acces disque dur impossible [resolu]

[gat974]

bonjour, je tourne actuellement sous windows xp et depuis quelque jours j'ai remarqué que je n'arrivais plus a avoir accès a mes disques durs. quand je double-clique desssus, il me demande le programe a selectionner, comme un type de fichier non reconnu. le seul moyen etant: clique droit > explorer. meme problème lorsque je demarre en mode sans echec... j'ai bien essayé l'analyse avec un antivirus mais il ne trouve rien! quelqu'un pourrait-il m'aider svp??

Modifié le 20 mars 2009 par gat974

[BertrandB]

bonjour, je tourne actuellement sous windows xp et depuis quelque jours j'ai remarqué que je n'arrivais plus a avoir accès a mes disques durs. quand je double-clique desssus, il me demande le programe a selectionner, comme un type de fichier non reconnu. le seul moyen etant: clique droit > explorer. meme problème lorsque je demarre en mode sans echec... j'ai bien essayé l'analyse avec un antivirus mais il ne trouve rien! quelqu'un pourrait-il m'aider svp??

 

 

J'ai eu le même problème avec une clé usb. Widows xp m'annoncait un problème lié à "system volume information / restore"

 

Je n'ai pas creusé plus, j'ai sauvegardé mes fichiers et formaté ma clé. Il est évident que dans ton cas c'est plus complexe....

 

une piste par là: http://www.clubic.com/forum/logiciel-gener...2678-page1.html évoque un virus du nom de ravmon.log qui se cache dans les dossiers system volum information et se restaure tjrs

 

à suivre, et peut être un sujet à déplacer..

[maybe]

Hello Gat974,

 

ça peut effectivement être le signe d'une infection, mais pas toujours. Voir ce lien :

 

http://www.d2i.ch/pn/az/d.html#d015

[gat974]

non, desolé maybe, j'ai verifié la valeur des cles dans mon registre, modifié si besoin est, et le probleme persiste toujours... j'opte plutot pour la piste de bertrandB. j'ai telechargé kaspersky, ce dernier n'a rien trouvé, de meme avec avast, resultat identique...

[maybe]

Tu as enregistré la dll et redémarré ?

 

- Démarrer / Exécuter

- copier/coller regsvr32 /i shell32

- OK

[gat974]

oui, je l'ai enregistrée, redemarré mais rien a faire...

[BertrandB]

Re

 

a priori, le pb est une variante de nar.vbs, ou vbs/runauto.q

il y a un tuto de malekal là: http://www.malekal.com/Virus.VBS.Small.a.php mais un des outils semble inaccessible : sUBs Flash Disinfector

 

chez moi, il a été éradiqué par Norton 2009. Oui, je sais, norton n'a pas bonne réputation mais la version 2009, c'est le jour et la nuit par rapport aux précédentes: Léger et efficace, et en plus pas bien cher

 

@+

[maybe]

Poster un rapport RSIT. Un intervenant du forum sécurité pourra l'analyser.

 

http://forum.pcastuces.com/randoms_system_...rsit-f31s31.htm

[gat974]

pour le tuto de malekal qui m'a l'air interessant, je verrai un peu plus tard. en attendant, voici le rapport RSIT:

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by Utilisateur at 2009-03-19 11:08:02

Microsoft Windows XP Édition familiale Service Pack 3

System drive C: has 77 GB (77%) free of 100 GB

Total RAM: 3071 MB (81% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:09:00, on 19/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Documents and Settings\Utilisateur\Bureau\DVD Shrink 3.2.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Utilisateur\Bureau\RSIT.exe

C:\Program Files\trend micro\Utilisateur.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 195.115.031.129

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.115.031.129:8080

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini

O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [softwareHelper] C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\RunOnce: [NSSInstallation] C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe /RunOnce

O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1233212048187

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Service Google Update (gupdate1c98c21d42a5bc8) (gupdate1c98c21d42a5bc8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 9428 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job

C:\WINDOWS\tasks\NeroLiveEpgUpdate-GAT974_Utilisateur.job

C:\WINDOWS\tasks\NSSstub.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-29 455960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-05 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-05 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-05 73728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]

Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2009-02-10 245760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2009-02-10 245760]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-04-10 29757440]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432]

"nwiz"=nwiz.exe /install []

"WinSys2"=C:\WINDOWS\system32\winsys2.exe [2006-04-29 208896]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-05 136600]

"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-01-29 1234712]

"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]

"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]

"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]

"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]

"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]

"Framework Windows"=frmwrk32.exe []

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-06-28 81920]

"EoEngine"= []

"SoftwareHelper"=C:\Documents and Settings\Utilisateur\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2004-12-14 221184]

"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2004-12-14 458752]

"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2004-12-14 217088]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2006-08-05 108160]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NSSInstallation"=C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [2009-02-10 181624]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-07-10 397312]

"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="avgrsstx.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoSetActiveDesktop"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoSetActiveDesktop"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"

"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]

shell\Auto\command - fun.xls.exe

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

shell\Auto\command - fun.xls.exe

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62bfb69b-f83e-11dd-ad5d-002354500091}]

shell\AutoRun\command - H:\GM_213.exe

shell\readit\command - NOTEPAD.EXE README.TXT

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bf7fb14e-0bf3-11de-adb1-002354500091}]

shell\Auto\command - F:\fun.xls.exe

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

 

 

======List of files/folders created in the last 1 months======

 

2009-03-19 11:08:02 ----DC---- C:\rsit

2009-03-19 11:08:02 ----D---- C:\Program Files\trend micro

2009-03-18 18:01:27 ----A---- C:\WINDOWS\system32\write.exe

2009-03-18 18:01:20 ----A---- C:\WINDOWS\system32\sndvol32.exe

2009-03-18 18:01:20 ----A---- C:\WINDOWS\system32\hticons.dll

2009-03-18 18:01:20 ----A---- C:\WINDOWS\system32\avwav.dll

2009-03-18 18:01:20 ----A---- C:\WINDOWS\system32\avtapi.dll

2009-03-18 18:01:20 ----A---- C:\WINDOWS\system32\avmeter.dll

2009-03-18 18:01:19 ----A---- C:\WINDOWS\system32\winchat.exe

2009-03-18 18:01:15 ----A---- C:\WINDOWS\system32\getuname.dll

2009-03-18 18:01:14 ----A---- C:\WINDOWS\system32\winmine.exe

2009-03-18 18:01:14 ----A---- C:\WINDOWS\system32\sol.exe

2009-03-18 18:01:14 ----A---- C:\WINDOWS\system32\mshearts.exe

2009-03-18 18:01:14 ----A---- C:\WINDOWS\system32\charmap.exe

2009-03-18 18:01:14 ----A---- C:\WINDOWS\system32\calc.exe

2009-03-18 18:01:13 ----A---- C:\WINDOWS\system32\freecell.exe

2009-03-18 18:01:13 ----A---- C:\WINDOWS\system32\accwiz.exe

2009-03-18 18:01:12 ----A---- C:\WINDOWS\system32\sndrec32.exe

2009-03-18 18:01:12 ----A---- C:\WINDOWS\system32\mplay32.exe

2009-03-18 18:01:12 ----A---- C:\WINDOWS\system32\hypertrm.dll

2009-03-18 18:01:11 ----A---- C:\WINDOWS\system32\mspaint.exe

2009-03-18 18:01:11 ----A---- C:\WINDOWS\system32\clipbrd.exe

2009-03-18 18:01:10 ----A---- C:\WINDOWS\system32\spider.exe

2009-03-18 15:53:54 ----D---- C:\Program Files\Fichiers communs\PCSuite

2009-03-18 15:53:51 ----D---- C:\Program Files\Fichiers communs\Nokia

2009-03-18 15:53:03 ----A---- C:\WINDOWS\SoundConverter.INI

2009-03-18 15:52:57 ----SHDC---- C:\Config.Msi

2009-03-18 14:13:01 ----D---- C:\Program Files\ffdshow

2009-03-18 13:06:52 ----A---- C:\WINDOWS\UPGRADE.TXT

2009-03-18 13:06:51 ----D---- C:\WINDOWS\setup.pss

2009-03-17 18:56:13 ----D---- C:\WINDOWS\system32\LogFiles

2009-03-17 18:56:10 ----N---- C:\WINDOWS\system32\spmsg.dll

2009-03-17 18:56:06 ----HDC---- C:\WINDOWS\$NtUninstallWudf01005$

2009-03-17 18:55:29 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll

2009-03-17 18:55:24 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$

2009-03-17 18:50:40 ----D---- C:\Program Files\DIFX

2009-03-17 18:50:33 ----D---- C:\Program Files\PC Connectivity Solution

2009-03-17 18:50:19 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll

2009-03-17 18:50:19 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll

2009-03-17 18:49:01 ----DC---- C:\Documents and Settings\All Users\Application Data\Installations

2009-03-17 16:06:10 ----D---- C:\Program Files\QUAD Utilities

2009-03-16 20:10:08 ----D---- C:\Documents and Settings\Utilisateur\Application Data\fltk.org

2009-03-16 16:19:32 ----A---- C:\WINDOWS\system32\aswBoot.exe

2009-03-16 16:07:58 ----D---- C:\Program Files\Alwil Software

2009-03-16 15:07:49 ----DC---- C:\Documents and Settings\All Users\Application Data\eBay

2009-03-16 15:07:49 ----D---- C:\Documents and Settings\Utilisateur\Application Data\eBay

2009-03-16 15:00:03 ----D---- C:\Program Files\eBay

2009-03-16 14:18:16 ----AC---- C:\log.txt

2009-03-16 14:17:46 ----A---- C:\WINDOWS\pex.INI

2009-03-16 14:17:30 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Ulead Systems

2009-03-16 14:12:25 ----DC---- C:\Documents and Settings\All Users\Application Data\Ulead Systems

2009-03-16 14:06:18 ----A---- C:\WINDOWS\system32\JpegCode.dll

2009-03-16 14:06:18 ----A---- C:\WINDOWS\system32\CoachDlg.dll

2009-03-16 14:06:17 ----D---- C:\Program Files\Digital Camera

2009-03-16 14:06:17 ----A---- C:\WINDOWS\system32\CoachWrp.dll

2009-03-16 14:06:17 ----A---- C:\WINDOWS\system32\CoachSti.dll

2009-03-15 21:55:17 ----D---- C:\Documents and Settings\Utilisateur\Application Data\ScanSoft

2009-03-15 08:30:12 ----A---- C:\WINDOWS\system32\BASSMOD.dll

2009-03-15 08:25:34 ----DC---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab

2009-03-14 17:27:34 ----D---- C:\Program Files\Alcohol Soft

2009-03-09 17:46:44 ----A---- C:\WINDOWS\ClonyDrives.ini

2009-03-09 17:41:05 ----A---- C:\WINDOWS\Clony2.ini

2009-03-09 17:40:29 ----SH---- C:\WINDOWS\S7ABEA1AE.tmp

2009-03-09 17:40:18 ----D---- C:\Program Files\SlySoft

2009-03-08 11:34:32 ----A---- C:\WINDOWS\system32\ptpusd.dll

2009-03-08 11:34:32 ----A---- C:\WINDOWS\system32\ptpusb.dll

2009-03-07 15:46:19 ----D---- C:\Documents and Settings\Utilisateur\Application Data\MSNInstaller

2009-03-06 16:55:09 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Publish Providers

2009-03-06 16:55:09 ----D---- C:\Documents and Settings\Utilisateur\Application Data\NetMedia Providers

2009-03-06 16:49:37 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll

2009-03-06 16:49:37 ----N---- C:\WINDOWS\system32\dbmsgnet.dll

2009-03-06 16:49:18 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Sony

2009-03-06 16:49:13 ----DC---- C:\Documents and Settings\All Users\Application Data\Sony

2009-03-06 16:48:39 ----D---- C:\Program Files\Sony

2009-03-05 06:51:18 ----D---- C:\Program Files\Realtek

2009-03-04 13:26:11 ----D---- C:\Program Files\Avanquest update

2009-03-04 13:26:10 ----DC---- C:\Documents and Settings\All Users\Application Data\BVRP Software

2009-03-04 13:25:34 ----DC---- C:\Documents and Settings\All Users\Application Data\Sony Ericsson

2009-03-04 13:25:34 ----D---- C:\Program Files\Sony Ericsson

2009-03-03 18:42:21 ----D---- C:\Program Files\Microsoft.NET

2009-03-03 18:41:16 ----D---- C:\Program Files\MSXML 6.0

2009-03-03 18:39:53 ----D---- C:\Program Files\Microsoft SQL Server

2009-03-03 10:52:24 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Yahoo!

2009-03-03 10:50:57 ----D---- C:\Program Files\Yahoo!

2009-03-02 19:50:33 ----A---- C:\WINDOWS\_delis32.ini

2009-03-02 19:49:10 ----A---- C:\WINDOWS\IsUninst.exe

2009-03-02 19:41:18 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll

2009-03-02 19:41:18 ----RA---- C:\WINDOWS\system32\LVUI2.dll

2009-03-02 19:41:18 ----RA---- C:\WINDOWS\system32\lvcoinst.ini

2009-03-02 19:41:18 ----RA---- C:\WINDOWS\system32\lvcoinst.dll

2009-03-02 19:41:18 ----RA---- C:\WINDOWS\system32\lvcodec2.dll

2009-03-02 19:38:00 ----RA---- C:\WINDOWS\system32\InstMed.exe

2009-03-02 19:37:45 ----D---- C:\Program Files\Fichiers communs\Logitech

2009-03-02 19:37:33 ----A---- C:\WINDOWS\system32\Lvkrn12n.dll

2009-03-02 19:37:33 ----A---- C:\WINDOWS\system32\LCamCpl.dll

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL

2009-03-02 19:37:32 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\QCUI2.dll

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\Ltwvc12n.dll

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\ltkrn12n.dll

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\ltimg12n.dll

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\ltfil12n.DLL

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\ltefx12n.dll

2009-03-02 19:37:31 ----A---- C:\WINDOWS\system32\LTDIS12n.dll

2009-03-02 19:37:30 ----A---- C:\WINDOWS\system32\lftif12n.dll

2009-03-02 19:37:30 ----A---- C:\WINDOWS\system32\lffax12n.dll

2009-03-02 19:37:30 ----A---- C:\WINDOWS\system32\LFCMP12n.DLL

2009-03-02 19:37:30 ----A---- C:\WINDOWS\system32\lfbmp12n.dll

2009-03-02 19:37:29 ----A---- C:\WINDOWS\system32\LQCUI2.dll

2009-03-02 19:37:25 ----D---- C:\Program Files\Logitech

2009-03-02 19:25:05 ----RA---- C:\WINDOWS\mcs_vfw.dll

2009-03-02 19:25:04 ----RA---- C:\WINDOWS\mcs_core.dll

2009-03-02 19:21:40 ----A---- C:\WINDOWS\system32\LMRTREND.dll

2009-03-02 19:21:39 ----A---- C:\WINDOWS\system32\dxtmsft3.dll

2009-03-02 19:21:38 ----A---- C:\WINDOWS\system32\unam4ie.exe

2009-03-02 19:21:36 ----A---- C:\WINDOWS\system32\vidx16.dll

2009-03-02 19:21:36 ----A---- C:\WINDOWS\system32\qcut.dll

2009-03-02 19:21:35 ----A---- C:\WINDOWS\system32\w95inf32.dll

2009-03-02 19:21:35 ----A---- C:\WINDOWS\system32\w95inf16.dll

2009-03-02 19:20:10 ----A---- C:\WINDOWS\IsUn040c.exe

2009-03-02 19:19:56 ----D---- C:\Program Files\Real

2009-03-02 19:19:56 ----D---- C:\Program Files\Fichiers communs\Real

2009-03-02 19:19:19 ----A---- C:\WINDOWS\unvise32qt.exe

2009-03-02 19:19:03 ----D---- C:\Program Files\QuickTime

2009-03-02 19:18:23 ----A---- C:\WINDOWS\Ulead32.ini

2009-03-02 19:18:23 ----A---- C:\WINDOWS\Msdevctl.ini

2009-03-02 19:09:53 ----A---- C:\WINDOWS\system32\vfwwdm32.dll

2009-03-02 19:08:03 ----N---- C:\WINDOWS\Uninstall.exe

2009-03-02 19:08:03 ----N---- C:\WINDOWS\HAJEInstall.dll

2009-03-02 19:06:12 ----SHD---- C:\WINDOWS\ftpcache

2009-03-01 17:59:48 ----A---- C:\WINDOWS\pcfriend.INI

2009-03-01 15:18:49 ----A---- C:\WINDOWS\yesmessenger.ini

2009-03-01 15:17:30 ----A---- C:\WINDOWS\yes_messenger.ini

2009-03-01 10:55:15 ----A---- C:\WINDOWS\ODBC.INI

2009-03-01 10:54:39 ----D---- C:\Program Files\Microsoft Visual Studio

2009-03-01 10:54:39 ----D---- C:\Program Files\Fichiers communs\Designer

2009-03-01 10:54:33 ----HD---- C:\WINDOWS\ShellNew

2009-03-01 10:54:24 ----D---- C:\Program Files\Microsoft Office

2009-03-01 10:54:24 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft Web Folders

2009-03-01 10:42:09 ----D---- C:\Documents and Settings\Utilisateur\Application Data\InstallShield

2009-02-28 14:52:38 ----D---- C:\Program Files\AviSynth 2.5

2009-02-28 11:20:34 ----A---- C:\WINDOWS\ModemLog_Sony Ericsson Device 117 USB WMC Data Modem.txt

2009-02-28 06:51:11 ----A---- C:\WINDOWS\NeroDigital.ini

2009-02-28 06:50:50 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Nero

2009-02-28 06:39:50 ----A---- C:\WINDOWS\Irremote.ini

2009-02-28 06:37:59 ----D---- C:\Program Files\Windows Sidebar

2009-02-28 06:29:36 ----D---- C:\Program Files\Nero

2009-02-28 06:29:15 ----DC---- C:\Documents and Settings\All Users\Application Data\Nero

2009-02-28 06:29:15 ----D---- C:\Program Files\Fichiers communs\Nero

2009-02-26 18:25:28 ----D---- C:\Program Files\RivaTuner v2.24

2009-02-26 15:57:22 ----D---- C:\Program Files\AVSMedia

2009-02-24 19:52:13 ----D---- C:\Program Files\AVS4YOU

2009-02-23 19:31:08 ----D---- C:\Documents and Settings\Utilisateur\Application Data\DeepBurner

2009-02-23 19:25:58 ----D---- C:\Program Files\Astonsoft

2009-02-23 14:08:18 ----A---- C:\WINDOWS\ntbtlog.txt

2009-02-21 16:29:37 ----D---- C:\Program Files\WinASPI

2009-02-21 14:28:07 ----D---- C:\Documents and Settings\Utilisateur\Application Data\DAEMON Tools Pro

2009-02-21 14:28:07 ----D---- C:\Documents and Settings\Utilisateur\Application Data\DAEMON Tools

2009-02-21 14:26:37 ----DC---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite

2009-02-21 14:26:29 ----D---- C:\Program Files\DAEMON Tools Lite

2009-02-21 14:22:16 ----D---- C:\Documents and Settings\Utilisateur\Application Data\DAEMON Tools Lite

 

======List of files/folders modified in the last 1 months======

 

2009-03-19 11:08:02 ----D---- C:\Program Files

2009-03-19 11:07:46 ----A---- C:\WINDOWS\ModemLog_Nokia N70 USB Modem.txt

2009-03-19 11:07:40 ----D---- C:\Documents and Settings\Utilisateur\Application Data\TeraCopy

2009-03-19 11:03:27 ----D---- C:\Program Files\Mozilla Firefox

2009-03-19 10:59:07 ----D---- C:\WINDOWS\Temp

2009-03-19 09:01:30 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-03-19 08:37:36 ----D---- C:\WINDOWS\system32\CatRoot2

2009-03-19 08:33:01 ----D---- C:\Program Files\Free Belote

2009-03-18 19:38:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2009-03-18 18:07:59 ----D---- C:\WINDOWS\security

2009-03-18 18:01:36 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-03-18 18:01:33 ----D---- C:\WINDOWS\system32

2009-03-18 18:01:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-03-18 18:01:29 ----D---- C:\WINDOWS\Help

2009-03-18 18:01:24 ----D---- C:\WINDOWS\Cursors

2009-03-18 18:01:20 ----D---- C:\Program Files\Windows NT

2009-03-18 18:01:16 ----D---- C:\WINDOWS

2009-03-18 15:54:12 ----HD---- C:\WINDOWS\inf

2009-03-18 15:54:07 ----SHD---- C:\WINDOWS\Installer

2009-03-18 15:53:54 ----D---- C:\Program Files\Fichiers communs

2009-03-18 15:53:52 ----D---- C:\Program Files\Nokia

2009-03-18 15:53:03 ----D---- C:\Documents and Settings\Utilisateur\Application Data\PC Suite

2009-03-18 15:46:05 ----DC---- C:\WINDOWS\system32\DRVSTORE

2009-03-18 13:03:05 ----A---- C:\WINDOWS\imsins.BAK

2009-03-17 18:56:17 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2009-03-17 18:56:12 ----D---- C:\WINDOWS\system32\drivers

2009-03-17 18:55:50 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite

2009-03-17 18:51:11 ----D---- C:\Documents and Settings\All Users\Application Data\Downloaded Installations

2009-03-17 18:04:45 ----A---- C:\WINDOWS\ModemLog_Nokia N70 USB Modem #4.txt

2009-03-17 18:01:19 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2009-03-17 14:37:14 ----HD---- C:\Program Files\InstallShield Installation Information

2009-03-17 07:26:07 ----D---- C:\WINDOWS\system32\config

2009-03-16 17:09:15 ----HDC---- C:\$AVG8.VAULT$

2009-03-16 14:16:00 ----RSD---- C:\WINDOWS\Fonts

2009-03-16 14:15:57 ----D---- C:\WINDOWS\system32\CatRoot

2009-03-16 14:06:17 ----D---- C:\WINDOWS\twain_32

2009-03-16 14:05:13 ----D---- C:\WINDOWS\Prefetch

2009-03-14 15:15:52 ----D---- C:\Documents and Settings\Utilisateur\Application Data\dvdcss

2009-03-13 16:03:32 ----D---- C:\Program Files\Neodivx

2009-03-10 18:54:03 ----SHD---- C:\System Volume Information

2009-03-10 18:54:03 ----D---- C:\WINDOWS\system32\Restore

2009-03-10 17:51:31 ----D---- C:\Program Files\Windows Live

2009-03-07 19:46:18 ----D---- C:\WINDOWS\nview

2009-03-07 14:40:24 ----D---- C:\Program Files\MSN

2009-03-07 14:23:07 ----A---- C:\Documents and Settings\Utilisateur\Application Data\AutoGK.ini

2009-03-07 02:03:02 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink

2009-03-06 16:49:37 ----HD---- C:\Program Files\Uninstall Information

2009-03-06 16:49:15 ----RSD---- C:\WINDOWS\assembly

2009-03-06 16:30:12 ----D---- C:\Program Files\WinRAR

2009-03-05 06:50:30 ----A---- C:\WINDOWS\Ascd_tmp.ini

2009-03-04 14:13:19 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller

2009-03-04 12:45:33 ----D---- C:\Program Files\AskTBar

2009-03-03 18:57:06 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-03-03 18:55:48 ----SD---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft

2009-03-03 18:42:20 ----D---- C:\WINDOWS\WinSxS

2009-03-03 18:40:25 ----D---- C:\WINDOWS\Microsoft.NET

2009-03-03 18:40:18 ----D---- C:\WINDOWS\Registration

2009-03-02 20:25:15 ----D---- C:\Program Files\VIA

2009-03-02 19:31:14 ----D---- C:\WINDOWS\system

2009-03-02 19:21:40 ----D---- C:\Program Files\Windows Media Player

2009-03-02 19:19:18 ----D---- C:\Program Files\Internet Explorer

2009-03-02 19:16:37 ----D---- C:\Program Files\Fichiers communs\InstallShield

2009-03-02 19:02:41 ----A---- C:\WINDOWS\ModemLog_Nokia N70 USB Modem #3.txt

2009-03-01 10:54:56 ----A---- C:\WINDOWS\vbaddin.ini

2009-03-01 10:54:46 ----A---- C:\WINDOWS\win.ini

2009-03-01 10:54:35 ----D---- C:\Program Files\Fichiers communs\System

2009-03-01 10:54:18 ----D---- C:\WINDOWS\msapps

2009-03-01 10:54:18 ----D---- C:\Program Files\microsoft frontpage

2009-02-28 19:23:47 ----D---- C:\Program Files\Google

2009-02-28 16:18:46 ----D---- C:\Documents and Settings\Utilisateur\Application Data\Skype

2009-02-28 16:15:01 ----D---- C:\Documents and Settings\Utilisateur\Application Data\skypePM

2009-02-28 14:41:42 ----D---- C:\Program Files\Fichiers communs\AVSMedia

2009-02-28 14:37:20 ----D---- C:\Documents and Settings\All Users\Application Data\Google

2009-02-28 14:34:57 ----D---- C:\Program Files\Pinnacle

2009-02-28 07:43:21 ----SD---- C:\WINDOWS\Tasks

2009-02-23 14:08:43 ----DC---- C:\Documents and Settings

2009-02-21 18:42:31 ----D---- C:\Documents and Settings\Utilisateur\Application Data\AVS4YOU

2009-02-21 14:01:57 ----D---- C:\Documents and Settings\Utilisateur\Application Data\EoRezo

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2006-08-05 24304]

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2006-08-05 36176]

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-01-29 97928]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-01-29 26824]

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]

R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]

R2 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]

R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2006-08-05 87424]

R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-01-29 76040]

R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2006-08-05 16352]

R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]

R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2004-10-11 22016]

R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]

R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288]

R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

R3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-09-15 17664]

R3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-09-15 22016]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]

R3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]

R3 PID_0928;Labtec WebCam(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2004-10-11 211712]

R3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]

R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-02-14 222976]

R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]

S3 a3xl083b;a3xl083b; C:\WINDOWS\system32\drivers\a3xl083b.sys []

S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]

S3 CamAv;SAMSUNG Video Capture; C:\WINDOWS\System32\Drivers\CamAv.sys []

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24\RivaTuner32.sys []

S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-05-19 108032]

S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]

S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]

S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]

S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]

S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]

S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]

S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2006-08-05 59008]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2006-08-05 108160]

R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-29 875288]

R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-29 231704]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-05 152984]

R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716]

R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2006-08-05 251520]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2006-08-05 370304]

S2 gupdate1c98c21d42a5bc8;Service Google Update (gupdate1c98c21d42a5bc8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-29 138168]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]

S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]

S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]

S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

-----------------EOF-----------------

[maybe]

Il y a de quoi faire. Attends qu'un intervenant du forum sécurité te guide pour désinfecter ton pc.