ouasti

Membres

Afficher le profil Afficher son activité

Compteur de contenus
15
Inscription
le 23 avril 2009
Dernière visite
le 21 juin 2009

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par ouasti

infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Salut Thanos, J'ai ommis de te dire, par moment , au demarrage, une fenêtre de DELL indiquant : notification d'évenements d'avertissement The number of Hard Disk Drives in your system has decreased. This typically does NOT indicate a hardware failure. Contact your Help Desk if you did not personally change your system's Hard Disk Drive configuration or disable devices in System Setup. bonne journée.
- le 8 mai 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

salut Thanos, aucun triangle jaune sur la liste. Par contre, j'ai un point d'exclamation dans un cercle jaune sur le périphérique infrarouge. Je pense que cela n'a rien avoir avec mon problème.
- le 4 mai 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Salut Thanos, Je vous envoie le fichier obtenu par seek.bat. Merci Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor] "Type"=dword:00000001 "Start"=dword:00000003 "ErrorControl"=dword:00000001 "ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\ 52,00,49,00,56,00,45,00,52,00,53,00,5c,00,55,00,53,00,42,00,53,00,54,00,4f,\ 00,52,00,2e,00,53,00,59,00,53,00,00,00 "DisplayName"="Pilote de stockage de masse USB" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor\Security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\ 05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\ 00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\ 00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor\Enum] "0"="USB\\Vid_1307&Pid_0163\\7543d8d35ec7c1" "Count"=dword:00000002 "NextInstance"=dword:00000002 "1"="USB\\Vid_090c&Pid_1000\\AA04012700008723"
- le 2 mai 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Salut Thanos, J'ai branché les clés USB, ils n'apparaissent sur le menu gestion des disques.
- le 2 mai 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

bonjour Thanos, Tout marche correctement (imprimante, disque de stockage multimédia), sauf les clés USB (j'en ai 3). Ces dernières marchent correctement sur les autres PC. J'ai constaté que l'outil de dégragmentation ne démarre pas. Merci d'avance.
- le 2 mai 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Salut, Le problème du début persiste. Toujours pas d'icone, pas de légende de la clé usb dans le poste de travail. Merci
- le 1 mai 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Salut , voici le rapport JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Apr 28 22:13:47 2009 Found and removed: C:\Program Files\Java\jre1.5.0_06 Found and removed: C:\Program Files\Java\jre1.6.0_05 Found and removed: C:\Program Files\Java\jre1.6.0_07 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\ ------------------------------------ Finished reporting.
- le 28 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

salut; Je n'ai pas déactivé ANTIVIR la dernière fois. voici le rapport lot.txt Logfile of random's system information tool 1.06 (written by random/random) Run by OUASTI at 2009-04-28 21:40:08 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 24 GB (31%) free of 76 GB Total RAM: 1023 MB (60% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:40:14, on 28/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Paizhao.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\DigitalPeers\CamTrack\dptracker.exe C:\WINDOWS\Recovery.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\IrCOMM2k\irmon2k.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Documents and Settings\OUASTI\Bureau\ce_qui_est_fait\RSIT.exe C:\Program Files\trend micro\OUASTI.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\Paizhao.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [dptracker] C:\Program Files\DigitalPeers\CamTrack\dptracker.exe O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Recovery.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digimax Viewer 2.0.lnk = ? O4 - Global Startup: IrDA Monitor.lnk = C:\Program Files\IrCOMM2k\irmon2k.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Point&&Go - C:\Program Files\Fichiers communs\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 12732 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Norton Security Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}] BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-26 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-26 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-22 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-22 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-05-15 817936] {147D6308-0614-4112-89B1-31402F9B82C4} - Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VMSnap3"=C:\WINDOWS\Paizhao.EXE [2007-01-09 49152] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-22 148888] "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-03-28 593920] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696] "PHIME2002ASync"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "PHIME2002A"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2003-10-06 49152] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-10-06 5058560] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "MSPY2002"=C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392] "MPFTray"=C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe [] "Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-05-30 542208] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952] "IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2001-08-28 44032] "DVDSentry"=C:\WINDOWS\System32\DSentry.exe [2002-08-14 28672] "dptracker"=C:\Program Files\DigitalPeers\CamTrack\dptracker.exe [2005-12-18 331776] "Domino"=C:\WINDOWS\Recovery.EXE [2007-01-09 49152] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) [] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-12-17 684032] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SynapseUpdate"=C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe [2009-03-09 491520] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-26 39408] "MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Digimax Viewer 2.0.lnk - C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe IrDA Monitor.lnk - C:\Program Files\IrCOMM2k\irmon2k.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "E:\STHIW\stInstall.exe"="E:\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\WINDOWS\SYSTEM32\dpvsetup.exe"="C:\WINDOWS\SYSTEM32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\SYSTEM32\rundll32.exe"="C:\WINDOWS\SYSTEM32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======File associations====== .js - edit - C:\WINDOWS\System32\Notepad.exe %1 .js - open - C:\WINDOWS\System32\WScript.exe "%1" %* .vbs - edit - C:\WINDOWS\System32\Notepad.exe %1 .vbs - open - C:\WINDOWS\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-04-28 06:13:57 ----A---- C:\h.txt 2009-04-26 23:27:44 ----D---- C:\Program Files\trend micro 2009-04-26 21:29:20 ----D---- C:\Program Files\Avira 2009-04-26 21:29:20 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-04-25 01:46:57 ----D---- C:\rsit 2009-04-24 23:47:53 ----D---- C:\Documents and Settings\OUASTI\Application Data\Malwarebytes 2009-04-24 23:47:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-24 23:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-04-23 20:35:04 ----D---- C:\Program Files\ma-config.com 2009-04-23 20:35:04 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-04-23 14:07:06 ----D---- C:\Documents and Settings\OUASTI\Application Data\Uniblue 2009-04-23 14:06:53 ----D---- C:\Program Files\Uniblue 2009-04-23 14:06:32 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\unrar3.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-04-23 10:58:13 ----D---- C:\Documents and Settings\OUASTI\Application Data\Simply Super Software 2009-04-23 10:58:13 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\javaws.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\javaw.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\java.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-22 03:39:25 ----D---- C:\Program Files\Support Tools 2009-04-21 16:37:57 ----D---- C:\Program Files\Chief-Win PDF Converter PE 2009-04-21 12:40:26 ----D---- C:\WINDOWS\system32\gs 2009-04-21 12:40:26 ----D---- C:\Program Files\Tweak PDF Converter 2009-04-21 05:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-04-19 21:42:25 ----D---- C:\WINDOWS\system32\XPSViewer 2009-04-19 21:42:18 ----D---- C:\Program Files\MSBuild 2009-04-19 21:42:15 ----D---- C:\WINDOWS\system32\en-US 2009-04-19 21:42:05 ----D---- C:\Program Files\Reference Assemblies 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-04-19 21:41:31 ----D---- C:\b39568c4277d0c98b09a91cc 2009-04-19 21:41:12 ----D---- C:\WINDOWS\SxsCaPendDel 2009-04-16 05:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-16 05:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-16 05:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-16 05:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-16 05:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-16 05:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-14 11:40:55 ----D---- C:\ConvertTemp 2009-04-14 11:28:00 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem #3.txt 2009-04-07 23:14:36 ----D---- C:\VideoConvert 2009-04-07 23:14:25 ----D---- C:\Program Files\OJOsoft 2009-03-31 02:35:41 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\muweb.dll 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-03-29 18:04:10 ----D---- C:\Program Files\Microsoft 2009-03-29 18:03:51 ----D---- C:\Program Files\Windows Live SkyDrive 2009-03-29 18:03:26 ----D---- C:\Program Files\Windows Live 2009-03-29 17:55:18 ----D---- C:\Program Files\Fichiers communs\Windows Live ======List of files/folders modified in the last 1 months====== 2009-04-28 20:40:02 ----AC---- C:\WINDOWS\STImgBrowser.INI 2009-04-28 18:24:01 ----D---- C:\WINDOWS\Prefetch 2009-04-28 14:36:43 ----D---- C:\WINDOWS\Temp 2009-04-28 14:36:43 ----D---- C:\WINDOWS\SYSTEM32 2009-04-28 06:53:13 ----AC---- C:\WINDOWS\orun32.ini 2009-04-28 06:39:40 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-28 06:35:03 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-04-28 06:35:03 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt 2009-04-28 06:32:56 ----ASH---- C:\BOOT.INI 2009-04-28 06:32:56 ----A---- C:\WINDOWS\WIN.INI 2009-04-28 06:32:56 ----A---- C:\WINDOWS\SYSTEM.INI 2009-04-28 06:29:14 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-28 06:11:46 ----SHD---- C:\WINDOWS\Installer 2009-04-28 06:11:46 ----SHD---- C:\Config.Msi 2009-04-28 06:11:46 ----D---- C:\DELL 2009-04-28 06:03:31 ----AC---- C:\WINDOWS\DHO.INI 2009-04-28 05:54:44 ----D---- C:\WINDOWS 2009-04-26 23:37:21 ----AC---- C:\WINDOWS\WORDPAD.INI 2009-04-26 23:27:44 ----RD---- C:\Program Files 2009-04-26 22:51:20 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-04-26 21:29:22 ----D---- C:\WINDOWS\system32\DRIVERS 2009-04-26 18:00:02 ----D---- C:\Program Files\Norton Security Scan 2009-04-25 01:26:38 ----D---- C:\Program Files\Fichiers communs 2009-04-23 12:28:47 ----SD---- C:\WINDOWS\Tasks 2009-04-23 12:27:27 ----RSHD---- C:\WINDOWS\system32\DLLCACHE 2009-04-23 12:27:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-04-23 12:26:25 ----HD---- C:\WINDOWS\INF 2009-04-23 12:05:36 ----D---- C:\WINDOWS\Minidump 2009-04-22 13:50:54 ----D---- C:\Program Files\Java 2009-04-22 05:17:30 ----D---- C:\WINDOWS\Help 2009-04-21 18:33:02 ----D---- C:\WINDOWS\system32\FxsTmp 2009-04-21 05:01:48 ----A---- C:\WINDOWS\imsins.BAK 2009-04-19 22:57:15 ----D---- C:\WINDOWS\Microsoft.NET 2009-04-19 22:55:46 ----RSD---- C:\WINDOWS\assembly 2009-04-19 22:10:10 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-19 22:09:38 ----D---- C:\WINDOWS\WinSxS 2009-04-19 21:42:12 ----RSD---- C:\WINDOWS\Fonts 2009-04-19 17:49:26 ----AC---- C:\WINDOWS\tpw.ini 2009-04-19 17:47:46 ----AC---- C:\WINDOWS\NeroDigital.ini 2009-04-16 05:10:51 ----D---- C:\WINDOWS\system32\WBEM 2009-04-16 05:10:51 ----D---- C:\WINDOWS\AppPatch 2009-04-16 05:10:51 ----D---- C:\Program Files\Internet Explorer 2009-04-16 05:04:19 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-16 05:03:56 ----A---- C:\WINDOWS\system32\MRT.INI 2009-04-16 05:01:52 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-14 01:01:09 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-04-13 23:34:55 ----D---- C:\WINDOWS\Lhsp 2009-04-06 07:57:26 ----A---- C:\WINDOWS\system32\MRT.exe 2009-03-29 20:20:11 ----SD---- C:\Documents and Settings\OUASTI\Application Data\Microsoft 2009-03-29 18:03:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-03-29 16:43:25 ----A---- C:\WINDOWS\InfModM.ini 2009-03-29 16:42:57 ----D---- C:\Program Files\WinPhone 2009-03-29 16:31:58 ----D---- C:\Documents and Settings\OUASTI\Application Data\MSN6 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2002-12-17 61424] R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2002-12-17 23436] R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-05-30 29568] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-05-30 33792] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-11-08 17217] R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2003-05-14 143834] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-02-22 5632] R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2003-05-14 206464] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192] R2 IrDA2k;IrDA2k Protocol; C:\WINDOWS\System32\DRIVERS\irda2k.sys [2004-12-12 246272] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-04-08 15781] R2 NetAlrt;NetAlrt; \??\C:\WINDOWS\System32\drivers\NetAlrt.sys [] R2 PlatAlrt;PlatAlrt; \??\C:\WINDOWS\System32\drivers\PlatAlrt.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 BtAudio;Bluetooth Audio; C:\WINDOWS\system32\DRIVERS\btaudio.sys [2002-10-24 21701] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2002-10-24 30043] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2002-10-24 144608] R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2005-12-18 44416] R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2003-05-14 25898] R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2002-11-12 99840] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-28 5888] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-05-30 102656] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [] S3 AIPTEK;DV3300 Video Capture; C:\WINDOWS\System32\DRIVERS\CoachVc.sys [2003-01-25 46048] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-10-03 65076] S3 CA561;ICatch (VI) PC Camera; C:\WINDOWS\System32\Drivers\SPCA561.SYS [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 DV3300Usb;DV3300 Digital Camera on USB; C:\WINDOWS\System32\DRIVERS\CoachUsb.sys [2003-02-28 42624] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2003-05-14 30630] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\system32\drivers\NMSCFG.SYS [] S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [2003-07-16 43264] S3 SF-620;Kingsun SF-620 USB Infrared Adapter; C:\WINDOWS\System32\DRIVERS\SF-620.sys [2004-08-12 15961] S3 sfilter;sfilter; \??\C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX17.437\Portable Perfect Uninstaller 6.3.3.0\sfilter.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20040813.178\symidsco.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] S3 vmfilter303;vmfilter303; C:\WINDOWS\system32\drivers\vmfilter303.sys [2006-04-25 428160] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 ZSMC303;USB PC Camera (Vimicro301 Neptune); C:\WINDOWS\System32\Drivers\usbVM303.sys [2006-12-01 392122] S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2002-05-08 212992] R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe [2008-04-16 72704] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Iap;Iap; C:\Program Files\Dell\OpenManage\Client\Iap.exe [2002-04-04 163840] R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-05-30 800768] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-22 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2003-10-06 81920] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-01-27 856064] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-26 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] S3 NMSSvc;Intel® NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-07-30 1118208] S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-04-12 176640] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
- le 28 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Bonjour J'ai relancé Kaspersky on line une 2ème fois et le système s'est arreté. J'ai redémarré normalement. Le message d'erreur qui accompagnait l'ecran bleu est: Driver_IRQL_NOT_LESS_OR_EQUAL Merci
- le 28 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Bonsoir, 10 minutes après avoir lancé Kaspersky on linele système d'exploitation windows s'est arrété. Et l' ecran bleu est apparu. Est ce que c'est grave?
- le 27 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Bonsoir Thanos, je ne trouve pas le fichier look.bat sur la page http://senduit.com/7d8775, j'ai eu que l'application fix.reg que jai téléchargé et exécuté. je continue les autres opérations. merci d'avance.
- le 27 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

salut, je vous envoie les 2 rapports. Merci de vouloir m'aider. Avira AntiVir Personal Date de création du fichier de rapport : dimanche 26 avril 2009 21:36 La recherche porte sur 1365429 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur :RACHID Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02-12-2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18-11-2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21-07-2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12-06-2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04-07-2008 07:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27-10-2008 11:30:36 ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11-02-2009 20:31:01 ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 16-04-2009 20:31:14 ANTIVIR3.VDF : 7.1.3.112 150528 Bytes 26-04-2009 20:31:16 Version du moteur: 8.2.0.156 AEVDF.DLL : 8.1.1.0 106868 Bytes 26-04-2009 20:31:35 AESCRIPT.DLL : 8.1.1.77 381306 Bytes 26-04-2009 20:31:33 AESCN.DLL : 8.1.1.10 127348 Bytes 26-04-2009 20:31:31 AERDL.DLL : 8.1.1.3 438645 Bytes 04-11-2008 13:58:38 AEPACK.DLL : 8.1.3.14 397685 Bytes 26-04-2009 20:31:30 AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26-04-2009 20:31:28 AEHEUR.DLL : 8.1.0.122 1737080 Bytes 26-04-2009 20:31:27 AEHELP.DLL : 8.1.2.2 119158 Bytes 26-04-2009 20:31:21 AEGEN.DLL : 8.1.1.39 348532 Bytes 26-04-2009 20:31:20 AEEMU.DLL : 8.1.0.9 393588 Bytes 14-10-2008 10:05:56 AECORE.DLL : 8.1.6.9 176500 Bytes 26-04-2009 20:31:18 AEBB.DLL : 8.1.0.3 53618 Bytes 14-10-2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09-07-2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16-05-2008 09:27:58 AVREP.DLL : 8.0.0.3 155688 Bytes 26-04-2009 20:31:17 AVREG.DLL : 8.0.0.1 33537 Bytes 09-05-2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12-02-2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12-06-2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22-01-2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12-06-2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25-01-2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04-07-2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17-07-2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: interactif Action secondaire................: ignorer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, G:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: arrêt Fichier mode de recherche........: Sélection de fichiers intelligente Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : dimanche 26 avril 2009 21:36 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'epmworker.exe' - '1' module(s) sont contrôlés Processus de recherche 'Generic.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'irmon2k.exe' - '1' module(s) sont contrôlés Processus de recherche 'STImgBrowser.exe' - '1' module(s) sont contrôlés Processus de recherche 'BTTray.exe' - '1' module(s) sont contrôlés Processus de recherche 'acrotray.exe' - '1' module(s) sont contrôlés Processus de recherche 'RegistryBooster.exe' - '1' module(s) sont contrôlés Processus de recherche 'Synapse Update.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'dptracker.exe' - '1' module(s) sont contrôlés Processus de recherche 'recovery.exe' - '1' module(s) sont contrôlés Processus de recherche 'Paizhao.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'Application Launcher.exe' - '1' module(s) sont contrôlés Processus de recherche 'InCD.exe' - '1' module(s) sont contrôlés Processus de recherche 'rundll32.exe' - '1' module(s) sont contrôlés Processus de recherche 'issch.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'WkUFind.exe' - '1' module(s) sont contrôlés Processus de recherche 'Directcd.exe' - '1' module(s) sont contrôlés Processus de recherche 'DSentry.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'PAStiSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'nvsvc32.exe' - '1' module(s) sont contrôlés Processus de recherche 'mdm.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'InCDsrv.exe' - '1' module(s) sont contrôlés Processus de recherche 'Iap.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'ADCDLicSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'ASFAgent.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '56' processus ont été contrôlés avec '56' modules La recherche sur les secteurs d'amorçage maître commence : La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'G:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '81' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\hiberfil.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\Documents and Settings\OUASTI\Bureau\ce_qui_est_fait\backups\backup-20090426-204646-754 [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Exploit.Mhtml [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a57c7a5.qua' ! C:\Documents and Settings\OUASTI\Bureau\Software\35_SiS_Nokia_Program_2009__All_New_.rar [0] Type d'archive: RAR --> 35 SiS Nokia Program 2009 (All New)\best_safe\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> 35 SiS Nokia Program 2009 (All New)\MP3 Dictaphone\K-e-y-g-e-n.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> 35 SiS Nokia Program 2009 (All New)\Photo Viewer v.4.40\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a53c975.qua' ! C:\Documents and Settings\OUASTI\Local Settings\Temporary Internet Files\Content.IE5\B8QIYK7M\35_SiS_Nokia_Program_2009__All_New_[1].rar [0] Type d'archive: RAR --> 35 SiS Nokia Program 2009 (All New)\best_safe\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> 35 SiS Nokia Program 2009 (All New)\MP3 Dictaphone\K-e-y-g-e-n.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen --> 35 SiS Nokia Program 2009 (All New)\Photo Viewer v.4.40\keygen.exe [RESULTAT] Contient le cheval de Troie TR/Dropper.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a53ca34.qua' ! C:\Documents and Settings\OUASTI\Mes documents\logiciel\NIMOUR1\winrar_3.20_fr\Crack WinRAR 3.20 fr.exe [RESULTAT] Contient le cheval de Troie TR/Renaz.19296.2 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a55cc65.qua' ! C:\Documents and Settings\OUASTI\Mes documents\ZAZOUA (F)\culture en physique\Sciences_ch (physique quantique des champs)_fichiers\Adobe.Acrobat.v7.0.Professional.MULTiLANGUAGE\PANTHEON\pdx-ac7p.exe [RESULTAT] Contient le modèle de détection du ver WORM/Autorun.cxl [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6cce00.qua' ! C:\WINDOWS\Downloaded Program Files\msa64chk.inf [RESULTAT] Contient le cheval de Troie TR/Dldr.Perfiler.I [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a55d7cb.qua' ! Recherche débutant dans 'G:\' <STOREX> G:\de ...à_avril2008\ZAZOUA (F)\culture en physique\Sciences_ch (physique quantique des champs)_fichiers\Adobe.Acrobat.v7.0.Professional.MULTiLANGUAGE\PANTHEON\pdx-ac7p.exe [RESULTAT] Contient le modèle de détection du ver WORM/Autorun.cxl [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4a6cdbfe.qua' ! Fin de la recherche : dimanche 26 avril 2009 23:11 Temps nécessaire: 1:35:20 Heure(s) La recherche a été effectuée intégralement 11367 Les répertoires ont été contrôlés 529151 Des fichiers ont été contrôlés 11 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 7 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 529138 Fichiers non infectés 5297 Les archives ont été contrôlées 2 Avertissements 7 Consignes Logfile of random's system information tool 1.06 (written by random/random) Run by OUASTI at 2009-04-26 23:27:44 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 21 GB (28%) free of 76 GB Total RAM: 1023 MB (58% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:27:56, on 26/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\DSentry.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Paizhao.EXE C:\WINDOWS\Recovery.EXE C:\Program Files\DigitalPeers\CamTrack\dptracker.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe C:\Program Files\IrCOMM2k\irmon2k.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\OUASTI\Bureau\ce_qui_est_fait\RSIT.exe C:\Program Files\trend micro\OUASTI.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\Paizhao.EXE O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Recovery.EXE O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [dptracker] C:\Program Files\DigitalPeers\CamTrack\dptracker.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digimax Viewer 2.0.lnk = ? O4 - Global Startup: IrDA Monitor.lnk = C:\Program Files\IrCOMM2k\irmon2k.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Point&&Go - C:\Program Files\Fichiers communs\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 13004 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Norton Security Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}] BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-26 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-26 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-22 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-22 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-05-15 817936] {147D6308-0614-4112-89B1-31402F9B82C4} - Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26 259696] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-10-06 5058560] "DVDSentry"=C:\WINDOWS\System32\DSentry.exe [2002-08-14 28672] "AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-12-17 684032] "Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952] "IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2001-08-28 44032] "MSPY2002"=C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392] "PHIME2002ASync"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "PHIME2002A"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-22 148888] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2003-10-06 49152] "MPFTray"=C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe [] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-05-30 542208] "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-03-28 593920] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696] "VMSnap3"=C:\WINDOWS\Paizhao.EXE [2007-01-09 49152] "Domino"=C:\WINDOWS\Recovery.EXE [2007-01-09 49152] "BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) [] "dptracker"=C:\Program Files\DigitalPeers\CamTrack\dptracker.exe [2005-12-18 331776] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952] "SynapseUpdate"=C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe [2009-03-09 491520] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-26 39408] "Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe [2008-08-26 2019624] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Digimax Viewer 2.0.lnk - C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe IrDA Monitor.lnk - C:\Program Files\IrCOMM2k\irmon2k.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "E:\STHIW\stInstall.exe"="E:\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\WINDOWS\SYSTEM32\dpvsetup.exe"="C:\WINDOWS\SYSTEM32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\SYSTEM32\rundll32.exe"="C:\WINDOWS\SYSTEM32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3ef59ee-0df9-11dc-8a75-0006a2057cf6}] shell\Auto\command - AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ======File associations====== .js - edit - C:\WINDOWS\System32\Notepad.exe %1 .js - open - C:\WINDOWS\System32\WScript.exe "%1" %* .vbs - edit - C:\WINDOWS\System32\Notepad.exe %1 .vbs - open - C:\WINDOWS\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-04-26 23:27:44 ----D---- C:\Program Files\trend micro 2009-04-26 21:29:20 ----D---- C:\Program Files\Avira 2009-04-26 21:29:20 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-04-26 17:11:30 ----A---- C:\WINDOWS\system32\cd_clint1.dll 2009-04-25 15:13:06 ----A---- C:\WINDOWS\system32\ftp_non_crp.exe 2009-04-25 01:46:57 ----D---- C:\rsit 2009-04-24 23:47:53 ----D---- C:\Documents and Settings\OUASTI\Application Data\Malwarebytes 2009-04-24 23:47:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-24 23:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-04-23 20:35:04 ----D---- C:\Program Files\ma-config.com 2009-04-23 20:35:04 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-04-23 14:07:06 ----D---- C:\Documents and Settings\OUASTI\Application Data\Uniblue 2009-04-23 14:06:53 ----D---- C:\Program Files\Uniblue 2009-04-23 14:06:32 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\unrar3.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-04-23 10:58:13 ----D---- C:\Documents and Settings\OUASTI\Application Data\Simply Super Software 2009-04-23 10:58:13 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\javaws.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\javaw.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\java.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-22 03:39:25 ----D---- C:\Program Files\Support Tools 2009-04-21 16:37:57 ----D---- C:\Program Files\Chief-Win PDF Converter PE 2009-04-21 12:40:26 ----D---- C:\WINDOWS\system32\gs 2009-04-21 12:40:26 ----D---- C:\Program Files\Tweak PDF Converter 2009-04-21 05:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-04-19 21:42:25 ----D---- C:\WINDOWS\system32\XPSViewer 2009-04-19 21:42:18 ----D---- C:\Program Files\MSBuild 2009-04-19 21:42:15 ----D---- C:\WINDOWS\system32\en-US 2009-04-19 21:42:05 ----D---- C:\Program Files\Reference Assemblies 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-04-19 21:41:31 ----D---- C:\b39568c4277d0c98b09a91cc 2009-04-19 21:41:12 ----D---- C:\WINDOWS\SxsCaPendDel 2009-04-16 05:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-16 05:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-16 05:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-16 05:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-16 05:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-16 05:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-14 11:40:55 ----D---- C:\ConvertTemp 2009-04-14 11:28:00 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem #3.txt 2009-04-07 23:14:36 ----D---- C:\VideoConvert 2009-04-07 23:14:25 ----D---- C:\Program Files\OJOsoft 2009-03-31 02:35:41 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\muweb.dll 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-03-29 18:04:10 ----D---- C:\Program Files\Microsoft 2009-03-29 18:03:51 ----D---- C:\Program Files\Windows Live SkyDrive 2009-03-29 18:03:26 ----D---- C:\Program Files\Windows Live 2009-03-29 17:55:18 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-03-27 07:42:08 ----A---- C:\WINDOWS\system32\bassmod.dll 2009-03-27 07:09:04 ----D---- C:\Program Files\MagicISO ======List of files/folders modified in the last 1 months====== 2009-04-26 23:27:44 ----RD---- C:\Program Files 2009-04-26 22:51:22 ----D---- C:\WINDOWS\Temp 2009-04-26 22:51:20 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-04-26 21:36:08 ----D---- C:\WINDOWS\Prefetch 2009-04-26 21:29:32 ----D---- C:\WINDOWS\SYSTEM32 2009-04-26 21:29:22 ----D---- C:\WINDOWS\system32\DRIVERS 2009-04-26 21:18:47 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-04-26 21:18:47 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt 2009-04-26 21:17:45 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-26 18:00:02 ----D---- C:\Program Files\Norton Security Scan 2009-04-26 17:25:10 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-26 16:46:26 ----SHD---- C:\WINDOWS\Installer 2009-04-25 14:02:17 ----AC---- C:\WINDOWS\DHO.INI 2009-04-25 14:01:52 ----A---- C:\WINDOWS\WIN.INI 2009-04-25 01:26:38 ----D---- C:\WINDOWS 2009-04-25 01:26:38 ----D---- C:\Program Files\Fichiers communs 2009-04-23 20:37:12 ----SHD---- C:\Config.Msi 2009-04-23 12:28:47 ----SD---- C:\WINDOWS\Tasks 2009-04-23 12:27:27 ----RSHD---- C:\WINDOWS\system32\DLLCACHE 2009-04-23 12:27:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-04-23 12:26:25 ----HD---- C:\WINDOWS\INF 2009-04-23 12:05:36 ----D---- C:\WINDOWS\Minidump 2009-04-22 17:03:35 ----AC---- C:\WINDOWS\STImgBrowser.INI 2009-04-22 13:50:54 ----D---- C:\Program Files\Java 2009-04-22 05:17:30 ----D---- C:\WINDOWS\Help 2009-04-21 18:33:02 ----D---- C:\WINDOWS\system32\FxsTmp 2009-04-19 22:57:15 ----D---- C:\WINDOWS\Microsoft.NET 2009-04-19 22:55:46 ----RSD---- C:\WINDOWS\assembly 2009-04-19 22:10:10 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-19 22:09:38 ----D---- C:\WINDOWS\WinSxS 2009-04-19 21:42:12 ----RSD---- C:\WINDOWS\Fonts 2009-04-19 18:17:25 ----A---- C:\WINDOWS\imsins.BAK 2009-04-19 17:49:26 ----AC---- C:\WINDOWS\tpw.ini 2009-04-19 17:47:46 ----AC---- C:\WINDOWS\NeroDigital.ini 2009-04-16 05:10:51 ----D---- C:\WINDOWS\system32\WBEM 2009-04-16 05:10:51 ----D---- C:\WINDOWS\AppPatch 2009-04-16 05:10:51 ----D---- C:\Program Files\Internet Explorer 2009-04-16 05:04:19 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-16 05:03:56 ----A---- C:\WINDOWS\system32\MRT.INI 2009-04-16 05:01:52 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-14 01:01:09 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-04-13 23:34:55 ----D---- C:\WINDOWS\Lhsp 2009-04-06 07:57:26 ----A---- C:\WINDOWS\system32\MRT.exe 2009-03-30 10:26:33 ----AC---- C:\WINDOWS\WORDPAD.INI 2009-03-29 20:20:11 ----SD---- C:\Documents and Settings\OUASTI\Application Data\Microsoft 2009-03-29 18:03:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-03-29 16:43:25 ----A---- C:\WINDOWS\InfModM.ini 2009-03-29 16:42:57 ----D---- C:\Program Files\WinPhone 2009-03-29 16:31:58 ----D---- C:\Documents and Settings\OUASTI\Application Data\MSN6 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072] R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2002-12-17 61424] R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2002-12-17 23436] R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-05-30 29568] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-05-30 33792] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-11-08 17217] R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2003-05-14 143834] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-02-22 5632] R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2003-05-14 206464] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192] R2 IrDA2k;IrDA2k Protocol; C:\WINDOWS\System32\DRIVERS\irda2k.sys [2004-12-12 246272] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-04-08 15781] R2 NetAlrt;NetAlrt; \??\C:\WINDOWS\System32\drivers\NetAlrt.sys [] R2 PlatAlrt;PlatAlrt; \??\C:\WINDOWS\System32\drivers\PlatAlrt.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 BtAudio;Bluetooth Audio; C:\WINDOWS\system32\DRIVERS\btaudio.sys [2002-10-24 21701] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2002-10-24 30043] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2002-10-24 144608] R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2005-12-18 44416] R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2003-05-14 25898] R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2002-11-12 99840] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-28 5888] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-05-30 102656] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848] S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [] S3 AIPTEK;DV3300 Video Capture; C:\WINDOWS\System32\DRIVERS\CoachVc.sys [2003-01-25 46048] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-10-03 65076] S3 CA561;ICatch (VI) PC Camera; C:\WINDOWS\System32\Drivers\SPCA561.SYS [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 DV3300Usb;DV3300 Digital Camera on USB; C:\WINDOWS\System32\DRIVERS\CoachUsb.sys [2003-02-28 42624] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2003-05-14 30630] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\system32\drivers\NMSCFG.SYS [] S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [2003-07-16 43264] S3 SF-620;Kingsun SF-620 USB Infrared Adapter; C:\WINDOWS\System32\DRIVERS\SF-620.sys [2004-08-12 15961] S3 sfilter;sfilter; \??\C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX17.437\Portable Perfect Uninstaller 6.3.3.0\sfilter.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20040813.178\symidsco.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] S3 vmfilter303;vmfilter303; C:\WINDOWS\system32\drivers\vmfilter303.sys [2006-04-25 428160] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 ZSMC303;USB PC Camera (Vimicro301 Neptune); C:\WINDOWS\System32\Drivers\usbVM303.sys [2006-12-01 392122] S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297] R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2002-05-08 212992] R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe [2008-04-16 72704] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Iap;Iap; C:\Program Files\Dell\OpenManage\Client\Iap.exe [2002-04-04 163840] R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-05-30 800768] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-22 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2003-10-06 81920] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-01-27 856064] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-26 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] S3 NMSSvc;Intel® NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-07-30 1118208] S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-04-12 176640] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
- le 26 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

Salut, dois-je,aussi, supprimer le fichier "fix.reg" de la corbeille? Quant à la 2ème phase , la désinstallation de l'application FlashGet ads support n'aboutit pas, il indique: erreur de chargement de C:\Windows\system32\cd_clint.dll Le module spécifié est introuvable. dois-je faire la phase 3? Merci d'avance THANOS
- le 26 avril 2009
- 26 réponses
infection

ouasti a répondu à un(e) sujet de ouasti dans Analyses et éradication malwares

bonsoir, voici les 3 rapports Malwarebytes' Anti-Malware 1.36 Version de la base de données: 2036 Windows 5.1.2600 Service Pack 3 25/04/2009 01:26:38 mbam-log-2009-04-25 (01-26-38).txt Type de recherche: Examen complet (C:\|G:\|) Eléments examinés: 267083 Temps écoulé: 1 hour(s), 0 minute(s), 7 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 39 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 78 Fichier(s) infecté(s): 126 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\Interface\{4fc63700-2093-4ad2-8d37-3b3d86d9c940} (Trojan.Perfiler) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{5bf0ce3e-61d2-4a7b-baa3-0c4667a9563d} (Trojan.Perfiler) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7be68951-eecc-4ca3-8991-fc2054d1f7e6} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8d2fe65b-7dce-44af-b664-556f289bcaac} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{82fc4503-8459-4239-9b85-0617beaa950a} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{095c0db4-fea6-440e-8dfc-00fc53ac827d} (Trojan.Perfiler) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{511f9316-771b-4953-a268-1c36da667fe9} (Dialer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82fc4503-8459-4239-9b85-0617beaa950a} (Dialer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA749BC1-143E-430D-B1DA-1D2AF67A3658} (Adware.Instant Access) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6f7d-442c-93e3-4a4827c2e4c8} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4} (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{88c51e90-8e9c-4c96-8a45-574d88b63faf} (Trojan.Perfiler) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{82fc4503-8459-4239-9b85-0617beaa950a} (Dialer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\c48d3b9bca9b3a5a04bc26f729ee0c6e389dde2e (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\2c5eceb3d45147eb99fa51120e7c7adebe213de6 (Adware.123Mania) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\a6a50b0ebf885a7dd4fb6927f1388592138fffe6 (Adware.123Mania) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{511f9316-771b-4953-a268-1c36da667fe9} (Dialer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{d724f038-df89-4a1a-83d1-fd9164b78077} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{502f728b-67b8-409e-bceb-7ee8632f321a} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d2cd81e5-cc37-44b3-93b7-c52cb993ba34} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{da295dae-fce7-4168-bcb8-edc3a433bd97} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ed40af28-f03f-492a-9542-e24945cd65aa} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e6bb8b70-8ad2-43b6-a952-83e462ce80de} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access (Adware.InstantAccess) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\YourSiteBar (Trojan.Istbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\winantivirus pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout (Adware.NetOptimizer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avpa (Spyware.OnlineGames) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\Program Files\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Program Files\Fichiers communs\WinAntiVirus Pro 2006 (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SalesMon (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\SalesMon\Data (Rogue.Multiple) -> Quarantined and deleted successfully. C:\Documents and Settings\OUASTI\Application Data\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\OUASTI\Application Data\SystemDoctor 2006 Free\Logs (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\Instant Access (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Center (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287\FR (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\FR (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\www.0texkax7c6hzuidk.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\www.0texkax7c6hzuidk.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1860 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1860\FR (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\www.02KMKY1XGZBMSDFX.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\www.02KMKY1XGZBMSDFX.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\1 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\3020 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\3020\FR (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\www.waypointcash.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\www.waypointcash.com\conversion (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\external-api.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\external-api.dlv4.com\js (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\EN (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700\FR (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\www.02kmky1xgzbmsdfx.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\www.02kmky1xgzbmsdfx.com\Common (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\www.rapid-pass.net (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\www.zipzappromos.com (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MailSkinner (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\msskinner (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\YourSiteBar (Adware.ISTBar) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\SYSTEM32\bpssc1.1.dll (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully. C:\Program Files\WinAntiVirus Pro 2006\ASupdater.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Program Files\WinAntiVirus Pro 2006\PGupdater.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Program Files\WinAntiVirus Pro 2006\UBUpdater.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Program Files\WinAntiVirus Pro 2006\updater.dat (Rogue.WinAntivirus) -> Quarantined and deleted successfully. C:\Documents and Settings\OUASTI\Application Data\SystemDoctor 2006 Free\Logs\update.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Center\Fun-Games.upd (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Center\NoCreditCard.upd (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Center\tray1.ico (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Center\VIDEOZAPPING.upd (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\VIDEOZAPPING.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-external-api.dlv4.com\js\1160dcbc0add6d47f3e5e8d7e284dfc0 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\Common\ac4d5e72dc88aba2466ae04f0f6103a9.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287\4287_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287\FR\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\es6-scripts.dlv4.com\custom\4287\FR\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\2301a1b21f02fce29dd30f7debe555b4.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\espaceur.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\index_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\index_03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\index_05.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\index_06.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\index_09.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\index_11.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\zap.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\FR\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\fp.gad-network.com\50002\images\FR\index_07.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\135316754\www.rapid-pass.net\2d82f816b17549d618eae3e6569f055f_ (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\external-api.dlv4.com\js\7a60d1a7b84a18f12fb7a20e75bcceb4 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\Common\3892115509c51ad150a3e7ce5448c8ae.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1\dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1860\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1860\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1860\FR\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\scripts.dlv4.com\custom\1860\FR\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\daadb22de9c4afa20b5aac01494d467c.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\waypointlogo.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_04.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_05.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_06.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_07.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_08.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_11.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_12.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_13.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_14.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_15.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_16.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_17.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_18.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_19.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_20.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_21.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_22.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_23.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\traffic.waypointcash.com\goldcasino.tv\enter\en\goldcasino_24.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\504915538\www.rapid-pass.net\7d98f25c39b8096470e223161f0d60a6 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\NoCreditCard.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-external-api.dlv4.com\js\b33d94e99cd361c70a3fdb0a273e4e23 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\Common\3d4fea6d1d574755f67b31dc1a92399a.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\1\dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\3020\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\3020\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\3020\FR\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\es6-scripts.nccgateway.com\custom\3020\FR\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\d358ceddfe1e4fe994dcc26774467ec7.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_03.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_04.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_05.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_06.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_07.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_09.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_10.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_11.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\traffic.waypointcash.com\emoticonsplanet.com\enter\8\fr\emoticonsplanet_12.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\www.rapid-pass.net\7767966273e83a079ccef90e1cc85a67_ (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\535627156\www.waypointcash.com\conversion\160856259f6ef5fda936840b058c1fdb (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\NoCreditCard.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\external-api.dlv4.com\js\be65355e14f47ed3e63e1ccd13abcec9 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_04.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_05.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_06.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_07.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_08.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_09.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_10.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_11.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_12.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_13.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_14.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_15.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_16.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_17.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_18.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_19.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_20.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_21.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_22.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\index_24.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\spacer.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\EN\index_01.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\EN\index_02.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\media.rapid-pass.net\fullpages\cus_v3_usaminutes\casino01\images\EN\index_23.jpg (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\Common\063b3ed15d03e6aa5fa339d13b70a4b7.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700\3700_dialer.ico (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700\FR\button1.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700\FR\button2.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700\FR\button3.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\scripts.dlv4.com\custom\3700\FR\button4.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\www.rapid-pass.net\68225edffca9f78abf1587e825de2e10 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\Instant Access\Dialer\767264572\www.zipzappromos.com\31a6b417ae5faf69958cfc38505865ba.html (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MailSkinner\anim_0.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\MailSkinner\anim_help.gif (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\msskinner\msbackup.dat (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\Program Files\YourSiteBar\ysb.dll (Adware.ISTBar) -> Quarantined and deleted successfully. C:\WINDOWS\tmlpcert2007 (Adware.EGDAccess) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\qqokm_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\qqokm_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully. Logfile of random's system information tool 1.06 (written by random/random) Run by OUASTI at 2009-04-25 01:46:57 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 20 GB (27%) free of 76 GB Total RAM: 1023 MB (59% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:47:46, on 25/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Paizhao.EXE C:\WINDOWS\Recovery.EXE C:\Program Files\DigitalPeers\CamTrack\dptracker.exe C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX02.235\KAV_Portable_9.0.0.313_En\App\KAV9\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe C:\Program Files\IrCOMM2k\irmon2k.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\OUASTI\Bureau\RSIT.exe C:\Documents and Settings\OUASTI\Bureau\OUASTI.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {45002861-ED0C-4AE0-9240-FF24D544DB41} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\Paizhao.EXE O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Recovery.EXE O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [dptracker] C:\Program Files\DigitalPeers\CamTrack\dptracker.exe O4 - HKLM\..\Run: [avp] "C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX02.235\KAV_Portable_9.0.0.313_En\App\KAV9\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digimax Viewer 2.0.lnk = ? O4 - Global Startup: IrDA Monitor.lnk = C:\Program Files\IrCOMM2k\irmon2k.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Point&&Go - C:\Program Files\Fichiers communs\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {11111111-1111-1111-1111-222222222222} - ms-its:mhtml:file://d:\foo.mht!http://www.sexyacademy.com//x.chm::/open.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://scripts.dlv4.com/binaries/egaccess4..._1067_em_XP.cab O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1059_XP.cab O16 - DPF: {A31D9A13-4C45-4DFB-8827-BA4F402D9C95} - http://es6-scripts.dlv4.com/binaries/egacc...ss4_1063_XP.cab O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGD...ESS_1072_XP.cab O16 - DPF: {FA1D6D8F-C6ED-4752-8512-A33283240130} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1066_XP.cab O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 14398 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Norton Security Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-05-15 817936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45002861-ED0C-4AE0-9240-FF24D544DB41}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}] BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-12 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-26 657904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-12 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-22 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-22 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456] {E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll [2008-05-15 817936] {147D6308-0614-4112-89B1-31402F9B82C4} - Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL [2006-06-13 256792] {BA52B914-B692-46c4-B683-905236F6F655} {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-12 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-10-06 5058560] "DVDSentry"=C:\WINDOWS\System32\DSentry.exe [2002-08-14 28672] "AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2002-12-17 684032] "Microsoft Works Update Detection"=C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [2002-07-18 28672] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952] "IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2001-08-28 44032] "MSPY2002"=C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392] "PHIME2002ASync"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "PHIME2002A"=C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168] "nwiz"=nwiz.exe /install [] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-22 148888] "ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608] "ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-04-13 69632] "NWEReboot"= [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2003-10-06 49152] "MPFTray"=C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe [] "MISAggregator"= [] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-05-30 542208] "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-03-28 593920] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696] "VMSnap3"=C:\WINDOWS\Paizhao.EXE [2007-01-09 49152] "Domino"=C:\WINDOWS\Recovery.EXE [2007-01-09 49152] "BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) [] "dptracker"=C:\Program Files\DigitalPeers\CamTrack\dptracker.exe [2005-12-18 331776] "avp"=C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX02.235\KAV_Portable_9.0.0.313_En\App\KAV9\avp.exe [2009-04-19 291016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MediaDico"=C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe [2002-12-24 253952] "SynapseUpdate"=C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe [2009-03-09 491520] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-26 39408] "Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe [2008-08-26 2019624] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Assistant d'Acrobat.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Digimax Viewer 2.0.lnk - C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe IrDA Monitor.lnk - C:\Program Files\IrCOMM2k\irmon2k.exe Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 240128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "E:\STHIW\stInstall.exe"="E:\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\WINDOWS\SYSTEM32\dpvsetup.exe"="C:\WINDOWS\SYSTEM32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\SYSTEM32\rundll32.exe"="C:\WINDOWS\SYSTEM32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application" "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] shell\AutoRun\command - ntde1ect.com shell\explore\command - ntde1ect.com shell\open\command - ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b033b4e-ce47-11dc-8ae5-0006a2057cf6}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22d12bfc-d0d1-11db-849c-4d6564696130}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5551c328-dd93-11dc-8afe-0006a2057cf6}] shell\AutoRun\command - F:\0hct8ybw.bat shell\explore\command - F:\0hct8ybw.bat shell\open\command - F:\0hct8ybw.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58a5e568-7abe-11dd-8ba2-0006a2057cf6}] shell\AutoRun\command - ntde1ect.com shell\explore\command - ntde1ect.com shell\open\command - ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b41184b3-8cd5-11db-8478-4d6564696130}] shell\Auto\command - F:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b83dc4f2-8ca5-11dd-8bba-0006a2057cf6}] shell\AutoRun\command - F:\start.exe shell\FramaKey\command - F:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdd1ba26-e49f-11dc-8b02-0006a2057cf6}] shell\AutoRun\command - ntde1ect.com shell\explore\command - ntde1ect.com shell\open\command - ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df96a90c-e41e-11db-84a4-4d6564696130}] shell\AutoRun\command - G:\ntde1ect.com shell\explore\command - G:\ntde1ect.com shell\open\command - G:\ntde1ect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e86b155b-a254-11db-8487-4d6564696130}] shell\Auto\command - G:\AdobeR.exe e shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e ======File associations====== .js - edit - C:\WINDOWS\System32\Notepad.exe %1 .js - open - C:\WINDOWS\System32\WScript.exe "%1" %* .vbs - edit - C:\WINDOWS\System32\Notepad.exe %1 .vbs - open - C:\WINDOWS\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-04-25 01:46:57 ----D---- C:\rsit 2009-04-24 23:47:53 ----D---- C:\Documents and Settings\OUASTI\Application Data\Malwarebytes 2009-04-24 23:47:47 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-24 23:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-04-23 20:35:04 ----D---- C:\Program Files\ma-config.com 2009-04-23 20:35:04 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2009-04-23 14:07:06 ----D---- C:\Documents and Settings\OUASTI\Application Data\Uniblue 2009-04-23 14:06:53 ----D---- C:\Program Files\Uniblue 2009-04-23 14:06:32 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvunrar36.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvunace26.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\ztvcabinet.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\unrar3.dll 2009-04-23 10:58:16 ----A---- C:\WINDOWS\system32\unacev2.dll 2009-04-23 10:58:13 ----D---- C:\Documents and Settings\OUASTI\Application Data\Simply Super Software 2009-04-23 10:58:13 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\javaws.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\javaw.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\java.exe 2009-04-22 13:51:14 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-04-22 03:39:25 ----D---- C:\Program Files\Support Tools 2009-04-21 16:37:57 ----D---- C:\Program Files\Chief-Win PDF Converter PE 2009-04-21 12:40:26 ----D---- C:\WINDOWS\system32\gs 2009-04-21 12:40:26 ----D---- C:\Program Files\Tweak PDF Converter 2009-04-21 05:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-04-19 21:42:25 ----D---- C:\WINDOWS\system32\XPSViewer 2009-04-19 21:42:18 ----D---- C:\Program Files\MSBuild 2009-04-19 21:42:15 ----D---- C:\WINDOWS\system32\en-US 2009-04-19 21:42:05 ----D---- C:\Program Files\Reference Assemblies 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-04-19 21:41:32 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-04-19 21:41:31 ----D---- C:\b39568c4277d0c98b09a91cc 2009-04-19 21:41:12 ----D---- C:\WINDOWS\SxsCaPendDel 2009-04-16 05:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-04-16 05:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2009-04-16 05:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-04-16 05:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-04-16 05:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-04-16 05:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-04-14 11:40:55 ----D---- C:\ConvertTemp 2009-04-14 11:28:00 ----A---- C:\WINDOWS\ModemLog_SAMSUNG Mobile USB Modem #3.txt 2009-04-07 23:14:36 ----D---- C:\VideoConvert 2009-04-07 23:14:25 ----D---- C:\Program Files\OJOsoft 2009-03-31 02:35:41 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\muweb.dll 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-03-30 09:38:37 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-03-29 18:04:10 ----D---- C:\Program Files\Microsoft 2009-03-29 18:03:51 ----D---- C:\Program Files\Windows Live SkyDrive 2009-03-29 18:03:26 ----D---- C:\Program Files\Windows Live 2009-03-29 17:55:18 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-03-27 07:42:08 ----A---- C:\WINDOWS\system32\bassmod.dll 2009-03-27 07:09:04 ----D---- C:\Program Files\MagicISO ======List of files/folders modified in the last 1 months====== 2009-04-25 01:46:12 ----D---- C:\WINDOWS\Temp 2009-04-25 01:32:21 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt 2009-04-25 01:32:21 ----A---- C:\WINDOWS\ModemLog_Bluetooth Fax Modem.txt 2009-04-25 01:31:52 ----D---- C:\WINDOWS\SYSTEM32 2009-04-25 01:31:14 ----D---- C:\WINDOWS\system32\DRIVERS 2009-04-25 01:30:39 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-25 01:26:38 ----RD---- C:\Program Files 2009-04-25 01:26:38 ----D---- C:\WINDOWS 2009-04-25 01:26:38 ----D---- C:\Program Files\Fichiers communs 2009-04-24 23:47:53 ----D---- C:\WINDOWS\Prefetch 2009-04-24 18:00:00 ----D---- C:\Program Files\Norton Security Scan 2009-04-24 14:38:33 ----D---- C:\WINDOWS\system32\CatRoot2 2009-04-23 20:37:12 ----SHD---- C:\WINDOWS\Installer 2009-04-23 20:37:12 ----SHD---- C:\Config.Msi 2009-04-23 19:10:24 ----AC---- C:\WINDOWS\DHO.INI 2009-04-23 19:10:14 ----A---- C:\WINDOWS\WIN.INI 2009-04-23 12:28:47 ----SD---- C:\WINDOWS\Tasks 2009-04-23 12:27:27 ----RSHD---- C:\WINDOWS\system32\DLLCACHE 2009-04-23 12:27:26 ----D---- C:\WINDOWS\system32\CatRoot 2009-04-23 12:26:25 ----HD---- C:\WINDOWS\INF 2009-04-23 12:05:36 ----D---- C:\WINDOWS\Minidump 2009-04-22 17:03:35 ----AC---- C:\WINDOWS\STImgBrowser.INI 2009-04-22 13:50:54 ----D---- C:\Program Files\Java 2009-04-22 05:17:30 ----D---- C:\WINDOWS\Help 2009-04-21 18:33:02 ----D---- C:\WINDOWS\system32\FxsTmp 2009-04-19 22:57:15 ----D---- C:\WINDOWS\Microsoft.NET 2009-04-19 22:55:46 ----RSD---- C:\WINDOWS\assembly 2009-04-19 22:10:10 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-04-19 22:09:38 ----D---- C:\WINDOWS\WinSxS 2009-04-19 21:42:12 ----RSD---- C:\WINDOWS\Fonts 2009-04-19 18:17:25 ----A---- C:\WINDOWS\imsins.BAK 2009-04-19 17:49:26 ----AC---- C:\WINDOWS\tpw.ini 2009-04-19 17:47:46 ----AC---- C:\WINDOWS\NeroDigital.ini 2009-04-16 05:10:51 ----D---- C:\WINDOWS\system32\WBEM 2009-04-16 05:10:51 ----D---- C:\WINDOWS\AppPatch 2009-04-16 05:10:51 ----D---- C:\Program Files\Internet Explorer 2009-04-16 05:04:19 ----D---- C:\WINDOWS\system32\fr-fr 2009-04-16 05:03:56 ----A---- C:\WINDOWS\system32\MRT.INI 2009-04-16 05:01:52 ----HD---- C:\WINDOWS\$hf_mig$ 2009-04-14 01:01:09 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-04-13 23:34:55 ----D---- C:\WINDOWS\Lhsp 2009-04-06 07:57:26 ----A---- C:\WINDOWS\system32\MRT.exe 2009-03-30 10:26:33 ----AC---- C:\WINDOWS\WORDPAD.INI 2009-03-29 20:20:11 ----SD---- C:\Documents and Settings\OUASTI\Application Data\Microsoft 2009-03-29 18:03:57 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-03-29 16:43:25 ----A---- C:\WINDOWS\InfModM.ini 2009-03-29 16:42:57 ----D---- C:\Program Files\WinPhone 2009-03-29 16:31:58 ----D---- C:\Documents and Settings\OUASTI\Application Data\MSN6 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376] R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2002-12-17 61424] R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2002-12-17 23436] R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152] R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-05-30 29568] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-05-30 33792] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-11-08 17217] R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2003-05-14 143834] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-02-22 5632] R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2003-05-14 206464] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys [] R2 irda;Protocole IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192] R2 IrDA2k;IrDA2k Protocol; C:\WINDOWS\System32\DRIVERS\irda2k.sys [2004-12-12 246272] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-04-08 15781] R2 NetAlrt;NetAlrt; \??\C:\WINDOWS\System32\drivers\NetAlrt.sys [] R2 PlatAlrt;PlatAlrt; \??\C:\WINDOWS\System32\drivers\PlatAlrt.sys [] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152] R3 BtAudio;Bluetooth Audio; C:\WINDOWS\system32\DRIVERS\btaudio.sys [2002-10-24 21701] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2002-10-24 30043] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2002-10-24 144608] R3 dptrackerd;Tracker Driver; C:\WINDOWS\system32\drivers\dptrackerd.sys [2005-12-18 44416] R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2003-05-14 25898] R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2002-11-12 99840] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-10-06 1550043] R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-28 5888] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008] R3 StillCam;Pilote d'appareil photo numérique série; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-23 6912] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB Root Hub (usbport); C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-05-30 102656] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848] S1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848] S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [] S3 ac97intc;Service d'installation du pilote audio Intel® 82801 (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [] S3 AIPTEK;DV3300 Video Capture; C:\WINDOWS\System32\DRIVERS\CoachVc.sys [2003-01-25 46048] S3 BthEnum;Service d'énumérateur Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272768] S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-10-03 65076] S3 CA561;ICatch (VI) PC Camera; C:\WINDOWS\System32\Drivers\SPCA561.SYS [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 DV3300Usb;DV3300 Digital Camera on USB; C:\WINDOWS\System32\DRIVERS\CoachUsb.sys [2003-02-28 42624] S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591] S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2003-05-14 30630] S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\System32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\system32\drivers\NMSCFG.SYS [] S3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536] S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360] S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088] S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624] S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704] S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432] S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800] S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [2003-07-16 43264] S3 SF-620;Kingsun SF-620 USB Infrared Adapter; C:\WINDOWS\System32\DRIVERS\SF-620.sys [2004-08-12 15961] S3 sfilter;sfilter; \??\C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX17.437\Portable Perfect Uninstaller 6.3.3.0\sfilter.sys [] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\IDS-DI~1\20040813.178\symidsco.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] S3 vmfilter303;vmfilter303; C:\WINDOWS\system32\drivers\vmfilter303.sys [2006-04-25 428160] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 ZSMC303;USB PC Camera (Vimicro301 Neptune); C:\WINDOWS\System32\Drivers\usbVM303.sys [2006-12-01 392122] S4 agpCPQ;Filtre de bus AGP Compaq; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928] S4 alim1541;Filtre de bus AGP ALI; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752] S4 amdagp;Pilote de filtre du bus AMD AGP; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008] S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;Filtre de bus AGP SIS; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960] S4 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2002-05-08 212992] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe [2008-04-16 72704] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 Iap;Iap; C:\Program Files\Dell\OpenManage\Client\Iap.exe [2002-04-04 163840] R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-05-30 800768] R2 Irmon;Moniteur infrarouge; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-22 152984] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2003-10-06 81920] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-01-27 856064] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-26 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232] S3 NMSSvc;Intel® NMS; C:\WINDOWS\System32\NMSSvc.exe [2002-07-30 1118208] S3 ServiceLayer;ServiceLayer; C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe [2006-04-12 176640] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-04-25 01:47:49 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\NuNInst.exe /UNINSTALL -->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3D World Map 1.2-->"C:\Program Files\Longgame\3D World Map\uninstall.exe" /uninstall Adobe Acrobat 6.0 Professional - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001} Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A71000000002} Adobe Shockwave Player-->C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\Install.log Analyseur et SDK XML Microsoft-->MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07} Aquatica 3-->C:\Program Files\Aquatica 3\Aquatica 3.exe uninstall Arabic_Calligraphy Screen Saver-->C:\WINDOWS\System32\ARABIC~1.SCR /U Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AVI DivX to DVD SVCD VCD Converter 1.2.0-->"C:\Program Files\AVI DivX to DVD SVCD VCD Converter\unins000.exe" Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} CamTrack-->"C:\Program Files\DigitalPeers\CamTrack\unins000.exe" CDex extraction audio-->"C:\Program Files\CDex_140b9\uninstall.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} Ciel e-Commerce-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F23F3A0-B96C-11D5-AFDC-00C04F8EC576}\install.exe" UNINSTALL Ciel eSauvegarde-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADA14838-7A2B-11D6-B05E-00C04F8EC576}\install.exe" UNINSTALL Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Coup de Pouce Maternelle Petite Section 2-3 ans-->C:\WINDOWS\IsUn040c.exe -fC:\KA\CPMPS\DeIsL1.isu Dell Solution Center-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288} Digimax 202-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E30D0741-2000-11D8-ABE1-0080C8274868}\Setup.exe" -l0x9 Digimax Viewer 2.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9EE54C1F-FC99-44D6-916A-0CA2D45E740F}\Setup.exe" DV3300 Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C353A9E3-27D5-4B1E-B21C-DA118EE2FD05}\Setup.exe" DVDSentry-->MsiExec.exe /I{98DF85D9-96C0-4F57-A92E-C3539477EF5E} Easy CD Creator 5 Basic-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0} Expert System Point&Go Platform-->"C:\Program Files\Fichiers communs\Expert System\PGPlatform\unins000.exe" FlashGet ads support-->RunDll32 C:\WINDOWS\system32\cd_clint.dll,ServiceRunDll u_277 Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall Grand Dictionnaire Hachette-Oxford-->C:\Program Files\GDHO\Uninstal.exe HijackThis 2.0.2-->"C:\Documents and Settings\OUASTI\Bureau\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} Intel® PRO Ethernet Adapter and Software-->Prounstl.exe Intel® PROSet II-->MsiExec.exe /I{01A4AEDE-F219-49A2-B855-16A016EAF9A4} Intel® Pro Alerting Agent, Version 3.0.0-->MsiExec.exe /I{6797B492-3814-4129-AD07-C727D23FB5BF} Intel® PRO Network Adapters WMI Provider (2.0)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C701994-43D2-4B7B-A548-C6E6C224D9A9}\setup.exe" InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe IrCOMM2k-->"C:\Program Files\IrCOMM2k\uninstall.exe" J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall Le Corps humain-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\Le Corps humain\Uninst.isu" Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall L'Encyclopédie Médicale Pratique-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Encyclopédie Médicale Française\Médical\DeIsL1.isu" Les Indispensables Education pour Microsoft Office-->MsiExec.exe /X{B348E585-E872-41DF-8234-E2D49917CFBB} Lizardtech DjVu Control-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{105CFC7C-6992-11D5-BD9D-000102C10FD8}\Setup.exe" -l0x40c Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Micro Application - MediaDICO 12-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\12 DICOS Indispensables\Uninst.isu" Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Encarta 2007 - Etudes-->MsiExec.exe /I{07181881-E9B4-4DF6-A845-CAAFD093E477} Microsoft Encarta Maths-->MsiExec.exe /I{07183840-959A-4B0D-8825-2C533F0DDB19} Microsoft Fortran PowerStation 4.0-->C:\MSDEV\BIN\fpscdrom.exe setup.exe "Setup Files" %s -1 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office XP Media Content-->MsiExec.exe /I{9030040C-6000-11D3-8CFE-0050048383C9} Microsoft Office XP Professional avec FrontPage-->MsiExec.exe /I{9028040C-6000-11D3-8CFE-0050048383C9} Microsoft Picture It! Photo 7.0-->MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Windows Script Host-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wsh.inf,Uninstall.NT Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour Encarta_Les Indispensables Education-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\fr\FR\WBEncarta\Uninstall\Uninstall.inf,Uninstall,,,N Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe Moorhuhn Soccer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C6D1F24-C121-407D-A49D-46C0971C9751}\Setup.exe" -l0x40c MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Nero 7 Essentials-->MsiExec.exe /I{9BB69D0F-1369-4DBD-99A9-1BC228ED1036} Nokia Connectivity Cable Driver-->MsiExec.exe /X{E4DD8B33-6F9B-41C5-96FF-5DBF27ED23E7} Nokia PC Connectivity Solution-->MsiExec.exe /I{588AA47B-9115-44D3-B2E5-4F10BC659D6C} Norton Security Scan-->MsiExec.exe /I{48B82226-75E3-4E90-92CC-D30F79EA6380} NVIDIA Display Driver-->C:\WINDOWS\system32\nvudisp.exe Uninstall C:\WINDOWS\system32\nvdisp.nvu,NVIDIA Display Driver NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI OJOsoft VOB Converter-->"C:\Program Files\OJOsoft\uninstall.exe" "/U:C:\Program Files\OJOsoft\OJOsoft VOB Converter\Uninstall\uninstall.xml" OMCI-->MsiExec.exe /X{73F1BDB7-11E1-11D5-9DC6-00C04F2FC33B} OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74} ORG50-->C:\WINDOWS\uninst.exe -f"c:\program files\Origin5\DeIsL1.isu" Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PDF Converter PE version 2.2-->"C:\Program Files\Chief-Win PDF Converter PE\unins000.exe" Phywe Laboratory Experiments-->"C:\Program Files\PHYWE\uninst.exe" PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed PLATINUM WorldView for Internet Explorer-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\PLATINUM technology\WorldView for Internet Explorer\Uninst.isu" PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Pro Evolution Soccer 6-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1036 QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD} SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe SAMSUNG Mobile USB Modem ^^-->C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe Samsung PC Studio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sélecteur d'installation de Microsoft Works Suite 2003-->C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe G:\ SereneScreen Aquarium-->"C:\Program Files\SereneScreen\Aquarium\unins000.exe" SereneScreen Marine Aquarium 2-->"C:\Program Files\SereneScreen\Marine Aquarium 2\unins000.exe" Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log Sony Ericsson PC Suite-->MsiExec.exe /I{FE6397C1-CECA-4EC3-B064-42AED7676898} Super DVD Ripper (remove only)-->"C:\Program Files\Super DVD Ripper\sdvd-uninst.exe" Synapse Développement - Diagnostic 12 pour Cordial-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9F7E72D-16D3-40ED-B7D4-886CDCEFC225}\setup.exe" -l0x40c -removeonly Synapse Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F22F869-91D8-4026-A248-0FF8BDC946B5}\SETUP.exe" -l0x40c -uninst -removeonly TweakPDFConverter-->MsiExec.exe /I{CD47F1D0-45F1-44F4-BED6-190012DA74A9} Twin USB Vibration Gamepad-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA12FD6D-169A-11D7-A6A9-00C026281E5A}\setup.exe" -l0x9 Uniblue RegistryBooster 2009-->"C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE Uniblue RegistryBooster 2009-->C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe USB PC Camera (Vimicro301 Neptune)-->C:\Program Files\InstallShield Installation Information\{CE3B8E96-B0AF-4871-9178-1519B58E3A93}\setup.exe -runfromtemp -l0x040c -removeonly USB Vibration Joystick-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57496D70-3C5A-4197-9908-128101444B73}\setup.exe" -l0x9 Video Converter 3-->C:\Program Files\Xilisoft\Video Converter 3\Uninstall.exe VideoLAN VLC media player 0.8.4a-->C:\Program Files\VideoLAN\VLC\uninstall.exe WIDCOMM Bluetooth Software-->MsiExec.exe /X{0F51A262-1ADF-4914-B448-78AC58C4178A} Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Support Tools-->MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinPhone-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" ControlPanel WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall Yahoo! Anti-Spy-->C:\PROGRA~1\Yahoo!\YPSR\unwise32.exe /U C:\PROGRA~1\Yahoo!\YPSR\ypsrinst.log Yahoo! Extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE ======Hosts File====== 127.0.0.1 localhost ======Security center information====== AV: avast! antivirus 4.8.1335 [VPS 090424-0] AV: Kaspersky Anti-Virus (disabled) (outdated) ======System event log====== Computer Name: RACHID Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 000874FD68AE. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 10135 Source Name: Dhcp Time Written: 20090211051028.000000+060 Event Type: warning User: Computer Name: RACHID Event Code: 36 Message: Le service de temps n'a pas pu synchroniser l'heure système de 49152 secondes car aucun fournisseur de temps n'a pu fournir de datage utilisable. L'horloge système n'est pas synchronisée. Record Number: 10121 Source Name: W32Time Time Written: 20090207013938.000000+060 Event Type: warning User: Computer Name: RACHID Event Code: 1006 Message: Votre ordinateur n'a pas pu configurer automatiquement les paramètres IP pour la carte avec l'adresse réseau 000874FD68AE. Il s'est produit l'erreur suivante pendant la configuration : Le client DHCP a obtenu une adresse IP qui est déjà utilisée sur le réseau. L'interface locale sera désactivée jusqu'à ce que le client DHCP puisse obtenir une nouvelle adresse. . Record Number: 10118 Source Name: Dhcp Time Written: 20090206115951.000000+060 Event Type: warning User: Computer Name: RACHID Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 000874FD68AE. Il s'est produit l'erreur suivante : Le délai de temporisation de sémaphore a expiré. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 10117 Source Name: Dhcp Time Written: 20090206115951.000000+060 Event Type: warning User: Computer Name: RACHID Event Code: 36 Message: Le service de temps n'a pas pu synchroniser l'heure système de 49152 secondes car aucun fournisseur de temps n'a pu fournir de datage utilisable. L'horloge système n'est pas synchronisée. Record Number: 10111 Source Name: W32Time Time Written: 20090202142419.000000+060 Event Type: warning User: =====Application event log===== Computer Name: RACHID Event Code: 1000 Message: Application défaillante iexplore.exe, version 7.0.6000.16791, module défaillant ntdll.dll, version 5.1.2600.5512, adresse de défaillance 0x00019c0f. Record Number: 26266 Source Name: Application Error Time Written: 20090408224527.000000+060 Event Type: error User: Computer Name: RACHID Event Code: 1000 Message: Application défaillante iexplore.exe, version 7.0.6000.16791, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Record Number: 26263 Source Name: Application Error Time Written: 20090408220251.000000+060 Event Type: error User: Computer Name: RACHID Event Code: 1000 Message: Application défaillante iexplore.exe, version 7.0.6000.16791, module défaillant urlmon.dll, version 7.0.6000.16791, adresse de défaillance 0x00020116. Record Number: 26261 Source Name: Application Error Time Written: 20090408212859.000000+060 Event Type: error User: Computer Name: RACHID Event Code: 1000 Message: Application défaillante wmiprvse.exe, version 5.1.2600.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x012be970. Record Number: 26207 Source Name: Application Error Time Written: 20090407203227.000000+060 Event Type: error User: Computer Name: RACHID Event Code: 2 Message: The number of Hard Disk Drives in your system has decreased. This typically does NOT indicate a hardware failure. Contact your Help Desk if you did not personally change your system's Hard Disk Drive configuration or disable devices in System Setup. Record Number: 26206 Source Name: OMCI Time Written: 20090407201932.000000+060 Event Type: warning User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Fichiers communs\Adaptec Shared\System;C:\MSDEV\BIN;C:\Program Files\Fichiers communs\Ulead Systems\MPEG;C:\Program Files\Fichiers communs\Teleca Shared;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Support Tools\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=0207 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "INCLUDE"=C:\MSDEV\INCLUDE "LIB"=C:\MSDEV\LIB "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip -----------------EOF-----------------
- le 25 avril 2009
- 26 réponses
infection

ouasti a posté un sujet dans Analyses et éradication malwares

bonjour; Depuis peu de temps, l'icone de la clé USB ne s'affiche plus dans le poste de travail, je n'ai plus accés au contenu de la clé. je joins le fichier HijackThis.log. Merci de m'aider. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:41:42, on 24/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\DSentry.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nero\Nero 7\InCD\InCD.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Paizhao.EXE C:\WINDOWS\Recovery.EXE C:\Program Files\DigitalPeers\CamTrack\dptracker.exe C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX02.235\KAV_Portable_9.0.0.313_En\App\KAV9\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Samsung\Digimax Viewer 2.0\STImgBrowser.exe C:\Program Files\IrCOMM2k\irmon2k.exe C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\System32\svchost.exe c:\program files\internet explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\NMSSvc.exe C:\WINDOWS\regedit.exe C:\WINDOWS\system32\taskmgr.exe C:\Documents and Settings\OUASTI\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {45002861-ED0C-4AE0-9240-FF24D544DB41} - (no file) O2 - BHO: (no name) - {511F9316-771B-4953-A268-1C36DA667FE9} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\Paizhao.EXE O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Recovery.EXE O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [dptracker] C:\Program Files\DigitalPeers\CamTrack\dptracker.exe O4 - HKLM\..\Run: [avp] "C:\DOCUME~1\OUASTI\LOCALS~1\Temp\Rar$EX02.235\KAV_Portable_9.0.0.313_En\App\KAV9\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MediaDico] C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe Lancement O4 - HKCU\..\Run: [avpa] C:\WINDOWS\system32\avpo.exe O4 - HKCU\..\Run: [synapseUpdate] "C:\Program Files\Synapse Développement\Synapse Update\Synapse Update.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RESEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digimax Viewer 2.0.lnk = ? O4 - Global Startup: IrDA Monitor.lnk = C:\Program Files\IrCOMM2k\irmon2k.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Point&&Go - C:\Program Files\Fichiers communs\Expert System\PGPlatform\PGPlatform.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesfr.dll O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {11111111-1111-1111-1111-222222222222} - ms-its:mhtml:file://d:\foo.mht!http://www.sexyacademy.com//x.chm::/open.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5FD9726A-4977-449D-8352-25FDD8A510B5} - http://scripts.dlv4.com/binaries/egaccess4..._1067_em_XP.cab O16 - DPF: {82FC4503-8459-4239-9B85-0617BEAA950A} - http://es6-scripts.dlv4.com/binaries/egacc...ss4_1061_XP.cab O16 - DPF: {87C1805D-C5AE-4455-AB39-E245BB516136} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1059_XP.cab O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} - http://acceso.masminutos.com/laaplicacion.cab O16 - DPF: {A31D9A13-4C45-4DFB-8827-BA4F402D9C95} - http://es6-scripts.dlv4.com/binaries/egacc...ss4_1063_XP.cab O16 - DPF: {EFB23983-5803-4914-ADA3-C0EA2CFBDC37} - http://scripts.downloadv3.com/binaries/EGD...ESS_1072_XP.cab O16 - DPF: {FA1D6D8F-C6ED-4752-8512-A33283240130} - http://scripts.dlv4.com/binaries/egaccess4...ss4_1066_XP.cab O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 14840 bytes
- le 24 avril 2009
- 26 réponses

Connexion

ouasti

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par ouasti

infection

infection

infection

infection

infection

infection

infection

infection

infection

infection

infection

infection

infection

infection

infection

Zebulon

Outils en ligne

Naviguer