINDOWS\system32\CatRoot 2009-04-28 20:48:05 ----D---- C:\WINDOWS\Debug 2009-04-28 16:19:37 ----D---- C:\WINDOWS\SoftwareDistribution 2009-04-28 16:19:00 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-04-15 19:56:13 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment 2009-04-15 18:40:19 ----D---- C:\Program Files\Sonic 2009-04-07 13:19:51 ----A---- C:\WINDOWS\system32\winsock.dll 2009-04-06 07:57:26 ----A---- C:\WINDOWS\system32\MRT.exe 2009-04-02 22:30:19 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-04-02 22:29:49 ----D---- C:\WINDOWS\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384] R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-30 6400] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2005-05-13 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2005-05-13 23545] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-06-03 9600] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2005-04-21 40544] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-05-31 25725] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-05-31 34845] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-05-31 4125] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-05-31 2273] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-05-31 86876] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-05-31 15069] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-05-31 6365] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-05-31 98716] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-05-31 100605] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-05 1066278] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-21 2324480] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-16 101874] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-23 162176] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-07-29 30592] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [] S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600] S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] S3 brfilt;Pilote de filtre Brother MFC; C:\WINDOWS\System32\Drivers\Brfilt.sys [2001-08-17 2944] S3 BrFiltLo;Pilote de filtre inférieur de stockage de masse Brother USB; C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys [2001-08-17 12160] S3 BrFiltUp;Pilote de filtre supérieur de stockage de masse Brother USB; C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys [2001-08-17 3968] S3 BrSerWDM;Pilote série WDM Brother; C:\WINDOWS\System32\Drivers\BrSerWdm.sys [2001-08-17 60416] S3 BrUsbMdm;Brother MFC USB modem télécopieur uniquement; C:\WINDOWS\System32\Drivers\BrUsbMdm.sys [2001-08-17 11008] S3 BrUsbScn;Pilote de scanneur Brother MFC USB; C:\WINDOWS\System32\Drivers\BrUsbScn.sys [2001-08-17 10368] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-19 1049180] S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2004-08-05 63744] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-04 15360] S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-05 11136] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-05 10240] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 snpstd;VideoCAM Eye; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2005-06-20 390912] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-03-24 8192] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672] S3 USB28xxBGA;USB 2883 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-08-09 291200] S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-09 28160] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-29 152984] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464] R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe [2006-01-19 49152] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952] S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF----------------- voilà je pense que je n'ai rien oublié
- le 1 mai 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Désolé j'aurai dut mieux m'exprimer. voilà ce qui se passe : j'ai copier coller l'adresse, lop s&d s'est bien lancé (je n'ai pas le temps de voir ce qu'il fait car ça défile à toute vitesse et ça dure une seconde) ensuite il se ferme tout de suite et je n'ai aucun rapport qui s'affiche. j'ai donc cherché dans C\ le fichier lopR.txt il n'y en a pas (j'ai aussi fait une recherche avec la commande du menu démarrer mais ça n'a rien donné non plus) ...
- le 30 avril 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

RE j'ai copier coller et lop s&d c'est lancé mais je suis pas sure qu'il est fait un scan car je n'ai pas eu de rapport, de plus le dossier boonty est toujours présent sur mon pc que dois-je faire?
- le 29 avril 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Bonjour Thanos, *finalement j'ai pu faire la mise à jour de MBAM du coup j'ai fait le scan dont voici le rapport : Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2055 Windows 5.1.2600 Service Pack 2 28/04/09 23:18:04 mbam-log-2009-04-28 (23-18-04).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Eléments examinés: 187416 Temps écoulé: 54 minute(s), 42 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) *effectivement je peux ouvrir tout mes supports amovibles sans problème et ma connexion internet fonctionne correctement de nouveau d'ailleurs j'ai pu faire la mise à jour de windows *le chemin que tu m'as donné pour faire le scan avec Lop S&D et désinstaller Boonty ne fonctionne pas, du moins mon pc me dit qu'il ne le trouve pas *pour le scan avec RSIT tu as besoin que je connecte mes supports amovibles ou pas? j'y retourne car il me reste encore JavaRa à faire
- le 29 avril 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Salut Thanos, j'ai fait tout ce que tu m'as dit sauf la mise à jour de MBAM que je ne peux toujours pas faire. Par contre il n'y a plus de virus sur mes clés usb et autres... l'antivirus a détecté d'autres virus notamment pendant le scan de fixdownadup que j'ai mis en quarantaine, d'ailleurs que dois-je faire des dossiers en quarantaine? voici les rapports de la journée OTMoveit3 : Error: Unable to interpret <:first> in the current context! ========== FILES ========== LoadLibrary failed for C:\WINDOWS\system32\fsbglmpe.dll C:\WINDOWS\system32\fsbglmpe.dll NOT unregistered. File move failed. C:\WINDOWS\system32\fsbglmpe.dll scheduled to be moved on reboot. File/Folder C:\autorun.inf not found. F:\autorun.inf moved successfully. G:\autorun.inf moved successfully. H:\autorun.inf moved successfully. I:\autorun.inf moved successfully. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36c5e1e6-072d-11dd-bd50-00166f2a333e}\\ not found. ========== COMMANDS ========== User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Documents and Settings\Emilie BUREL\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. User's Temporary Internet Files folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. Network Service Temp folder emptied. File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Network Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7b8.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. FireFox cache emptied. Temp folders emptied. OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04282009_123455 Files moved on Reboot... LoadLibrary failed for C:\WINDOWS\system32\fsbglmpe.dll C:\WINDOWS\system32\fsbglmpe.dll NOT unregistered. File move failed. C:\WINDOWS\system32\fsbglmpe.dll scheduled to be moved on reboot. File C:\WINDOWS\temp\Perflib_Perfdata_7b8.dat not found! Fixdownadup : Symantec W32.Downadup Removal Tool 1.0.7 process: svchost.exe, thread: 000000A8 (terminated) process: svchost.exe, thread: 00000878 (terminated) process: svchost.exe, thread: 00000888 (terminated) process: svchost.exe, thread: 0000088C (terminated) process: svchost.exe, thread: 00000890 (terminated) process: svchost.exe, thread: 00000898 (terminated) process: svchost.exe (terminated) C:\_OTMoveIt\MovedFiles\04282009_123455\autorun.inf: W32.Downadup!autorun (unrepairable) (deleted) F:\autorun.inf: W32.Downadup!autorun (unrepairable) (deleted) G:\autorun.inf: W32.Downadup!autorun (unrepairable) (deleted) H:\autorun.inf: W32.Downadup!autorun (unrepairable) (deleted) I:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP16\A0010826.inf: W32.Downadup!autorun (unrepairable) (deleted) I:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP17\A0010829.inf: W32.Downadup!autorun (unrepairable) (deleted) I:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP20\A0011227.inf: W32.Downadup!autorun (unrepairable) (deleted) I:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP20\A0012220.inf: W32.Downadup!autorun (unrepairable) (deleted) I:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP20\A0012249.inf: W32.Downadup!autorun (unrepairable) (deleted) scheduled job: Unable to enumerate scheduled jobs. Returned status 2184 registry: HKLM\system\CurrentControlSet\Services\wuauserv: Start (value set to 0x00000002 (2)) registry: HKLM\system\CurrentControlSet\Services\BITS: Start (value set to 0x00000003 (3)) W32.Downadup has been successfully removed from your computer! Here is the report: The total number of the scanned files: 88265 The number of deleted threat files: 9 The number of threat processes terminated: 1 The number of threat threads terminated: 6 The number of registry entries fixed: 2 The tool initiated a system reboot. Affaire à suivre...
- le 28 avril 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Bonjour Thanos, je n'ai toujours pas pu faire la mise à jour de MBAM car j'ai un message d'erreur comme quoi la connection internet ne fonctionne pas alors si t'as une autre solution pour faire la mise à jour je suis open lol! d'autre part, j'ai remarqué que lorsque je branche mes clés usb et mon disque dur externe antivir m'alerte d'un virus ou un fichier malveillant et lorsque je le met en quarantaine je ne peux pas ouvrir mes clés et mon disque dur externe car ce message s'affiche RUNDLL erreur de chargement de .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx le module spécifié est introuvable et c'est le même message pour tous! voici tout de même les 2 premiers rapports le 1er LopR.txt --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Emilie BUREL ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated) C:\ (Local Disk) - NTFS - Total:92 Go (Free:64 Go) D:\ (CD or DVD) E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) G:\ (USB) - FAT32 - Total:3827 Mo (Free:3 Go) H:\ (USB) - FAT - Total:1929 Mo (Free:0 Go) I:\ (Local Disk) - FAT32 - Total:298 Go (Free:265 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [2] ( 27/04/09|15:20 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\EMILIE~1\APPLIC~1\BitDownload\Data Supprime! - C:\Program Files\Multi_Media_France\INSTALL.LOG Supprime! - C:\DOCUME~1\EMILIE~1\Cookies\emilie burel@www.pacificpoker[1].txt Supprime! - C:\DOCUME~1\EMILIE~1\APPLIC~1\Bitdownload Supprime! - C:\Program Files\Multi_Media_France - [ Fichier Hosts ] .. Restaure! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [16/09/05|10:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [24/07/08|21:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba [29/03/07|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B73EC431-2F59-4E5E-9CEA-001681A75E3E} [01/12/06|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [26/04/09|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [01/02/09|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [21/11/07|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dynacom [24/04/09|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [22/09/06|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12/07/06|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive [13/07/06|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs [11/04/06|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar [25/12/06|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [23/12/07|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [16/09/05|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [23/04/06|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [02/04/09|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [02/04/09|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [17/01/08|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [16/02/09|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG [11/07/06|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [23/03/08|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Adobe [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\AdobeUM [16/09/05|08:57] C:\DOCUME~1\Boulot\APPLIC~1\Identities [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Macromedia [30/03/09|15:39] C:\DOCUME~1\Boulot\APPLIC~1\Microsoft [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\Mozilla [24/03/09|14:13] C:\DOCUME~1\Boulot\APPLIC~1\Real [16/09/05|11:05] C:\DOCUME~1\Boulot\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\Boulot\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\Boulot\APPLIC~1\toshiba [16/09/05|10:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [16/09/05|11:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba [05/06/06|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\Adobe [22/08/07|18:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\AdobeUM [06/02/09|17:09] C:\DOCUME~1\EMILIE~1\APPLIC~1\Ahead [01/02/09|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\AVS4YOU [22/02/07|19:37] C:\DOCUME~1\EMILIE~1\APPLIC~1\Comptabilit‚ [06/02/09|17:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\COWON [25/06/07|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\DivX [29/03/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Dynacom [03/08/06|12:55] C:\DOCUME~1\EMILIE~1\APPLIC~1\EBP [27/07/06|12:57] C:\DOCUME~1\EMILIE~1\APPLIC~1\Google [11/04/06|12:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\Help [16/02/09|14:24] C:\DOCUME~1\EMILIE~1\APPLIC~1\HP [29/05/07|13:00] C:\DOCUME~1\EMILIE~1\APPLIC~1\Identities [17/01/08|22:25] C:\DOCUME~1\EMILIE~1\APPLIC~1\InstallShield [11/04/06|12:32] C:\DOCUME~1\EMILIE~1\APPLIC~1\InterVideo [20/06/06|23:43] C:\DOCUME~1\EMILIE~1\APPLIC~1\Leadertech [11/04/06|18:53] C:\DOCUME~1\EMILIE~1\APPLIC~1\Macromedia [24/04/09|15:45] C:\DOCUME~1\EMILIE~1\APPLIC~1\Malwarebytes [23/01/08|20:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\Media Player Classic [23/03/08|18:14] C:\DOCUME~1\EMILIE~1\APPLIC~1\Microsoft [11/09/08|14:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Mozilla [11/04/06|22:44] C:\DOCUME~1\EMILIE~1\APPLIC~1\MSN Search Toolbar [04/02/09|13:54] C:\DOCUME~1\EMILIE~1\APPLIC~1\Music Recognition [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\NetMedia Providers [20/03/09|23:35] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker [20/03/09|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker4 [29/12/06|20:21] C:\DOCUME~1\EMILIE~1\APPLIC~1\Pinnacle Systems [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Publish Providers [18/08/08|18:15] C:\DOCUME~1\EMILIE~1\APPLIC~1\Real [24/10/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Samsung [30/06/08|16:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Skype [16/09/05|11:05] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sonic [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sony [14/04/06|16:58] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sun [11/04/06|22:27] C:\DOCUME~1\EMILIE~1\APPLIC~1\Symantec [06/03/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Talkback [17/01/08|22:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\TomTom [16/09/05|11:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\toshiba [26/04/09|19:15] C:\DOCUME~1\EMILIE~1\APPLIC~1\U3 [09/06/07|13:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\Wormux [10/11/06|05:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/04/06|16:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [16/09/05|08:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [27/04/09 15:13][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/04 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [18/09/07|23:57] C:\Program Files\Adobe [29/07/08|18:28] C:\Program Files\Ahead [11/12/06|18:55] C:\Program Files\Alliance MCA [05/02/07|20:01] C:\Program Files\Alwil Software [08/02/09|15:44] C:\Program Files\AmazingMIDI [16/09/05|10:22] C:\Program Files\Apoint2K [11/04/06|11:57] C:\Program Files\ATI Technologies [26/04/09|18:47] C:\Program Files\Avira [21/11/07|13:25] C:\Program Files\Boonty [21/11/07|13:25] C:\Program Files\BoontyGames [31/03/09|22:44] C:\Program Files\broadjump [16/04/07|12:51] C:\Program Files\C-Media [12/07/06|23:35] C:\Program Files\Common Files [22/09/06|10:35] C:\Program Files\DD PlayCam [31/07/08|12:23] C:\Program Files\DivX [16/04/08|14:36] C:\Program Files\DVD-RAM [14/12/08|13:15] C:\Program Files\emule [20/06/07|18:41] C:\Program Files\eMulev0.48a.-MorphXTv10.0-bin [06/02/09|17:08] C:\Program Files\Fichiers communs [17/03/07|19:43] C:\Program Files\FileZilla [13/04/06|20:33] C:\Program Files\Formation interactive Microsoft [17/05/08|21:18] C:\Program Files\Free Audio Pack [27/07/06|12:22] C:\Program Files\Google [15/04/07|14:08] C:\Program Files\HHD Software [17/08/07|20:02] C:\Program Files\IncrediMail [06/02/09|17:01] C:\Program Files\InstallShield Installation Information [03/10/06|18:53] C:\Program Files\Intel [09/04/08|12:49] C:\Program Files\Internet Explorer [11/04/06|11:59] C:\Program Files\InterVideo [16/09/05|08:49] C:\Program Files\Java [28/08/07|17:23] C:\Program Files\Lauyan [16/09/05|10:12] C:\Program Files\ltmoh [12/07/06|00:39] C:\Program Files\Macrogaming [20/09/07|17:46] C:\Program Files\Macromedia [24/04/09|15:45] C:\Program Files\Malwarebytes' Anti-Malware [01/06/07|19:22] C:\Program Files\Messenger [24/07/08|17:52] C:\Program Files\MGI [16/09/05|08:38] C:\Program Files\microsoft frontpage [27/04/06|20:14] C:\Program Files\Microsoft Office [25/12/06|12:52] C:\Program Files\Microsoft SQL Server [23/03/08|18:28] C:\Program Files\Microsoft SQL Server Compact Edition [27/04/06|20:15] C:\Program Files\Microsoft Visual Studio [01/06/07|19:22] C:\Program Files\Microsoft Works [16/09/05|11:09] C:\Program Files\Microsoft.NET [26/09/06|13:11] C:\Program Files\Motive [16/09/05|08:35] C:\Program Files\Movie Maker [27/04/09|15:14] C:\Program Files\Mozilla Firefox [14/09/08|18:07] C:\Program Files\Mozilla Sunbird [16/09/05|08:34] C:\Program Files\MSN [16/09/05|08:34] C:\Program Files\MSN Gaming Zone [11/04/06|22:43] C:\Program Files\MSN Toolbar Suite [01/12/06|15:03] C:\Program Files\MSXML 4.0 [27/06/07|19:13] C:\Program Files\MySoftware [24/01/07|15:48] C:\Program Files\NetMeeting [30/05/07|15:34] C:\Program Files\neuf Talk [16/09/05|08:34] C:\Program Files\Online Services [03/12/07|18:21] C:\Program Files\Outlook Express [20/03/09|23:35] C:\Program Files\PacificPoker [20/03/09|23:26] C:\Program Files\PacificPoker4 [25/12/06|12:52] C:\Program Files\Pinnacle [04/10/08|18:29] C:\Program Files\Planning Manager [23/12/07|18:45] C:\Program Files\QuickTime [18/08/08|18:15] C:\Program Files\Real [09/04/08|12:29] C:\Program Files\Real Alternative [16/09/05|10:17] C:\Program Files\Realtek AC97 [09/08/06|19:06] C:\Program Files\ReflexiveArcade [15/08/08|13:43] C:\Program Files\SAGEM [24/10/07|14:05] C:\Program Files\Samsung [16/09/05|08:36] C:\Program Files\Services en ligne [23/04/06|17:48] C:\Program Files\Skype [15/04/09|18:40] C:\Program Files\Sonic [01/04/09|17:57] C:\Program Files\Spybot - Search & Destroy [01/04/09|17:29] C:\Program Files\SpywareBlaster [08/02/09|15:26] C:\Program Files\TallStick [13/03/09|23:47] C:\Program Files\TomTom HOME 2 [27/06/07|13:58] C:\Program Files\Toshiba [26/04/09|14:14] C:\Program Files\trend micro [12/12/06|12:30] C:\Program Files\Uninstall Information [22/09/06|10:30] C:\Program Files\VideoCAM Eye [01/08/07|12:49] C:\Program Files\VideoLAN [23/03/08|18:29] C:\Program Files\Windows Live [01/06/07|19:22] C:\Program Files\Windows Media Connect 2 [21/02/07|11:19] C:\Program Files\Windows Media Player [16/09/05|08:34] C:\Program Files\Windows NT [20/07/06|10:57] C:\Program Files\Wingen [03/08/06|12:41] C:\Program Files\WinRAR [21/09/07|23:02] C:\Program Files\Wormux 0.7 [16/09/05|08:38] C:\Program Files\xerox [08/02/09|15:04] C:\Program Files\YAMAHA [16/04/06|23:36] C:\Program Files\ZonejeuX --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/09/05|10:47] C:\Program Files\Fichiers communs\Adobe [29/07/08|18:28] C:\Program Files\Fichiers communs\Ahead [01/02/09|17:51] C:\Program Files\Fichiers communs\AVSMedia [15/04/09|19:56] C:\Program Files\Fichiers communs\Blizzard Entertainment [21/11/07|13:26] C:\Program Files\Fichiers communs\BOONTY Shared [27/04/06|20:15] C:\Program Files\Fichiers communs\Designer [13/05/07|23:45] C:\Program Files\Fichiers communs\Hewlett-Packard [15/04/07|14:08] C:\Program Files\Fichiers communs\HHD Software [22/02/09|22:08] C:\Program Files\Fichiers communs\HP [16/09/05|10:26] C:\Program Files\Fichiers communs\InstallShield [16/09/05|08:49] C:\Program Files\Fichiers communs\Java [04/04/07|21:03] C:\Program Files\Fichiers communs\Micro Application Shared [01/02/09|17:51] C:\Program Files\Fichiers communs\Microsoft Shared [16/09/05|08:35] C:\Program Files\Fichiers communs\MSSoap [01/12/06|12:58] C:\Program Files\Fichiers communs\NSV [16/09/05|10:30] C:\Program Files\Fichiers communs\ODBC [18/08/08|18:16] C:\Program Files\Fichiers communs\Real [16/09/05|08:35] C:\Program Files\Fichiers communs\Services [16/09/05|10:30] C:\Program Files\Fichiers communs\SpeechEngines [05/12/06|18:42] C:\Program Files\Fichiers communs\Symantec Shared [03/12/07|18:21] C:\Program Files\Fichiers communs\System [22/09/06|10:30] C:\Program Files\Fichiers communs\VCAMEye [23/03/08|18:29] C:\Program Files\Fichiers communs\WindowsLiveInstaller [18/08/08|18:16] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 57 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-27 15:21:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 279 --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== [F:39][D:11]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\Temp [F:10][D:0]-> C:\DOCUME~1\EMILIE~1\Cookies [F:667][D:4]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/04/09|16:52 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 27/04/09|15:22 - Option : [2] --------------------\\ Fin du rapport a 15:22:50 Et le 2ème LopR.txt --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Emilie BUREL ( Administrator ) BOOT : Normal boot Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated) C:\ (Local Disk) - NTFS - Total:92 Go (Free:64 Go) D:\ (CD or DVD) E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) G:\ (USB) - FAT32 - Total:3827 Mo (Free:3 Go) H:\ (USB) - FAT - Total:1929 Mo (Free:0 Go) I:\ (Local Disk) - FAT32 - Total:298 Go (Free:265 Go) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [4] ( 27/04/09|15:26 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Lop Script C:\WINDOWS\system32\fsbglmpe.dll C:\WINDOWS\Pack.epk \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Echec ! - C:\WINDOWS\system32\fsbglmpe.dll Supprime! - C:\WINDOWS\Pack.epk \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ DEUXIEME PASSAGE Echec ! - C:\WINDOWS\system32\fsbglmpe.dll ... C:\WINDOWS\Pack.epk -> n'existe pas ! \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [16/09/05|10:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [24/07/08|21:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba [29/03/07|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B73EC431-2F59-4E5E-9CEA-001681A75E3E} [01/12/06|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [26/04/09|18:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira [01/02/09|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [21/11/07|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dynacom [24/04/09|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [22/09/06|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12/07/06|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive [13/07/06|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs [11/04/06|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar [25/12/06|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [23/12/07|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [16/09/05|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [23/04/06|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [02/04/09|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [02/04/09|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [17/01/08|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [16/02/09|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG [11/07/06|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [23/03/08|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Adobe [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\AdobeUM [16/09/05|08:57] C:\DOCUME~1\Boulot\APPLIC~1\Identities [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Macromedia [30/03/09|15:39] C:\DOCUME~1\Boulot\APPLIC~1\Microsoft [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\Mozilla [24/03/09|14:13] C:\DOCUME~1\Boulot\APPLIC~1\Real [16/09/05|11:05] C:\DOCUME~1\Boulot\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\Boulot\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\Boulot\APPLIC~1\toshiba [16/09/05|10:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [16/09/05|11:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba [05/06/06|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\Adobe [22/08/07|18:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\AdobeUM [06/02/09|17:09] C:\DOCUME~1\EMILIE~1\APPLIC~1\Ahead [01/02/09|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\AVS4YOU [22/02/07|19:37] C:\DOCUME~1\EMILIE~1\APPLIC~1\Comptabilit‚ [06/02/09|17:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\COWON [25/06/07|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\DivX [29/03/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Dynacom [03/08/06|12:55] C:\DOCUME~1\EMILIE~1\APPLIC~1\EBP [27/07/06|12:57] C:\DOCUME~1\EMILIE~1\APPLIC~1\Google [11/04/06|12:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\Help [16/02/09|14:24] C:\DOCUME~1\EMILIE~1\APPLIC~1\HP [29/05/07|13:00] C:\DOCUME~1\EMILIE~1\APPLIC~1\Identities [17/01/08|22:25] C:\DOCUME~1\EMILIE~1\APPLIC~1\InstallShield [11/04/06|12:32] C:\DOCUME~1\EMILIE~1\APPLIC~1\InterVideo [20/06/06|23:43] C:\DOCUME~1\EMILIE~1\APPLIC~1\Leadertech [11/04/06|18:53] C:\DOCUME~1\EMILIE~1\APPLIC~1\Macromedia [24/04/09|15:45] C:\DOCUME~1\EMILIE~1\APPLIC~1\Malwarebytes [23/01/08|20:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\Media Player Classic [23/03/08|18:14] C:\DOCUME~1\EMILIE~1\APPLIC~1\Microsoft [11/09/08|14:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Mozilla [11/04/06|22:44] C:\DOCUME~1\EMILIE~1\APPLIC~1\MSN Search Toolbar [04/02/09|13:54] C:\DOCUME~1\EMILIE~1\APPLIC~1\Music Recognition [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\NetMedia Providers [20/03/09|23:35] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker [20/03/09|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker4 [29/12/06|20:21] C:\DOCUME~1\EMILIE~1\APPLIC~1\Pinnacle Systems [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Publish Providers [18/08/08|18:15] C:\DOCUME~1\EMILIE~1\APPLIC~1\Real [24/10/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Samsung [30/06/08|16:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Skype [16/09/05|11:05] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sonic [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sony [14/04/06|16:58] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sun [11/04/06|22:27] C:\DOCUME~1\EMILIE~1\APPLIC~1\Symantec [06/03/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Talkback [17/01/08|22:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\TomTom [16/09/05|11:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\toshiba [26/04/09|19:15] C:\DOCUME~1\EMILIE~1\APPLIC~1\U3 [09/06/07|13:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\Wormux [10/11/06|05:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/04/06|16:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [16/09/05|08:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [27/04/09 15:13][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/04 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [18/09/07|23:57] C:\Program Files\Adobe [29/07/08|18:28] C:\Program Files\Ahead [11/12/06|18:55] C:\Program Files\Alliance MCA [05/02/07|20:01] C:\Program Files\Alwil Software [08/02/09|15:44] C:\Program Files\AmazingMIDI [16/09/05|10:22] C:\Program Files\Apoint2K [11/04/06|11:57] C:\Program Files\ATI Technologies [26/04/09|18:47] C:\Program Files\Avira [21/11/07|13:25] C:\Program Files\Boonty [21/11/07|13:25] C:\Program Files\BoontyGames [31/03/09|22:44] C:\Program Files\broadjump [16/04/07|12:51] C:\Program Files\C-Media [12/07/06|23:35] C:\Program Files\Common Files [22/09/06|10:35] C:\Program Files\DD PlayCam [31/07/08|12:23] C:\Program Files\DivX [16/04/08|14:36] C:\Program Files\DVD-RAM [14/12/08|13:15] C:\Program Files\emule [20/06/07|18:41] C:\Program Files\eMulev0.48a.-MorphXTv10.0-bin [06/02/09|17:08] C:\Program Files\Fichiers communs [17/03/07|19:43] C:\Program Files\FileZilla [13/04/06|20:33] C:\Program Files\Formation interactive Microsoft [17/05/08|21:18] C:\Program Files\Free Audio Pack [27/07/06|12:22] C:\Program Files\Google [15/04/07|14:08] C:\Program Files\HHD Software [17/08/07|20:02] C:\Program Files\IncrediMail [06/02/09|17:01] C:\Program Files\InstallShield Installation Information [03/10/06|18:53] C:\Program Files\Intel [09/04/08|12:49] C:\Program Files\Internet Explorer [11/04/06|11:59] C:\Program Files\InterVideo [16/09/05|08:49] C:\Program Files\Java [28/08/07|17:23] C:\Program Files\Lauyan [16/09/05|10:12] C:\Program Files\ltmoh [12/07/06|00:39] C:\Program Files\Macrogaming [20/09/07|17:46] C:\Program Files\Macromedia [24/04/09|15:45] C:\Program Files\Malwarebytes' Anti-Malware [01/06/07|19:22] C:\Program Files\Messenger [24/07/08|17:52] C:\Program Files\MGI [16/09/05|08:38] C:\Program Files\microsoft frontpage [27/04/06|20:14] C:\Program Files\Microsoft Office [25/12/06|12:52] C:\Program Files\Microsoft SQL Server [23/03/08|18:28] C:\Program Files\Microsoft SQL Server Compact Edition [27/04/06|20:15] C:\Program Files\Microsoft Visual Studio [01/06/07|19:22] C:\Program Files\Microsoft Works [16/09/05|11:09] C:\Program Files\Microsoft.NET [26/09/06|13:11] C:\Program Files\Motive [16/09/05|08:35] C:\Program Files\Movie Maker [27/04/09|15:14] C:\Program Files\Mozilla Firefox [14/09/08|18:07] C:\Program Files\Mozilla Sunbird [16/09/05|08:34] C:\Program Files\MSN [16/09/05|08:34] C:\Program Files\MSN Gaming Zone [11/04/06|22:43] C:\Program Files\MSN Toolbar Suite [01/12/06|15:03] C:\Program Files\MSXML 4.0 [27/06/07|19:13] C:\Program Files\MySoftware [24/01/07|15:48] C:\Program Files\NetMeeting [30/05/07|15:34] C:\Program Files\neuf Talk [16/09/05|08:34] C:\Program Files\Online Services [03/12/07|18:21] C:\Program Files\Outlook Express [20/03/09|23:35] C:\Program Files\PacificPoker [20/03/09|23:26] C:\Program Files\PacificPoker4 [25/12/06|12:52] C:\Program Files\Pinnacle [04/10/08|18:29] C:\Program Files\Planning Manager [23/12/07|18:45] C:\Program Files\QuickTime [18/08/08|18:15] C:\Program Files\Real [09/04/08|12:29] C:\Program Files\Real Alternative [16/09/05|10:17] C:\Program Files\Realtek AC97 [09/08/06|19:06] C:\Program Files\ReflexiveArcade [15/08/08|13:43] C:\Program Files\SAGEM [24/10/07|14:05] C:\Program Files\Samsung [16/09/05|08:36] C:\Program Files\Services en ligne [23/04/06|17:48] C:\Program Files\Skype [15/04/09|18:40] C:\Program Files\Sonic [01/04/09|17:57] C:\Program Files\Spybot - Search & Destroy [01/04/09|17:29] C:\Program Files\SpywareBlaster [08/02/09|15:26] C:\Program Files\TallStick [13/03/09|23:47] C:\Program Files\TomTom HOME 2 [27/06/07|13:58] C:\Program Files\Toshiba [26/04/09|14:14] C:\Program Files\trend micro [12/12/06|12:30] C:\Program Files\Uninstall Information [22/09/06|10:30] C:\Program Files\VideoCAM Eye [01/08/07|12:49] C:\Program Files\VideoLAN [23/03/08|18:29] C:\Program Files\Windows Live [01/06/07|19:22] C:\Program Files\Windows Media Connect 2 [21/02/07|11:19] C:\Program Files\Windows Media Player [16/09/05|08:34] C:\Program Files\Windows NT [20/07/06|10:57] C:\Program Files\Wingen [03/08/06|12:41] C:\Program Files\WinRAR [21/09/07|23:02] C:\Program Files\Wormux 0.7 [16/09/05|08:38] C:\Program Files\xerox [08/02/09|15:04] C:\Program Files\YAMAHA [16/04/06|23:36] C:\Program Files\ZonejeuX --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/09/05|10:47] C:\Program Files\Fichiers communs\Adobe [29/07/08|18:28] C:\Program Files\Fichiers communs\Ahead [01/02/09|17:51] C:\Program Files\Fichiers communs\AVSMedia [15/04/09|19:56] C:\Program Files\Fichiers communs\Blizzard Entertainment [21/11/07|13:26] C:\Program Files\Fichiers communs\BOONTY Shared [27/04/06|20:15] C:\Program Files\Fichiers communs\Designer [13/05/07|23:45] C:\Program Files\Fichiers communs\Hewlett-Packard [15/04/07|14:08] C:\Program Files\Fichiers communs\HHD Software [22/02/09|22:08] C:\Program Files\Fichiers communs\HP [16/09/05|10:26] C:\Program Files\Fichiers communs\InstallShield [16/09/05|08:49] C:\Program Files\Fichiers communs\Java [04/04/07|21:03] C:\Program Files\Fichiers communs\Micro Application Shared [01/02/09|17:51] C:\Program Files\Fichiers communs\Microsoft Shared [16/09/05|08:35] C:\Program Files\Fichiers communs\MSSoap [01/12/06|12:58] C:\Program Files\Fichiers communs\NSV [16/09/05|10:30] C:\Program Files\Fichiers communs\ODBC [18/08/08|18:16] C:\Program Files\Fichiers communs\Real [16/09/05|08:35] C:\Program Files\Fichiers communs\Services [16/09/05|10:30] C:\Program Files\Fichiers communs\SpeechEngines [05/12/06|18:42] C:\Program Files\Fichiers communs\Symantec Shared [03/12/07|18:21] C:\Program Files\Fichiers communs\System [22/09/06|10:30] C:\Program Files\Fichiers communs\VCAMEye [23/03/08|18:29] C:\Program Files\Fichiers communs\WindowsLiveInstaller [18/08/08|18:16] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 57 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-27 15:27:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 279 --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [F:39][D:11]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\Temp [F:10][D:0]-> C:\DOCUME~1\EMILIE~1\Cookies [F:667][D:4]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/04/09|16:52 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 27/04/09|15:22 - Option : [2] 3 - "C:\Lop SD\LopR_3.txt" - 27/04/09|15:29 - Option : [4] --------------------\\ Fin du rapport a 15:29:00 Pour la suite j'attend ta réponse par rapport à la mise à jour
- le 27 avril 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a répondu à un(e) sujet de milizen dans Analyses et éradication malwares

Salut Thanos Merci encore pour ton aide précieuse! alors j'ai fait ce que tu m'as demandé et voilà les rapports Rapport de Lopsd : --------------------\\ Lop S&D 4.2.5-0 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® M processor 1.73GHz ) BIOS : Ver 1.00PARTTBL USER : Emilie BUREL ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1296 [VPS 090425-0] 4.8.1296 (Not Activated) C:\ (Local Disk) - NTFS - Total:92 Go (Free:64 Go) D:\ (CD or DVD) "C:\Lop SD" ( MAJ : 19-12-2008|23:40 ) Option : [1] ( 26/04/09|16:50 ) --------------------\\ Listing des dossiers dans APPLIC~1 [16/09/05|10:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft [24/07/08|21:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba [29/03/07|14:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B73EC431-2F59-4E5E-9CEA-001681A75E3E} [01/12/06|13:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [01/02/09|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU [21/11/07|13:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ciel [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dynacom [24/04/09|15:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com [15/04/06|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [22/09/06|10:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [12/07/06|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive [13/07/06|00:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MotiveSysIDs [11/04/06|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN Search Toolbar [25/12/06|12:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle [23/12/07|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [16/09/05|08:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [23/04/06|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [02/04/09|22:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [24/07/08|21:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [02/04/09|22:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [17/01/08|22:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom [16/02/09|14:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG [11/07/06|11:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [23/03/08|18:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Adobe [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\AdobeUM [16/09/05|08:57] C:\DOCUME~1\Boulot\APPLIC~1\Identities [24/03/09|14:23] C:\DOCUME~1\Boulot\APPLIC~1\Macromedia [30/03/09|15:39] C:\DOCUME~1\Boulot\APPLIC~1\Microsoft [24/03/09|14:22] C:\DOCUME~1\Boulot\APPLIC~1\Mozilla [24/03/09|14:13] C:\DOCUME~1\Boulot\APPLIC~1\Real [16/09/05|11:05] C:\DOCUME~1\Boulot\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\Boulot\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\Boulot\APPLIC~1\toshiba [16/09/05|10:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe [16/09/05|08:57] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/09/05|10:48] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [16/09/05|11:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic [16/09/05|11:10] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [16/09/05|11:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba [05/06/06|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\Adobe [22/08/07|18:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\AdobeUM [06/02/09|17:09] C:\DOCUME~1\EMILIE~1\APPLIC~1\Ahead [01/02/09|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\AVS4YOU [16/02/07|14:19] C:\DOCUME~1\EMILIE~1\APPLIC~1\BitDownload [22/02/07|19:37] C:\DOCUME~1\EMILIE~1\APPLIC~1\Comptabilit‚ [06/02/09|17:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\COWON [25/06/07|17:51] C:\DOCUME~1\EMILIE~1\APPLIC~1\DivX [29/03/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Dynacom [03/08/06|12:55] C:\DOCUME~1\EMILIE~1\APPLIC~1\EBP [27/07/06|12:57] C:\DOCUME~1\EMILIE~1\APPLIC~1\Google [11/04/06|12:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\Help [16/02/09|14:24] C:\DOCUME~1\EMILIE~1\APPLIC~1\HP [29/05/07|13:00] C:\DOCUME~1\EMILIE~1\APPLIC~1\Identities [17/01/08|22:25] C:\DOCUME~1\EMILIE~1\APPLIC~1\InstallShield [11/04/06|12:32] C:\DOCUME~1\EMILIE~1\APPLIC~1\InterVideo [20/06/06|23:43] C:\DOCUME~1\EMILIE~1\APPLIC~1\Leadertech [11/04/06|18:53] C:\DOCUME~1\EMILIE~1\APPLIC~1\Macromedia [24/04/09|15:45] C:\DOCUME~1\EMILIE~1\APPLIC~1\Malwarebytes [23/01/08|20:08] C:\DOCUME~1\EMILIE~1\APPLIC~1\Media Player Classic [23/03/08|18:14] C:\DOCUME~1\EMILIE~1\APPLIC~1\Microsoft [11/09/08|14:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Mozilla [11/04/06|22:44] C:\DOCUME~1\EMILIE~1\APPLIC~1\MSN Search Toolbar [04/02/09|13:54] C:\DOCUME~1\EMILIE~1\APPLIC~1\Music Recognition [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\NetMedia Providers [20/03/09|23:35] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker [20/03/09|23:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\PacificPoker4 [29/12/06|20:21] C:\DOCUME~1\EMILIE~1\APPLIC~1\Pinnacle Systems [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Publish Providers [18/08/08|18:15] C:\DOCUME~1\EMILIE~1\APPLIC~1\Real [24/10/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Samsung [30/06/08|16:30] C:\DOCUME~1\EMILIE~1\APPLIC~1\Skype [16/09/05|11:05] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sonic [07/07/07|14:49] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sony [14/04/06|16:58] C:\DOCUME~1\EMILIE~1\APPLIC~1\Sun [11/04/06|22:27] C:\DOCUME~1\EMILIE~1\APPLIC~1\Symantec [06/03/07|14:12] C:\DOCUME~1\EMILIE~1\APPLIC~1\Talkback [17/01/08|22:26] C:\DOCUME~1\EMILIE~1\APPLIC~1\TomTom [16/09/05|11:02] C:\DOCUME~1\EMILIE~1\APPLIC~1\toshiba [26/04/09|10:59] C:\DOCUME~1\EMILIE~1\APPLIC~1\U3 [09/06/07|13:03] C:\DOCUME~1\EMILIE~1\APPLIC~1\Wormux [10/11/06|05:01] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia [28/04/06|16:32] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [16/09/05|08:41] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [26/04/09 14:08][--ah-----] C:\WINDOWS\tasks\SA.DAT [05/08/04 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini --------------------\\ Listing des dossiers dans C:\Program Files [18/09/07|23:57] C:\Program Files\Adobe [29/07/08|18:28] C:\Program Files\Ahead [11/12/06|18:55] C:\Program Files\Alliance MCA [05/02/07|20:01] C:\Program Files\Alwil Software [08/02/09|15:44] C:\Program Files\AmazingMIDI [16/09/05|10:22] C:\Program Files\Apoint2K [11/04/06|11:57] C:\Program Files\ATI Technologies [01/02/09|22:02] C:\Program Files\AVS4YOU [21/11/07|13:25] C:\Program Files\Boonty [21/11/07|13:25] C:\Program Files\BoontyGames [31/03/09|22:44] C:\Program Files\broadjump [16/04/07|12:51] C:\Program Files\C-Media [12/07/06|23:35] C:\Program Files\Common Files [22/09/06|10:35] C:\Program Files\DD PlayCam [31/07/08|12:23] C:\Program Files\DivX [16/04/08|14:36] C:\Program Files\DVD-RAM [14/12/08|13:15] C:\Program Files\emule [20/06/07|18:41] C:\Program Files\eMulev0.48a.-MorphXTv10.0-bin [06/02/09|17:08] C:\Program Files\Fichiers communs [17/03/07|19:43] C:\Program Files\FileZilla [13/04/06|20:33] C:\Program Files\Formation interactive Microsoft [17/05/08|21:18] C:\Program Files\Free Audio Pack [27/07/06|12:22] C:\Program Files\Google [15/04/07|14:08] C:\Program Files\HHD Software [17/08/07|20:02] C:\Program Files\IncrediMail [06/02/09|17:01] C:\Program Files\InstallShield Installation Information [03/10/06|18:53] C:\Program Files\Intel [09/04/08|12:49] C:\Program Files\Internet Explorer [11/04/06|11:59] C:\Program Files\InterVideo [16/09/05|08:49] C:\Program Files\Java [28/08/07|17:23] C:\Program Files\Lauyan [16/09/05|10:12] C:\Program Files\ltmoh [12/07/06|00:39] C:\Program Files\Macrogaming [20/09/07|17:46] C:\Program Files\Macromedia [24/04/09|15:45] C:\Program Files\Malwarebytes' Anti-Malware [01/06/07|19:22] C:\Program Files\Messenger [11/04/06|22:55] C:\Program Files\MessengerPlus! 3 [24/07/08|17:52] C:\Program Files\MGI [16/09/05|08:38] C:\Program Files\microsoft frontpage [27/04/06|20:14] C:\Program Files\Microsoft Office [25/12/06|12:52] C:\Program Files\Microsoft SQL Server [23/03/08|18:28] C:\Program Files\Microsoft SQL Server Compact Edition [27/04/06|20:15] C:\Program Files\Microsoft Visual Studio [01/06/07|19:22] C:\Program Files\Microsoft Works [16/09/05|11:09] C:\Program Files\Microsoft.NET [26/09/06|13:11] C:\Program Files\Motive [16/09/05|08:35] C:\Program Files\Movie Maker [26/04/09|16:44] C:\Program Files\Mozilla Firefox [14/09/08|18:07] C:\Program Files\Mozilla Sunbird [16/09/05|08:34] C:\Program Files\MSN [16/09/05|08:34] C:\Program Files\MSN Gaming Zone [11/04/06|22:43] C:\Program Files\MSN Toolbar Suite [01/12/06|15:03] C:\Program Files\MSXML 4.0 [16/02/07|14:07] C:\Program Files\Multi_Media_France [27/06/07|19:13] C:\Program Files\MySoftware [24/01/07|15:48] C:\Program Files\NetMeeting [30/05/07|15:34] C:\Program Files\neuf Talk [16/09/05|08:34] C:\Program Files\Online Services [03/12/07|18:21] C:\Program Files\Outlook Express [20/03/09|23:35] C:\Program Files\PacificPoker [20/03/09|23:26] C:\Program Files\PacificPoker4 [25/12/06|12:52] C:\Program Files\Pinnacle [04/10/08|18:29] C:\Program Files\Planning Manager [23/12/07|18:45] C:\Program Files\QuickTime [18/08/08|18:15] C:\Program Files\Real [09/04/08|12:29] C:\Program Files\Real Alternative [16/09/05|10:17] C:\Program Files\Realtek AC97 [09/08/06|19:06] C:\Program Files\ReflexiveArcade [15/08/08|13:43] C:\Program Files\SAGEM [24/10/07|14:05] C:\Program Files\Samsung [16/09/05|08:36] C:\Program Files\Services en ligne [23/04/06|17:48] C:\Program Files\Skype [15/04/09|18:40] C:\Program Files\Sonic [01/04/09|17:57] C:\Program Files\Spybot - Search & Destroy [01/04/09|17:29] C:\Program Files\SpywareBlaster [08/02/09|15:26] C:\Program Files\TallStick [13/03/09|23:47] C:\Program Files\TomTom HOME 2 [27/06/07|13:58] C:\Program Files\Toshiba [26/04/09|14:14] C:\Program Files\trend micro [12/12/06|12:30] C:\Program Files\Uninstall Information [22/09/06|10:30] C:\Program Files\VideoCAM Eye [01/08/07|12:49] C:\Program Files\VideoLAN [23/03/08|18:29] C:\Program Files\Windows Live [01/06/07|19:22] C:\Program Files\Windows Media Connect 2 [21/02/07|11:19] C:\Program Files\Windows Media Player [16/09/05|08:34] C:\Program Files\Windows NT [20/07/06|10:57] C:\Program Files\Wingen [03/08/06|12:41] C:\Program Files\WinRAR [21/09/07|23:02] C:\Program Files\Wormux 0.7 [16/09/05|08:38] C:\Program Files\xerox [08/02/09|15:04] C:\Program Files\YAMAHA [16/04/06|23:36] C:\Program Files\ZonejeuX --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/09/05|10:47] C:\Program Files\Fichiers communs\Adobe [29/07/08|18:28] C:\Program Files\Fichiers communs\Ahead [01/02/09|17:51] C:\Program Files\Fichiers communs\AVSMedia [15/04/09|19:56] C:\Program Files\Fichiers communs\Blizzard Entertainment [21/11/07|13:26] C:\Program Files\Fichiers communs\BOONTY Shared [27/04/06|20:15] C:\Program Files\Fichiers communs\Designer [13/05/07|23:45] C:\Program Files\Fichiers communs\Hewlett-Packard [15/04/07|14:08] C:\Program Files\Fichiers communs\HHD Software [22/02/09|22:08] C:\Program Files\Fichiers communs\HP [16/09/05|10:26] C:\Program Files\Fichiers communs\InstallShield [16/09/05|08:49] C:\Program Files\Fichiers communs\Java [04/04/07|21:03] C:\Program Files\Fichiers communs\Micro Application Shared [01/02/09|17:51] C:\Program Files\Fichiers communs\Microsoft Shared [16/09/05|08:35] C:\Program Files\Fichiers communs\MSSoap [01/12/06|12:58] C:\Program Files\Fichiers communs\NSV [16/09/05|10:30] C:\Program Files\Fichiers communs\ODBC [18/08/08|18:16] C:\Program Files\Fichiers communs\Real [16/09/05|08:35] C:\Program Files\Fichiers communs\Services [16/09/05|10:30] C:\Program Files\Fichiers communs\SpeechEngines [05/12/06|18:42] C:\Program Files\Fichiers communs\Symantec Shared [03/12/07|18:21] C:\Program Files\Fichiers communs\System [22/09/06|10:30] C:\Program Files\Fichiers communs\VCAMEye [23/03/08|18:29] C:\Program Files\Fichiers communs\WindowsLiveInstaller [18/08/08|18:16] C:\Program Files\Fichiers communs\xing shared --------------------\\ Process ( 59 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\EMILIE~1\APPLIC~1\Bitdownload C:\DOCUME~1\EMILIE~1\APPLIC~1\BitDownload C:\DOCUME~1\EMILIE~1\APPLIC~1\BitDownload\Data C:\Program Files\Multi_Media_France C:\Program Files\Multi_Media_France\INSTALL.LOG C:\Program Files\Multi_Media_France C:\Program Files\Multi_Media_France\INSTALL.LOG C:\DOCUME~1\EMILIE~1\Cookies\emilie burel@www.pacificpoker[1].txt --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts MODIFIE 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD 127.0.0.1 download.cdn.errorsafe.com ## added by CiD 127.0.0.1 download.cdn.winsoftware.com ## added by CiD 127.0.0.1 download.errorsafe.com ## added by CiD 127.0.0.1 download.systemdoctor.com ## added by CiD 127.0.0.1 download.winantispyware.com ## added by CiD 127.0.0.1 download.windrivecleaner.com ## added by CiD 127.0.0.1 download.winfixer.com ## added by CiD 127.0.0.1 drivecleaner.com ## added by CiD 127.0.0.1 dynamique.drivecleaner.com ## added by CiD 127.0.0.1 errorprotector.com ## added by CiD 127.0.0.1 errorsafe.com ## added by CiD 127.0.0.1 es.winantivirus.com ## added by CiD 127.0.0.1 fr.winantivirus.com ## added by CiD 127.0.0.1 fr.winfixer.com ## added by CiD 127.0.0.1 go.drivecleaner.com ## added by CiD 127.0.0.1 go.errorsafe.com ## added by CiD 127.0.0.1 go.winantispyware.com ## added by CiD 127.0.0.1 go.winantivirus.com ## added by CiD 127.0.0.1 hk.winantivirus.com ## added by CiD 127.0.0.1 instlog.errorsafe.com ## added by CiD 127.0.0.1 instlog.winantivirus.com ## added by CiD 127.0.0.1 instlog.winfixer.com ## added by CiD 127.0.0.1 jsp.drivecleaner.com ## added by CiD 127.0.0.1 kb.errorsafe.com ## added by CiD 127.0.0.1 kb.winantivirus.com ## added by CiD 127.0.0.1 nl.errorsafe.com ## added by CiD 127.0.0.1 se.errorsafe.com ## added by CiD 127.0.0.1 secure.drivecleaner.com ## added by CiD 127.0.0.1 secure.errorsafe.com ## added by CiD 127.0.0.1 secure.winantispam.com ## added by CiD 127.0.0.1 secure.winantispy.com ## added by CiD 127.0.0.1 secure.winantivirus.com ## added by CiD 127.0.0.1 support.winantivirus.com ## added by CiD 127.0.0.1 trial.updates.winsoftware.com ## added by CiD 127.0.0.1 ulog.winantivirus.com ## added by CiD 127.0.0.1 utils.errorsafe.com ## added by CiD 127.0.0.1 utils.winantivirus.com ## added by CiD 127.0.0.1 utils.winfixer.com ## added by CiD 127.0.0.1 winantispyware.com ## added by CiD 127.0.0.1 winantivirus.com ## added by CiD 127.0.0.1 winfixer.com ## added by CiD 127.0.0.1 winfixer2006.com ## added by CiD 127.0.0.1 winsoftware.com ## added by CiD 127.0.0.1 www.drivecleaner.com ## added by CiD 127.0.0.1 www.errorprotector.com ## added by CiD 127.0.0.1 www.errorsafe.com ## added by CiD 127.0.0.1 www.systemdoctor.com ## added by CiD 127.0.0.1 www.utils.winfixer.com ## added by CiD 127.0.0.1 www.win-anti-virus-pro.com ## added by CiD 127.0.0.1 www.win-virus-pro.com ## added by CiD 127.0.0.1 www.winantispam.com ## added by CiD 127.0.0.1 www.winantispy.com ## added by CiD 127.0.0.1 www.winantispyware.com ## added by CiD 127.0.0.1 www.winantivirus.com ## added by CiD 127.0.0.1 www.winantiviruspro.com ## added by CiD 127.0.0.1 www.windrivecleaner.com ## added by CiD 127.0.0.1 www.windrivesafe.com ## added by CiD 127.0.0.1 www.winfixer.com ## added by CiD 127.0.0.1 www.winfixer2006.com ## added by CiD 127.0.0.1 www.winsoftware.com ## added by CiD -> 10549 [ 70 ## added by CiD ] --------------------\\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-26 16:51:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 279 --------------------\\ Recherche d'autres infections C:\WINDOWS\Pack.epk ==> EGDACCESS <== [F:40][D:10]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\Temp [F:5][D:0]-> C:\DOCUME~1\EMILIE~1\Cookies [F:564][D:4]-> C:\DOCUME~1\EMILIE~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 26/04/09|16:52 - Option : [1] --------------------\\ Fin du rapport a 16:52:56 Rapport Antivir : Avira AntiVir Personal Date de création du fichier de rapport : dimanche 26 avril 2009 19:15 La recherche porte sur 1365100 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 2) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :EMILIE-PC Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02/12/2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 07:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21/07/2008 12:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 11:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04/07/2008 06:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 17:00:25 ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 16/04/2009 17:00:29 ANTIVIR3.VDF : 7.1.3.110 146432 Bytes 25/04/2009 17:00:29 Version du moteur: 8.2.0.156 AEVDF.DLL : 8.1.1.0 106868 Bytes 26/04/2009 17:00:38 AESCRIPT.DLL : 8.1.1.77 381306 Bytes 26/04/2009 17:00:37 AESCN.DLL : 8.1.1.10 127348 Bytes 26/04/2009 17:00:36 AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 12:58:38 AEPACK.DLL : 8.1.3.14 397685 Bytes 26/04/2009 17:00:36 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/04/2009 17:00:35 AEHEUR.DLL : 8.1.0.122 1737080 Bytes 26/04/2009 17:00:34 AEHELP.DLL : 8.1.2.2 119158 Bytes 26/04/2009 17:00:32 AEGEN.DLL : 8.1.1.39 348532 Bytes 26/04/2009 17:00:32 AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 09:05:56 AECORE.DLL : 8.1.6.9 176500 Bytes 26/04/2009 17:00:31 AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 09:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 07:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 08:27:58 AVREP.DLL : 8.0.0.3 155688 Bytes 26/04/2009 17:00:30 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 10:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 07:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 11:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 16:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 11:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 11:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04/07/2008 06:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17/07/2008 09:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, I:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: marche Fichier mode de recherche........: Tous les fichiers Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Types d'archives divergents......: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Catégories de dangers divergentes: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : dimanche 26 avril 2009 19:15 La recherche d'objets cachés commence. '62096' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'realplay.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'ONENOTEM.EXE' - '1' module(s) sont contrôlés Processus de recherche 'RAMASST.exe' - '1' module(s) sont contrôlés Processus de recherche 'ApntEx.exe' - '1' module(s) sont contrôlés Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés Processus de recherche 'TOSCDSPD.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'realsched.exe' - '1' module(s) sont contrôlés Processus de recherche 'TPSBattM.exe' - '1' module(s) sont contrôlés Processus de recherche 'agrsmmsg.exe' - '1' module(s) sont contrôlés Processus de recherche 'Apoint.exe' - '1' module(s) sont contrôlés Processus de recherche 'atiptaxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'CeEKey.exe' - '1' module(s) sont contrôlés Processus de recherche 'tfswctrl.exe' - '1' module(s) sont contrôlés Processus de recherche 'ltmoh.exe' - '1' module(s) sont contrôlés Processus de recherche 'NDSTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'PadExe.exe' - '1' module(s) sont contrôlés Processus de recherche 'remoterm.exe' - '1' module(s) sont contrôlés Processus de recherche 'SmoothView.exe' - '1' module(s) sont contrôlés Processus de recherche 'vsnpstd.exe' - '1' module(s) sont contrôlés Processus de recherche 'SweetIM.exe' - '1' module(s) sont contrôlés Processus de recherche 'TCtrlIOHook.exe' - '1' module(s) sont contrôlés Processus de recherche 'TFncKy.exe' - '1' module(s) sont contrôlés Processus de recherche 'TPTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'TvsTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'ZoomingHook.exe' - '1' module(s) sont contrôlés Processus de recherche 'PMSHost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'HPZipm12.exe' - '1' module(s) sont contrôlés Processus de recherche 'sqlservr.exe' - '1' module(s) sont contrôlés Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés Processus de recherche 'DVDRAMSV.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'CFSvcs.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXPPS.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXBCES.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '55' processus ont été contrôlés avec '55' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'I:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '73' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Documents and Settings\Emilie BUREL\Application Data\Mozilla\Firefox\Profiles\kvw6kadl.default\Cache(3)\863FCFE3d01 [RESULTAT] Contient le modèle de détection du programme SPR/Dldr.ImLoader.M.4 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a27983f.qua' ! C:\Documents and Settings\Emilie BUREL\Local Settings\Application Data\IM\Identities\{00A069B8-C77F-46E0-8989-F985EF8B406C}\Message Store\Deleted Items.imm [0] Type d'archive: MIME --> file0.mim [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Spoofing.Gen --> file0.mim [1] Type d'archive: MIME --> file0.mim [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Spoofing.Gen --> file0.mim [2] Type d'archive: MIME --> file0.mim [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Spoofing.Gen --> file0.mim [3] Type d'archive: MIME --> file0.mim [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Spoofing.Gen --> file0.mim [4] Type d'archive: MIME --> file0.html [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Spoofing.Gen [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Spoofing.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a609965.qua' ! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KHANW1UZ\epzva[1].jpg [RESULTAT] Le fichier contient un programme exécutable. Cependant, celui-ci se dissimule sous une extension de fichier inoffensive (HIDDENEXT/Crypted) [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6e9b33.qua' ! C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [RESULTAT] Contient le modèle de détection de l'application APPL/BoontyGames [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a639cd2.qua' ! C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP20\A0011205.exe [RESULTAT] Contient le modèle de détection de l'application APPL/BoontyGames [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a249f2d.qua' ! C:\WINDOWS\system32\fsbglmpe.dll [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Recherche débutant dans 'I:\' Fin de la recherche : dimanche 26 avril 2009 20:02 Temps nécessaire: 47:30 Minute(s) La recherche a été effectuée intégralement 8628 Les répertoires ont été contrôlés 283869 Des fichiers ont été contrôlés 10 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 5 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 3 Impossible de contrôler des fichiers 283856 Fichiers non infectés 8625 Les archives ont été contrôlées 3 Avertissements 5 Consignes 62096 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés Dans ton message tu me parles antispyware, j'utilise déjà spyware blaster mais à cause du virus je ne peux pas faire la mise à jour et j'utilise également spybot search and destroy qui fonctionne bien lui. Mais si tu penses qu'ils ne sont pas bien dis le moi
- le 26 avril 2009
- 16 réponses
Incfection par clé USB, pb de connexion aux sites de sécurité...

milizen a posté un sujet dans Analyses et éradication malwares

depuis quelques temps, mes clés USB sont infectées et j'ai beau supprimer le virus avec avast, à chaque fois que je les rebranche il est de nouveau là quelle saleté. De plus, je ne peux plus me connecter aux sites de microsoft pour faire mes mises à jour, ni pour faire celle de spyware blaster... enfin tout ce qui peux sécuriser mon pc! Thanos comme tu me l'a demandé, j'ai fais les scan avec MBAM et RSIT par contre je n'ai pas pu faire la mise à jour de MBAM avant de faire le scan (je pense que c'est notre ami le virus!) et voici donc les 3 rapports que tu attends : Rapport MBAM : Malwarebytes' Anti-Malware 1.36 Version de la base de données: 1945 Windows 5.1.2600 Service Pack 2 26/04/09 14:01:29 mbam-log-2009-04-26 (14-01-29).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|) Eléments examinés: 177284 Temps écoulé: 36 minute(s), 37 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 5 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully. G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully. H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully. C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully. C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully. Fichier(s) infecté(s): F:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully. F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully. G:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully. G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully. H:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully. H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully. C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully. C:\WINDOWS\system32\adgrehsvps_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\system32\adgrehsvps_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. Rapport RSIT Info : info.txt logfile of random's system information tool 1.06 2009-04-26 14:14:34 ======Uninstall list====== -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 7.0.7 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000} Agendatronic-->MsiExec.exe /I{008079A8-9257-406E-B805-EFD696E125C1} ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL AmazingMIDI-->C:\PROGRA~1\AMAZIN~1\UNWISE.EXE C:\PROGRA~1\AMAZIN~1\INSTALL.LOG Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe Assist TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Barre d'outils MSN Search-->MsiExec.exe /X{B2CF0FAC-D52C-41D8-81E0-BFD7A3E7C84B} Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} BroadJump Client Foundation-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a carte noire Screen Saver-->C:\WINDOWS\system32\carte noire.scr /u Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL DD PlayCam-->C:\WINDOWS\unvise32.exe C:\Program Files\DD PlayCam\1.0\Thempty.log DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EBP Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5827A3F0-23B3-414F-BFD8-95F96A3D199D}\setup.exe" -l0x40c /uninst eMulev0.48a.-MorphXTv10.5-->"C:\Program Files\emule\unins000.exe" ETIQUETT-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ETIQUETT\ST6UNST.LOG" FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe" Formatage de carte mémoire SD TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\setup.exe" Galerie de photos Windows Live-->MsiExec.exe /X{9D442283-88AD-4F49-8568-18CE6EAA15AF} Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" Google Earth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly HHD Software Hex Editor 2.3-->MsiExec.exe /X{D111D725-97AB-4654-B866-21700C703E86} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log Internet Fax-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Alliance MCA\Internet Fax\Uninst.isu" -c"C:\Program Files\Alliance MCA\Internet Fax\drivers\install.dll" InterVideo WinDVD Creator 2-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030} Lauyan TOWeb V2-->"C:\Program Files\Lauyan\TOWeb V2\unins000.exe" Lauyan TOWeb version 1.0-->"C:\Program Files\Lauyan\TOWeb V1\unins000.exe" Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Macrogaming SweetIM 1.2a-->MsiExec.exe /X{5827C8C9-A3C6-4E7C-AA70-F6AFAB52F981} Macromedia Flash 5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C93C363-414E-11D4-9756-00C04F8EEB39}\Setup.exe" UNINSTALL Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x40c -removeonly Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB886903)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9} Microsoft Office XP - Autoformation Interactive-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A46C3CC2-B6F2-492D-83BF-52EB320307CC}\setup.exe" Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server Desktop Engine (PINNACLESYS)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04} Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Mozilla Firefox (3.0.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Nero 6 Demo-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL neuf Talk 1.4-->C:\Program Files\neuf Talk\uninst.exe Outil de diagnostic PC TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu" Pacific Poker-->C:\PROGRA~1\PACIFI~2\UNWISE.EXE C:\PROGRA~1\PACIFI~2\INSTALL.LOG Panneau de contrôle ATI-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" Pilote du DVD-RAM-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x40c DVD-RAM Driver Pinnacle MediaCenter-->"C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe"UNINSTALL /l0x040c Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x40c UNINSTALL Planning Manager (C:\Program Files\Planning Manager\)-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Planning Manager\ST6UNST.000" Planning Manager-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Planning Manager\ST6UNST.LOG" QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x40c REMOVE Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85} Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Skype 2.5-->"C:\Program Files\Skype\Phone\unins000.exe" Son virtuel TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Spelling Dictionaries For Adobe Reader Package-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7E8A450000A7} Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe" Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe" SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" SweetIM For Internet Explorer 1.0a-->MsiExec.exe /X{BBB1528C-2F8C-4526-9C8E-699F17AF21CA} TallStick TS-AudioToMIDI 3.30 (remove only)-->"C:\Program Files\TallStick\TS-AudioToMIDI 3.30\Uninstall.exe" Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E18E644D-4FC1-4E7F-87B7-A0288A14A322} /l1036 TomTom HOME-->C:\Program Files\InstallShield Installation Information\{3C9EEFEF-1F71-4213-AC41-4BF5FE0FED95}\setup.exe -runfromtemp -l0x040c -removeonly -removeonly Topaze 7.5.50-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92DACF2D-F85C-4E82-9269-7E7519ED6440}\setup.exe" -l0x40c -uninst -removeonly TOSHIBA Accessibility-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1036 TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL TOSHIBA Hardware Setup-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036 TOSHIBA Mot de passe responsable-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036 TOSHIBA Software Modem-->Tosmreg -U Touch and Launch-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\setup.exe" Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\Setup.exe" -l0x40c Utilitaire Hotkey TOSHIBA-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1036 Utilitaire TouchPad ON/OFF-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1036 VideoCAM Eye-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B54CED1-1911-4ECF-AA35-D2E14A716A36}\Setup.exe" -l0x40c Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" XPlite PROFESSIONAL-->"C:\Documents and Settings\Emilie BUREL\Mes documents\Mes logiciels\XPlite Professional 1.8.0303\XPLite.1.8.0303\XPlite.exe" /uninstall YAMAHA MEGAEnhancer ver.1.2-->MsiExec.exe /X{376B7FB2-FF6A-42F2-893E-80F8F7871C30} ======Hosts File====== 127.0.0.1 bin.errorprotector.com ## added by CiD 127.0.0.1 br.errorsafe.com ## added by CiD 127.0.0.1 br.winantivirus.com ## added by CiD 127.0.0.1 br.winfixer.com ## added by CiD 127.0.0.1 cdn.drivecleaner.com ## added by CiD 127.0.0.1 cdn.errorsafe.com ## added by CiD 127.0.0.1 cdn.winsoftware.com ## added by CiD 127.0.0.1 de.errorsafe.com ## added by CiD 127.0.0.1 de.winantivirus.com ## added by CiD 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD ======Security center information====== AV: avast! antivirus 4.8.1296 [VPS 090425-0] ======System event log====== Computer Name: EMILIE-PC Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI. Record Number: 26404 Source Name: Service Control Manager Time Written: 20090324125748.000000+060 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: EMILIE-PC Event Code: 7036 Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution. Record Number: 26403 Source Name: Service Control Manager Time Written: 20090324121040.000000+060 Event Type: Informations User: Computer Name: EMILIE-PC Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL. Record Number: 26402 Source Name: Service Control Manager Time Written: 20090324121040.000000+060 Event Type: Informations User: AUTORITE NT\SERVICE LOCAL Computer Name: EMILIE-PC Event Code: 2505 Message: Le serveur n'a pas pu se lier au transport \Device\NetbiosSmb car un autre ordinateur du réseau porte le même nom. Le serveur n'a pas pu démarrer. Record Number: 26401 Source Name: Server Time Written: 20090324121040.000000+060 Event Type: erreur User: Computer Name: EMILIE-PC Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{574B7C6E-34BE-4E72-B86C-07F1E30D2817} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 26400 Source Name: Tcpip Time Written: 20090324121039.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: EMILIE-PC Event Code: 0 Message: Le service a démarré avec succès. Record Number: 13217 Source Name: PinnacleSys.MediaServer Time Written: 20080724173602.000000+120 Event Type: Informations User: Computer Name: EMILIE-PC Event Code: 0 Message: Service started on port 26000. Record Number: 13216 Source Name: PinnacleSys.MediaServer Time Written: 20080724173602.000000+120 Event Type: Informations User: Computer Name: EMILIE-PC Event Code: 19011 Message: Record Number: 13215 Source Name: MSSQL$PINNACLESYS Time Written: 20080724173548.000000+120 Event Type: Avertissement User: Computer Name: EMILIE-PC Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 13214 Source Name: SecurityCenter Time Written: 20080724173548.000000+120 Event Type: Informations User: Computer Name: EMILIE-PC Event Code: 0 Message: Le service a démarré avec succès. Record Number: 13213 Source Name: PinnacleSys.MediaServer Time Written: 20080724133942.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Samsung\Samsung PC Studio 3\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- Rapport RSIT log : Logfile of random's system information tool 1.06 (written by random/random) Run by Emilie BUREL at 2009-04-26 14:14:10 Microsoft Windows XP Édition familiale Service Pack 2 System drive C: has 66 GB (69%) free of 95 GB Total RAM: 1022 MB (51% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:14:31, on 26/04/09 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\ZoomingHook.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\TouchPad\TPTray.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Apoint2K\Apoint.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Apoint2K\Apntex.exe C:\WINDOWS\system32\RAMASST.exe C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe C:\Documents and Settings\Emilie BUREL\Bureau\RSIT.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\trend micro\Emilie BUREL.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1196688448421 O17 - HKLM\System\CCS\Services\Tcpip\..\{574B7C6E-34BE-4E72-B86C-07F1E30D2817}: NameServer = 86.64.145.140,84.103.237.140 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 10382 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-05-31 118844] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Barre d'outils MSN Search Helper - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN Search - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll [2005-07-07 577232] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Pinnacle WebUpdater"=C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe [2006-08-24 385024] "Zooming"=C:\WINDOWS\system32\ZoomingHook.exe [2005-06-06 24576] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2005-04-05 73728] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-08-12 266240] "TPNF"=C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2005-08-25 53248] "TFncKy"=TFncKy.exe [] "TCtryIOHook"=C:\WINDOWS\system32\TCtrlIOHook.exe [2005-08-22 28672] "SweetIM"=C:\Program Files\Macrogaming\SweetIM\SweetIM.exe [2006-06-06 40960] "SVPWUTIL"=C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2004-05-01 65536] "StandardInstall"= [] "snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720] "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2005-05-17 118784] "PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe [2006-09-13 176128] "PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-11-10 406016] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2005-08-30 1077328] "NDSTray.exe"=NDSTray.exe [] "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2006-04-11 190024] "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2003-09-06 184320] "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-05-31 122941] "CFSServ.exe"=CFSServ.exe -NoClient [] "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2005-09-06 671744] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000] "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2004-03-24 196608] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-12-22 88358] "BJCFD"=C:\Program Files\BroadJump\Client Foundation\CFD.exe [2009-03-31 376912] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-08-18 185896] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-11 65536] "neuf talk"= [] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2005-10-24 307200] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Program Files\TomTom HOME 2\HOMERunner.exe [2007-10-31 378784] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe C:\Documents and Settings\Emilie BUREL\Menu Démarrer\Programmes\Démarrage Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="MsgPlusLoader.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-07-19 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=95000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "C:\Program Files\eMule\Incoming\eMule 0.47a MorphXT 8.9 - Bin [Par Ratiatum.com]\emule\emule.exe"="C:\Program Files\eMule\Incoming\eMule 0.47a MorphXT 8.9 - Bin [Par Ratiatum.com]\emule\emule.exe:*:Enabled:eMule" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE" "C:\Program Files\neuf Talk\neuf Talk.exe"="C:\Program Files\neuf Talk\neuf Talk.exe:*:Enabled:neuf Talk" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Alliance MCA\Internet Fax\mailing.exe"="C:\Program Files\Alliance MCA\Internet Fax\mailing.exe:*:Enabled:Application fax" "C:\Program Files\Pinnacle\MediaCenter\PMC.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabled:Pmc.exe" "C:\Program Files\Pinnacle\MediaCenter\PSST.exe"="C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:Enabled:PSST.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe" "C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe"="C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe"="C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:Enabled:PMC.Tvtv.Wizard.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:Enabled:PMSInstallInit.exe" "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNet:Disabled:PMCService" "C:\Program Files\BitDownload\BitDownload.exe"="C:\Program Files\BitDownload\BitDownload.exe:*:Disabled:Torrent P2P application" "C:\Program Files\emule\emule.exe"="C:\Program Files\emule\emule.exe:*:Enabled:eMuleMorphXT" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Toshiba\ConfigFree\CFXFER.exe"="C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] shell\AutoRun\command - E:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36c5e1e6-072d-11dd-bd50-00166f2a333e}] shell\AutoRun\command - EXPLORER.EXE shell\explore\command - EXPLORER.EXE shell\open\command - EXPLORER.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb0cee9e-f52b-11dd-bf68-00166f2a333e}] shell\AutoRun\command - E:\LaunchU3.exe -a ======File associations====== .js - edit - C:\WINDOWS\system32\Notepad.exe %1 .js - open - C:\WINDOWS\system32\WScript.exe "%1" %* .vbs - edit - C:\WINDOWS\system32\Notepad.exe %1 .vbs - open - C:\WINDOWS\system32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-04-26 14:14:10 ----D---- C:\rsit 2009-04-26 14:14:10 ----D---- C:\Program Files\trend micro 2009-04-24 15:45:14 ----D---- C:\Documents and Settings\Emilie BUREL\Application Data\Malwarebytes 2009-04-24 15:45:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-04-24 15:45:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-01 17:29:09 ----D---- C:\Program Files\SpywareBlaster 2009-03-31 22:44:05 ----D---- C:\Program Files\broadjump ======List of files/folders modified in the last 1 months====== 2009-04-26 14:14:10 ----RD---- C:\Program Files 2009-04-26 14:13:25 ----D---- C:\WINDOWS\Temp 2009-04-26 14:12:44 ----D---- C:\Program Files\Mozilla Firefox 2009-04-26 14:12:24 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-26 14:12:24 ----D---- C:\WINDOWS\Prefetch 2009-04-26 14:09:03 ----D---- C:\WINDOWS 2009-04-26 14:07:57 ----D---- C:\WINDOWS\system32 2009-04-26 14:07:56 ----D---- C:\WINDOWS\system32\drivers 2009-04-26 14:03:17 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-26 10:59:44 ----D---- C:\Documents and Settings\Emilie BUREL\Application Data\U3 2009-04-15 19:56:13 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment 2009-04-15 18:40:21 ----SHD---- C:\WINDOWS\Installer 2009-04-15 18:40:19 ----HD---- C:\Config.Msi 2009-04-15 18:40:19 ----D---- C:\Program Files\Sonic 2009-04-15 18:40:18 ----HD---- C:\WINDOWS\inf 2009-04-07 13:19:51 ----A---- C:\WINDOWS\system32\winsock.dll 2009-04-02 22:39:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-04-02 22:30:19 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-04-02 22:29:49 ----D---- C:\WINDOWS\Minidump 2009-04-02 22:29:49 ----D---- C:\WINDOWS\Debug 2009-04-01 17:57:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-03-31 22:14:48 ----D---- C:\Documents and Settings 2009-03-31 22:05:21 ----D---- C:\WINDOWS\system32\Restore 2009-03-29 18:51:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320] R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384] R1 SrvcSSIOMngr;SrvcSSIOMngr; C:\WINDOWS\System32\Drivers\SSIoMngr.sys [2004-07-30 6400] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2005-05-13 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2005-05-13 23545] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 TPwSav;Common Driver; C:\WINDOWS\System32\Drivers\TPwSav.sys [2005-06-03 9600] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2005-04-21 40544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-05-31 25725] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-05-31 34845] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-05-31 4125] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-05-31 2273] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-05-31 86876] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-05-31 15069] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-05-31 6365] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-05-31 98716] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-05-31 100605] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-03-05 1066278] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-21 2324480] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-16 101874] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800] R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-05 67584] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-06-23 162176] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-07-29 30592] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] R3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-04-30 3281408] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [] S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600] S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] S3 brfilt;Pilote de filtre Brother MFC; C:\WINDOWS\System32\Drivers\Brfilt.sys [2001-08-17 2944] S3 BrFiltLo;Pilote de filtre inférieur de stockage de masse Brother USB; C:\WINDOWS\system32\DRIVERS\BrFiltLo.sys [2001-08-17 12160] S3 BrFiltUp;Pilote de filtre supérieur de stockage de masse Brother USB; C:\WINDOWS\system32\DRIVERS\BrFiltUp.sys [2001-08-17 3968] S3 BrSerWDM;Pilote série WDM Brother; C:\WINDOWS\System32\Drivers\BrSerWdm.sys [2001-08-17 60416] S3 BrUsbMdm;Brother MFC USB modem télécopieur uniquement; C:\WINDOWS\System32\Drivers\BrUsbMdm.sys [2001-08-17 11008] S3 BrUsbScn;Pilote de scanneur Brother MFC USB; C:\WINDOWS\System32\Drivers\BrUsbScn.sys [2001-08-17 10368] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-19 1049180] S3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2004-08-05 63744] S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-04 15360] S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS [] S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS [] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2005-11-19 20096] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-05 11136] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-05 10240] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 snpstd;VideoCAM Eye; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2005-06-20 390912] S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-03-24 8192] S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672] S3 USB28xxBGA;USB 2883 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-08-09 291200] S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-09 28160] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336] R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464] R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe [2006-01-19 49152] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632] S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-11-21 69120] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952] S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336] -----------------EOF----------------- Voilà j'espère qu'avec tout ça tu pourras m'aider
- le 26 avril 2009
- 16 réponses

Connexion

milizen

Compteur de contenus

Inscription

Dernière visite

Profile Information

Autres informations

milizen's Achievements

Junior Member (3/12)

Réputation sur la communauté

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Incfection par clé USB, pb de connexion aux sites de sécurité...

Zebulon

Outils en ligne

Naviguer