LE NEWSMAGAZINE Nº1 DES NOUVELLES TECHNOLOGIES
1122 utilisateurs connectés
money 2002
bip41
le 27 juin 2009 à 09h11
bonjour,
j'utilise money 2002 depuis 4 ans, je l'ai intaller avec vista tout marche bien mais j'ai un petit soucis avec une pub pour "symphonie-vie" qui apparait très souvent et je ne peux rien faire si je ne ferme pas cet écran de pub.
comment faire pour enlever cette pub
merci pour une réponse
j'utilise money 2002 depuis 4 ans, je l'ai intaller avec vista tout marche bien mais j'ai un petit soucis avec une pub pour "symphonie-vie" qui apparait très souvent et je ne peux rien faire si je ne ferme pas cet écran de pub.
comment faire pour enlever cette pub
merci pour une réponse
répondre
fml
le 28 juin 2009 à 15h33
Ton titre ne résume pas suffisamment ton problème (pour plus d'explications, voir ICI).
Merci de bien vouloir le corriger au plus vite en cliquant sur le bouton "éditer" de ton premier message.
-->Message édité par fml le 28/06/2009 15:34:18<--
bernard53
le 28 juin 2009 à 18h06
Télécharge OAD.exe
2 Lancez OAD.exe en faisant un double clique sur le fichier
![[:fml:8]](/data/globaldata/usmilies/fml-8.gif "[:fml:8]")
Pour VISTA : Fais un Clic-droit et choisis "Exécuter en tant qu'administrateur".
3 saisissez la valeur recherchée : symphonie-vie (si cela est la bonne inscription)
4 Choisissez le type de recherche à effectuer : choisir complète
5 Laissez le travailler
6 Affichage du rapport : faire un copier-coller et le poster.
Regarde a la racine de C: \ pour le rapport au besoin: resultat.txt
-->Message édité par bernard53 le 28/06/2009 18:06:55<--
bip41
le 04 juillet 2009 à 12h00
bonjour,
je t'envoi le résultat de la recherche et à mon grand désespoir, aucun fichier.
04/07/2009 ---- 11:50:00,90
----------------------------------
§§§§§§ [symphonis-vie] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
Aucune entrée détectée
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
je t'envoi le résultat de la recherche et à mon grand désespoir, aucun fichier.
04/07/2009 ---- 11:50:00,90
----------------------------------
§§§§§§ [symphonis-vie] §§§§§§
----------------------------------
[X] Registre
-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete
********************
[Registre]
********************
Aucune entrée détectée
*******************
[Fichier]
*******************
*********************
[Même date]
*********************
Aucun fichier créé à la même date détecté
bernard53
le 04 juillet 2009 à 13h02
fait ceci.
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau:
Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer:
Pour VISTA :
Clic-droit et choisis "Exécuter en tant qu'administrateur".
Ensuite :
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Le rapport va se créer. Pour le mettre sur le forum.
Tout sélectionner : CRTL+ A
Tout copier : CRTL+ C
Tout coller : CRTL+ V
Vous pouvez, une fois posté, le fermer. Ce rapport s’appelle.log.txt
Le rapport est sauvegardé à la racine du disque: C:\rsit\info.txt et C:\rsit\log.txt
fml
le 05 juillet 2009 à 23h04
Merci de bien vouloir corriger ton titre SVP.
bip41
le 08 aout 2009 à 17h04
Logfile of random's system information tool 1.06 (written by random/random)
Run by Andre at 2009-08-08 16:59:08
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 13 GB (18%) free of 70 GB
Total RAM: 2037 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59:47, on 08/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Divers\POP Peeper\POPPeeper.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Divers\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\Andre\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Andre.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar3.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
O3 - Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar3.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_SAF72.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\Divers\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\Divers\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: FreshDownload - {07CC7F05-1D78-4347-AFB4-718D64FA43D0} - C:\Program Files\Divers\FreshDownload\fd.exe (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\Divers\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11244 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\User_Feed_Synchronization-{C221EAB5-0C91-4F5B-A7FF-2BB0E7E40658}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar3.dll [2008-07-17 279944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
C:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 143420]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
{CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - MEDIADICO Familial - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll [2007-06-09 811008]
{ED0E8CA5-42FB-4B18-997B-769E0408E79D}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar3.dll [2008-07-17 279944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"VistaStartMenu"=C:\Program Files\Vista Start Menu\VistaStartMenu.exe [2009-04-13 2171392]
"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]
"POP Peeper"=C:\Program Files\Divers\POP Peeper\POPPeeper.exe [2009-01-22 1470464]
"SUPERAntiSpyware"=C:\Program Files\Divers\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-08-08 1830128]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egrkhsnprz]
[]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\Divers\SUPERAntiSpyware\SASWINLO.DLL [2008-12-31 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\Divers\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{448586e8-98ec-11dd-9d9e-0016d4f08416}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e1d3d5-b394-11dc-84d7-0016d4f08416}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-08-08 16:59:11 ----D---- C:\Program Files\trend micro
2009-08-08 16:59:08 ----D---- C:\rsit
2009-08-08 16:36:14 ----A---- C:\Windows\isRS-000.tmp
2009-07-29 21:24:30 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 21:24:28 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 21:24:27 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 21:24:27 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 21:24:26 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 21:24:26 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 21:24:25 ----A---- C:\Windows\system32\occache.dll
2009-07-29 21:24:25 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 21:24:23 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 21:24:22 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 21:24:22 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 21:24:22 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 21:24:22 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-26 11:53:42 ----HD---- C:\Program Files\InstallJammer Registry
2009-07-26 11:53:00 ----D---- C:\Program Files\Virtual AGC
2009-07-23 14:19:16 ----D---- C:\ProgramData\DAUSSY Dominique
2009-07-20 17:08:16 ----D---- C:\Program Files\Safer Networking
2009-07-20 16:48:39 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-18 10:10:54 ----A---- C:\Windows\system32\t2embed.dll
2009-07-18 10:10:53 ----A---- C:\Windows\system32\fontsub.dll
2009-07-18 10:10:53 ----A---- C:\Windows\system32\dciman32.dll
2009-07-18 10:10:53 ----A---- C:\Windows\system32\atmfd.dll
======List of files/folders modified in the last 1 months======
2009-08-08 16:59:16 ----D---- C:\Windows\Temp
2009-08-08 16:59:11 ----D---- C:\Program Files
2009-08-08 16:58:07 ----D---- C:\Windows\Internet Logs
2009-08-08 16:43:13 ----D---- C:\Program Files\AskBarDis
2009-08-08 16:42:58 ----D---- C:\Windows\Tasks
2009-08-08 16:42:57 ----D---- C:\Program Files\Glary Utilities
2009-08-08 16:39:50 ----D---- C:\Windows
2009-08-08 16:39:48 ----D---- C:\Windows\SMINST
2009-08-08 16:33:49 ----SHD---- C:\System Volume Information
2009-08-08 16:25:52 ----D---- C:\ProgramData\is-M313K
2009-08-08 16:25:52 ----D---- C:\ProgramData\is-29T9E
2009-08-07 12:04:27 ----D---- C:\Users\Andre\AppData\Roaming\Vista Start Menu
2009-08-06 16:32:55 ----SHD---- C:\Windows\Installer
2009-08-06 16:32:52 ----D---- C:\Program Files\Jeux
2009-08-06 16:08:18 ----D---- C:\Program Files\Divers
2009-08-04 17:20:30 ----D---- C:\Windows\System32
2009-08-04 17:20:30 ----D---- C:\Windows\inf
2009-08-04 17:20:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-04 10:29:06 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-04 08:27:36 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-01 11:37:38 ----D---- C:\Windows\system32\migration
2009-08-01 11:37:38 ----D---- C:\Program Files\Internet Explorer
2009-08-01 10:26:50 ----D---- C:\Windows\winsxs
2009-07-30 21:29:43 ----D---- C:\Windows\system32\catroot2
2009-07-29 22:04:50 ----D---- C:\Windows\system32\drivers
2009-07-29 21:20:27 ----D---- C:\Windows\system32\catroot
2009-07-23 14:19:16 ----D---- C:\ProgramData
2009-07-20 17:03:15 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-07-18 16:44:55 ----D---- C:\Users\Andre\AppData\Roaming\Wormux
2009-07-18 10:19:38 ----D---- C:\Program Files\Windows Mail
2009-07-18 10:19:32 ----D---- C:\ProgramData\Microsoft Help
2009-07-09 14:58:19 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\Divers\SUPERAntiSpyware\SASKUTIL.sys [2009-08-08 74480]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-02-16 50176]
R3 SASENUM;SASENUM; \??\C:\Program Files\Divers\SUPERAntiSpyware\SASENUM.SYS [2008-05-13 7408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 as6eio;as6eio; C:\Windows\System32\drivers\as6eio.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\Divers\SUPERAntiSpyware\SASDIFSV.SYS [2009-03-27 9968]
S2 GT680x;USB Flatbed Scanner; C:\Windows\System32\Drivers\GT680x.SYS [2000-11-17 17168]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-02-22 159232]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2007-02-07 1786880]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 ultradfg;ultradfg; C:\Windows\System32\DRIVERS\ultradfg.sys [2008-10-02 24576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-19 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-01-19 131000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-02-22 104960]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 ezntsvc;EasyBits Magic Desktop Services for Windows NT; C:\Windows\system32\ezNTSvc.exe [2007-08-03 33792]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-08-18 69120]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-16 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-04-25 1174664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-12-11 355584]
-----------------EOF-----------------
je t'envoi le résultat de la recherche et à mon grand désespoir, aucun fichier.
04/07/2009 ---- 11:50:00,90
----------------------------------
§§§§§§ [symphonis-vie] §§§§§§
----------------------------------
[x] registre
-------------- [ ] rapide
-- fichier --- [ ] disque systeme
------------- [x] complete
********************
[registre]
********************
aucune entrée détectée
*******************
[fichier]
*******************
*********************
[même date]
*********************
aucun fichier créé à la même date détecté
Run by Andre at 2009-08-08 16:59:08
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 13 GB (18%) free of 70 GB
Total RAM: 2037 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59:47, on 08/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Divers\POP Peeper\POPPeeper.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Divers\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\Andre\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Andre.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c(...)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar3.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
O3 - Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar3.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_SAF72.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\Divers\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\Divers\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: FreshDownload - {07CC7F05-1D78-4347-AFB4-718D64FA43D0} - C:\Program Files\Divers\FreshDownload\fd.exe (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\Divers\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11244 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\Maintenance en 1 clic.job
C:\Windows\tasks\User_Feed_Synchronization-{C221EAB5-0C91-4F5B-A7FF-2BB0E7E40658}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar3.dll [2008-07-17 279944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
EoBho Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
C:\Program Files\Microsoft Money\System\mnyviewer.dll [2001-07-25 143420]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
{CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - MEDIADICO Familial - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll [2007-06-09 811008]
{ED0E8CA5-42FB-4B18-997B-769E0408E79D}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar3.dll [2008-07-17 279944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"VistaStartMenu"=C:\Program Files\Vista Start Menu\VistaStartMenu.exe [2009-04-13 2171392]
"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]
"POP Peeper"=C:\Program Files\Divers\POP Peeper\POPPeeper.exe [2009-01-22 1470464]
"SUPERAntiSpyware"=C:\Program Files\Divers\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-08-08 1830128]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-08 251240]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egrkhsnprz]
[]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\Divers\SUPERAntiSpyware\SASWINLO.DLL [2008-12-31 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\Divers\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{448586e8-98ec-11dd-9d9e-0016d4f08416}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e1d3d5-b394-11dc-84d7-0016d4f08416}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-08-08 16:59:11 ----D---- C:\Program Files\trend micro
2009-08-08 16:59:08 ----D---- C:\rsit
2009-08-08 16:36:14 ----A---- C:\Windows\isRS-000.tmp
2009-07-29 21:24:30 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 21:24:28 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 21:24:27 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 21:24:27 ----A---- C:\Windows\system32\iertutil.dll
2009-07-29 21:24:26 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 21:24:26 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-29 21:24:25 ----A---- C:\Windows\system32\occache.dll
2009-07-29 21:24:25 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-29 21:24:23 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-29 21:24:23 ----A---- C:\Windows\system32\iepeers.dll
2009-07-29 21:24:22 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-29 21:24:22 ----A---- C:\Windows\system32\iesetup.dll
2009-07-29 21:24:22 ----A---- C:\Windows\system32\iernonce.dll
2009-07-29 21:24:22 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-26 11:53:42 ----HD---- C:\Program Files\InstallJammer Registry
2009-07-26 11:53:00 ----D---- C:\Program Files\Virtual AGC
2009-07-23 14:19:16 ----D---- C:\ProgramData\DAUSSY Dominique
2009-07-20 17:08:16 ----D---- C:\Program Files\Safer Networking
2009-07-20 16:48:39 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-18 10:10:54 ----A---- C:\Windows\system32\t2embed.dll
2009-07-18 10:10:53 ----A---- C:\Windows\system32\fontsub.dll
2009-07-18 10:10:53 ----A---- C:\Windows\system32\dciman32.dll
2009-07-18 10:10:53 ----A---- C:\Windows\system32\atmfd.dll
======List of files/folders modified in the last 1 months======
2009-08-08 16:59:16 ----D---- C:\Windows\Temp
2009-08-08 16:59:11 ----D---- C:\Program Files
2009-08-08 16:58:07 ----D---- C:\Windows\Internet Logs
2009-08-08 16:43:13 ----D---- C:\Program Files\AskBarDis
2009-08-08 16:42:58 ----D---- C:\Windows\Tasks
2009-08-08 16:42:57 ----D---- C:\Program Files\Glary Utilities
2009-08-08 16:39:50 ----D---- C:\Windows
2009-08-08 16:39:48 ----D---- C:\Windows\SMINST
2009-08-08 16:33:49 ----SHD---- C:\System Volume Information
2009-08-08 16:25:52 ----D---- C:\ProgramData\is-M313K
2009-08-08 16:25:52 ----D---- C:\ProgramData\is-29T9E
2009-08-07 12:04:27 ----D---- C:\Users\Andre\AppData\Roaming\Vista Start Menu
2009-08-06 16:32:55 ----SHD---- C:\Windows\Installer
2009-08-06 16:32:52 ----D---- C:\Program Files\Jeux
2009-08-06 16:08:18 ----D---- C:\Program Files\Divers
2009-08-04 17:20:30 ----D---- C:\Windows\System32
2009-08-04 17:20:30 ----D---- C:\Windows\inf
2009-08-04 17:20:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-04 10:29:06 ----D---- C:\Program Files\Microsoft Silverlight
2009-08-04 08:27:36 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-01 11:37:38 ----D---- C:\Windows\system32\migration
2009-08-01 11:37:38 ----D---- C:\Program Files\Internet Explorer
2009-08-01 10:26:50 ----D---- C:\Windows\winsxs
2009-07-30 21:29:43 ----D---- C:\Windows\system32\catroot2
2009-07-29 22:04:50 ----D---- C:\Windows\system32\drivers
2009-07-29 21:20:27 ----D---- C:\Windows\system32\catroot
2009-07-23 14:19:16 ----D---- C:\ProgramData
2009-07-20 17:03:15 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-07-18 16:44:55 ----D---- C:\Users\Andre\AppData\Roaming\Wormux
2009-07-18 10:19:38 ----D---- C:\Program Files\Windows Mail
2009-07-18 10:19:32 ----D---- C:\ProgramData\Microsoft Help
2009-07-09 14:58:19 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\Divers\SUPERAntiSpyware\SASKUTIL.sys [2009-08-08 74480]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-02-16 50176]
R3 SASENUM;SASENUM; \??\C:\Program Files\Divers\SUPERAntiSpyware\SASENUM.SYS [2008-05-13 7408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 as6eio;as6eio; C:\Windows\System32\drivers\as6eio.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\Divers\SUPERAntiSpyware\SASDIFSV.SYS [2009-03-27 9968]
S2 GT680x;USB Flatbed Scanner; C:\Windows\System32\Drivers\GT680x.SYS [2000-11-17 17168]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-02-22 159232]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2007-02-07 1786880]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 ultradfg;ultradfg; C:\Windows\System32\DRIVERS\ultradfg.sys [2008-10-02 24576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-19 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-01-19 131000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-03-19 607576]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-02-22 104960]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 ezntsvc;EasyBits Magic Desktop Services for Windows NT; C:\Windows\system32\ezNTSvc.exe [2007-08-03 33792]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-04-08 92008]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-08-18 69120]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-16 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-04-25 1174664]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-12-11 355584]
-----------------EOF-----------------
bip41 a écrit :
bonjour, je t'envoi le résultat de la recherche et à mon grand désespoir, aucun fichier.
04/07/2009 ---- 11:50:00,90
----------------------------------
§§§§§§ [symphonis-vie] §§§§§§
----------------------------------
[x] registre
-------------- [ ] rapide
-- fichier --- [ ] disque systeme
------------- [x] complete
********************
[registre]
********************
aucune entrée détectée
*******************
[fichier]
*******************
*********************
[même date]
*********************
aucun fichier créé à la même date détecté
bernard53
le 08 aout 2009 à 17h53
Dans un premier temps ceci.
Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O3 - Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - (no file)
O9 - Extra button: FreshDownload - {07CC7F05-1D78-4347-AFB4-718D64FA43D0} - C:\Program Files\Divers\FreshDownload\fd.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
** Télécharge ToolBar-S&D (D'Angeldark, Sham_Rock & XmichouX) sur ton bureau.
Double-clique sur l'icône
afin de lancer l’installation. Une fois installé, un raccourci
sera ajouté sur le Bureau. Double-clique dessus pour démarrer l’outil. dans la fenêtre qui s'ouvre, pour le langue tape "F" >> Appuis un fois sur la touche "entrer"
dans la fenêtre qui s'ouvre fais le choix N°2 (Suppression) >> Appuis une fois sur la touche "entrer"
Patiente jusqu'à la fin de la recherche >> Sauvegarde le rapport qui s'ouvre à la fin du scan sur ton bureau et poste le dans ta prochaine réponse stp...
** Poste le rapport généré : (C:\TB.txt)
Ensuite ceci:
Télécharge >>OTM<< (de Old_Timer) sur ton Bureau.
>> Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".
>> AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.
Double-clique sur OTM pour le lancer.
Copie la liste qui se trouve en citation ci-dessous:
:Processes
:Services
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
:Files
:Commands
[purity]
[emptytemp]
[Reboot]
et colle-la dans le cadre de gauche de OTM sous ceci:
Clique sur
pour lancer la suppression. attendre la fin du travail de l'outil puis fermer OTM
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTM\MovedFiles\06092009_130526.log "Exemple"
NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.
Ensuite ceci:
Démarrer IE8-->>Outils-->>Options Internet-->>Onglet avancé-->>REINITIALISER
Dis moi après si cette fois tout va!
bip41
le 08 aout 2009 à 18h09
à la relance de HijackThis je n'ai aucune question,donc pas de séléction possible il démare et cré une nouvelle page log ?
run by andre at 2009-08-08 16:59:08
microsoft® windows vista™ édition familiale basique service pack 1
system drive c: has 13 gb (18%) free of 70 gb
total ram: 2037 mb (46% free)
logfile of trend micro hijackthis v2.0.2
scan saved at 16:59:47, on 08/08/2009
platform: windows vista sp1 (winnt 6.00.1905)
msie: internet explorer v8.00 (8.00.6001.18813)
boot mode: normal
running processes:
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\windows\system32\taskeng.exe
c:\program files\zone labs\zonealarm\zlclient.exe
c:\windows\system32\igfxtray.exe
c:\windows\system32\hkcmd.exe
c:\windows\system32\igfxpers.exe
c:\program files\synaptics\syntp\syntpstart.exe
c:\program files\alwil software\avast4\ashdisp.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\vista start menu\vistastartmenu.exe
c:\program files\divers\pop peeper\poppeeper.exe
c:\program files\tomtom home 2\tomtomhomerunner.exe
c:\program files\spybot - search & destroy\teatimer.exe
c:\program files\orange\logiciel de synchronisation orange\voxsync.exe
c:\program files\windows media player\wmpnscfg.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\orange\logiciel de synchronisation orange\syncmanager.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\microsoft office\office11\outlook.exe
c:\program files\synaptics\syntp\syntpenh.exe
c:\program files\divers\superantispyware\superantispyware.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\windows live\toolbar\wltuser.exe
c:\windows\system32\taskeng.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\macromed\flash\flashutil10b.exe
c:\users\andre\desktop\rsit.exe
c:\windows\system32\searchfilterhost.exe
c:\program files\trend micro\andre.exe
r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hkcu\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hkcu\software\microsoft\internet explorer\main,start page = http://www.orange.fr/
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=fr_fr&c(...)
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\software\microsoft\internet explorer\main,start page = http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=fr_fr&c(...)
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: askbar bho - {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askbar3.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\sdhelper.dll
o2 - bho: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
o2 - bho: eorezobho - {64f56fc1-1272-44cd-ba6e-39723696e350} - (no file)
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: programme d'aide de l'assistant de connexion windows live id - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
o2 - bho: (no name) - {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - c:\program files\microsoft money\system\mnyviewer.dll
o3 - toolbar: &google - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
o3 - toolbar: mediadico familial - {cedda62b-5fbe-4ab2-ae2e-5e069f444444} - c:\program files\laventure\mdtoolbar\mdtoolbar.dll
o3 - toolbar: (no name) - {ed0e8ca5-42fb-4b18-997b-769e0408e79d} - (no file)
o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
o3 - toolbar: ask toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askbar3.dll
o4 - hklm\..\run: [zonealarm client] "c:\program files\zone labs\zonealarm\zlclient.exe"
o4 - hklm\..\run: [igfxtray] c:\windows\system32\igfxtray.exe
o4 - hklm\..\run: [hotkeyscmds] c:\windows\system32\hkcmd.exe
o4 - hklm\..\run: [persistence] c:\windows\system32\igfxpers.exe
o4 - hklm\..\run: [syntpstart] c:\program files\synaptics\syntp\syntpstart.exe
o4 - hklm\..\run: [avast!] c:\progra~1\alwils~1\avast4\ashdisp.exe
o4 - hklm\..\run: [sunjavaupdatesched] "c:\program files\java\jre6\bin\jusched.exe"
o4 - hklm\..\run: [adobe reader speed launcher] "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
o4 - hklm\..\runonce: [launcher] %windir%\sminst\launcher.exe
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [vistastartmenu] "c:\program files\vista start menu\vistastartmenu.exe"
o4 - hkcu\..\run: [epson stylus dx7400 series] c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe /fu "c:\windows\temp\e_saf72.tmp" /ef "hkcu"
o4 - hkcu\..\run: [pop peeper] "c:\program files\divers\pop peeper\poppeeper.exe" -min
o4 - hkcu\..\run: [superantispyware] c:\program files\divers\superantispyware\superantispyware.exe
o4 - hkcu\..\run: [tomtomhome.exe] "c:\program files\tomtom home 2\tomtomhomerunner.exe" -s
o4 - hkcu\..\run: [spybotsd teatimer] c:\program files\spybot - search & destroy\teatimer.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'service local')
o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'service local')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'service réseau')
o4 - hkus\s-1-5-18\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background (user 'system')
o4 - hkus\.default\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background (user 'default user')
o4 - global startup: logiciel de synchronisation orange.lnk = ?
o8 - extra context menu item: add to google photos screensa&ver - res://c:\windows\system32\gphotos.scr/200
o8 - extra context menu item: add to windows &live favorites - http://favorites.live.com/quickadd.aspx
o8 - extra context menu item: e&xporter vers microsoft excel - res://c:\progra~1\micros~3\office12\excel.exe/3000
o9 - extra button: freshdownload - {07cc7f05-1d78-4347-afb4-718d64fa43d0} - c:\program files\divers\freshdownload\fd.exe (file missing)
o9 - extra button: ajout direct - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &ajout direct dans windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: recherche - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~3\office11\refiebar.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search && destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
o9 - extra button: moneyside - {e023f504-0c5a-4750-a1e7-a9046dea8a21} - c:\program files\microsoft money\system\mnyviewer.dll
o13 - gopher prefix:
o20 - winlogon notify: !saswinlogon - c:\program files\divers\superantispyware\saswinlo.dll
o23 - service: ad-aware 2007 service (aawservice) - lavasoft - c:\program files\lavasoft\ad-aware 2007\aawservice.exe
o23 - service: arcsoft connect daemon (acdaemon) - arcsoft inc. - c:\program files\common files\arcsoft\connection service\bin\acservice.exe
o23 - service: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\aswupdsv.exe
o23 - service: avast! antivirus - alwil software - c:\program files\alwil software\avast4\ashserv.exe
o23 - service: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\ashmaisv.exe
o23 - service: avast! web scanner - alwil software - c:\program files\alwil software\avast4\ashwebsv.exe
o23 - service: boonty games - boonty - c:\program files\common files\boonty shared\service\boonty.exe
o23 - service: com4qlb - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe
o23 - service: easybits magic desktop services for windows nt (ezntsvc) - easybits software corp. - c:\windows\system32\ezntsvc.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: hp health check service - hewlett-packard - c:\program files\hewlett-packard\hp health check\hphc_service.exe
o23 - service: hpqwmiex - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\shared\hpqwmiex.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - c:\program files\common files\lightscribe\lssrvc.exe
o23 - service: planificateur liveupdate automatique - unknown owner - c:\program files\symantec\liveupdate\aluschedulersvc.exe (file missing)
o23 - service: roxmediadb9 - sonic solutions - c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe
o23 - service: servicelayer - nokia. - c:\program files\pc connectivity solution\servicelayer.exe
o23 - service: stllssvr - microvision development, inc. - c:\program files\common files\surething shared\stllssvr.exe
o23 - service: symantec core lc - symantec corporation - c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe
o23 - service: tomtomhomeservice - tomtom - c:\program files\tomtom home 2\tomtomhomeservice.exe
o23 - service: @%systemroot%\system32\tuneupdefragservice.exe,-1 (tuneup.defrag) - tuneup software gmbh - c:\windows\system32\tuneupdefragservice.exe
o23 - service: truevector internet monitor (vsmon) - check point software technologies ltd - c:\windows\system32\zonelabs\vsmon.exe
o23 - service: xaudioservice - conexant systems, inc. - c:\windows\system32\drivers\xaudio.exe
--
end of file - 11244 bytes
======scheduled tasks folder======
c:\windows\tasks\glaryinitialize.job
c:\windows\tasks\maintenance en 1 clic.job
c:\windows\tasks\user_feed_synchronization-{c221eab5-0c91-4f5b-a7ff-2bb0e7e40658}.job
======registry dump======
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{18df081c-e8ad-4283-a596-fa578c2ebdc3}]
adobe pdf link helper - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll [2009-02-27 75128]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
askbar bho - c:\program files\askbardis\bar\bin\askbar3.dll [2008-07-17 279944]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6f74-2d53-2644-206d7942484f}]
spybot-s&d ie protection - c:\program files\spybot - search & destroy\sdhelper.dll [2009-01-26 1879896]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{5c255c8a-e604-49b4-9d64-90988571cecb}]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{64f56fc1-1272-44cd-ba6e-39723696e350}]
eobho class
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6ebf7485-159f-4bff-a14f-b9e3aac4465b}]
search helper - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll [2009-05-19 137600]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030d464-4c02-4abf-8ecc-5164760863c6}]
programme d'aide de l'assistant de connexion windows live id - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll [2009-03-30 403824]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
google toolbar helper - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
java(tm) plug-in 2 ssv helper - c:\program files\java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{e15a8dc0-8516-42a1-81ea-dc94ec1acf10}]
windows live toolbar helper - c:\program files\windows live\toolbar\wltcore.dll [2009-02-06 1068904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{fdd3b846-8d59-4ffb-8758-209b6ad74acc}]
c:\program files\microsoft money\system\mnyviewer.dll [2001-07-25 143420]
[hkey_local_machine\software\microsoft\internet explorer\toolbar]
{2318c2b1-4965-11d4-9b18-009027a5cd4f} - &google - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
{cedda62b-5fbe-4ab2-ae2e-5e069f444444} - mediadico familial - c:\program files\laventure\mdtoolbar\mdtoolbar.dll [2007-06-09 811008]
{ed0e8ca5-42fb-4b18-997b-769e0408e79d}
{21fa44ef-376d-4d53-9b0f-8a89d3229068} - &windows live toolbar - c:\program files\windows live\toolbar\wltcore.dll [2009-02-06 1068904]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - ask toolbar - c:\program files\askbardis\bar\bin\askbar3.dll [2008-07-17 279944]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"zonealarm client"=c:\program files\zone labs\zonealarm\zlclient.exe [2008-03-03 959976]
"igfxtray"=c:\windows\system32\igfxtray.exe [2008-02-11 141848]
"hotkeyscmds"=c:\windows\system32\hkcmd.exe [2008-02-11 166424]
"persistence"=c:\windows\system32\igfxpers.exe [2008-02-11 133656]
"syntpstart"=c:\program files\synaptics\syntp\syntpstart.exe [2007-09-15 102400]
"avast!"=c:\progra~1\alwils~1\avast4\ashdisp.exe [2009-02-05 81000]
"sunjavaupdatesched"=c:\program files\java\jre6\bin\jusched.exe [2009-03-09 148888]
"adobe reader speed launcher"=c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2009-02-27 35696]
[hkey_local_machine\software\microsoft\windows\currentversion\runonce]
"launcher"=c:\windows\sminst\launcher.exe [2006-11-07 44128]
[hkey_current_user\software\microsoft\windows\currentversion\run]
"sidebar"=c:\program files\windows sidebar\sidebar.exe [2008-01-19 1233920]
"vistastartmenu"=c:\program files\vista start menu\vistastartmenu.exe [2009-04-13 2171392]
"epson stylus dx7400 series"=c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe [2007-04-12 182272]
"pop peeper"=c:\program files\divers\pop peeper\poppeeper.exe [2009-01-22 1470464]
"superantispyware"=c:\program files\divers\superantispyware\superantispyware.exe [2009-08-08 1830128]
"tomtomhome.exe"=c:\program files\tomtom home 2\tomtomhomerunner.exe [2009-04-08 251240]
"spybotsd teatimer"=c:\program files\spybot - search & destroy\teatimer.exe [2009-03-05 2260480]
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\egrkhsnprz]
[]
c:\programdata\microsoft\windows\start menu\programs\startup
logiciel de synchronisation orange.lnk - c:\program files\orange\logiciel de synchronisation orange\voxsync.exe
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
c:\program files\divers\superantispyware\saswinlo.dll [2008-12-31 356352]
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
c:\windows\system32\igfxdev.dll [2008-02-11 204800]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5ae067d3-9afb-48e0-853a-ebb7f4a000da}"=c:\program files\divers\superantispyware\sasseh.dll [2008-05-13 77824]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\aawservice]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\aawservice]
[hkey_current_user\software\microsoft\windows\currentversion\policies\system]
"disablelockworkstation"=0
"disablechangepassword"=0
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"enableuiadesktoptoggle"=0
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"nologoff"=0
"noclose"=0
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[hkey_current_user\software\microsoft\windows\currentversion\explorer\mountpoints2\{448586e8-98ec-11dd-9d9e-0016d4f08416}]
shell\autorun\command - f:\installtomtomhome.exe
[hkey_current_user\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e1d3d5-b394-11dc-84d7-0016d4f08416}]
shell\autorun\command - f:\installtomtomhome.exe
======file associations======
.js - edit - c:\windows\system32\notepad.exe %1
.js - open - c:\windows\system32\wscript.exe "%1" %*
======list of files/folders created in the last 1 months======
2009-08-08 16:59:11 ----d---- c:\program files\trend micro
2009-08-08 16:59:08 ----d---- c:\rsit
2009-08-08 16:36:14 ----a---- c:\windows\isrs-000.tmp
2009-07-29 21:24:30 ----a---- c:\windows\system32\mshtml.dll
2009-07-29 21:24:28 ----a---- c:\windows\system32\ieframe.dll
2009-07-29 21:24:27 ----a---- c:\windows\system32\urlmon.dll
2009-07-29 21:24:27 ----a---- c:\windows\system32\iertutil.dll
2009-07-29 21:24:26 ----a---- c:\windows\system32\wininet.dll
2009-07-29 21:24:26 ----a---- c:\windows\system32\msfeeds.dll
2009-07-29 21:24:25 ----a---- c:\windows\system32\occache.dll
2009-07-29 21:24:25 ----a---- c:\windows\system32\iedkcs32.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\msfeedsbs.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\jsproxy.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\ieunatt.exe
2009-07-29 21:24:23 ----a---- c:\windows\system32\ieui.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\iesysprep.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\iepeers.dll
2009-07-29 21:24:22 ----a---- c:\windows\system32\msfeedssync.exe
2009-07-29 21:24:22 ----a---- c:\windows\system32\iesetup.dll
2009-07-29 21:24:22 ----a---- c:\windows\system32\iernonce.dll
2009-07-29 21:24:22 ----a---- c:\windows\system32\ie4uinit.exe
2009-07-26 11:53:42 ----hd---- c:\program files\installjammer registry
2009-07-26 11:53:00 ----d---- c:\program files\virtual agc
2009-07-23 14:19:16 ----d---- c:\programdata\daussy dominique
2009-07-20 17:08:16 ----d---- c:\program files\safer networking
2009-07-20 16:48:39 ----d---- c:\program files\spybot - search & destroy
2009-07-18 10:10:54 ----a---- c:\windows\system32\t2embed.dll
2009-07-18 10:10:53 ----a---- c:\windows\system32\fontsub.dll
2009-07-18 10:10:53 ----a---- c:\windows\system32\dciman32.dll
2009-07-18 10:10:53 ----a---- c:\windows\system32\atmfd.dll
======list of files/folders modified in the last 1 months======
2009-08-08 16:59:16 ----d---- c:\windows\temp
2009-08-08 16:59:11 ----d---- c:\program files
2009-08-08 16:58:07 ----d---- c:\windows\internet logs
2009-08-08 16:43:13 ----d---- c:\program files\askbardis
2009-08-08 16:42:58 ----d---- c:\windows\tasks
2009-08-08 16:42:57 ----d---- c:\program files\glary utilities
2009-08-08 16:39:50 ----d---- c:\windows
2009-08-08 16:39:48 ----d---- c:\windows\sminst
2009-08-08 16:33:49 ----shd---- c:\system volume information
2009-08-08 16:25:52 ----d---- c:\programdata\is-m313k
2009-08-08 16:25:52 ----d---- c:\programdata\is-29t9e
2009-08-07 12:04:27 ----d---- c:\users\andre\appdata\roaming\vista start menu
2009-08-06 16:32:55 ----shd---- c:\windows\installer
2009-08-06 16:32:52 ----d---- c:\program files\jeux
2009-08-06 16:08:18 ----d---- c:\program files\divers
2009-08-04 17:20:30 ----d---- c:\windows\system32
2009-08-04 17:20:30 ----d---- c:\windows\inf
2009-08-04 17:20:30 ----a---- c:\windows\system32\perfstringbackup.ini
2009-08-04 10:29:06 ----d---- c:\program files\microsoft silverlight
2009-08-04 08:27:36 ----d---- c:\program files\common files\microsoft shared
2009-08-01 11:37:38 ----d---- c:\windows\system32\migration
2009-08-01 11:37:38 ----d---- c:\program files\internet explorer
2009-08-01 10:26:50 ----d---- c:\windows\winsxs
2009-07-30 21:29:43 ----d---- c:\windows\system32\catroot2
2009-07-29 22:04:50 ----d---- c:\windows\system32\drivers
2009-07-29 21:20:27 ----d---- c:\windows\system32\catroot
2009-07-23 14:19:16 ----d---- c:\programdata
2009-07-20 17:03:15 ----d---- c:\programdata\spybot - search & destroy
2009-07-18 16:44:55 ----d---- c:\users\andre\appdata\roaming\wormux
2009-07-18 10:19:38 ----d---- c:\program files\windows mail
2009-07-18 10:19:32 ----d---- c:\programdata\microsoft help
2009-07-09 14:58:19 ----d---- c:\windows\prefetch
======list of drivers (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r1 aswrdr;aswrdr; c:\windows\system32\drivers\aswrdr.sys [2009-02-05 23152]
r1 aswsp;avast! self protection; c:\windows\system32\drivers\aswsp.sys [2009-02-05 114768]
r1 aswtdi;avast! network shield support; c:\windows\system32\drivers\aswtdi.sys [2009-02-05 51376]
r1 eabfiltr;eabfiltr; c:\windows\system32\drivers\eabfiltr.sys [2006-11-30 8192]
r1 saskutil;saskutil; \??\c:\program files\divers\superantispyware\saskutil.sys [2009-08-08 74480]
r1 vsdatant;zone alarm firewall driver; c:\windows\system32\drivers\vsdatant.sys [2008-03-03 279440]
r2 aswfsblk;aswfsblk; c:\windows\system32\drivers\aswfsblk.sys [2009-02-05 20560]
r2 aswmonflt;aswmonflt; c:\windows\system32\drivers\aswmonflt.sys [2009-02-05 51792]
r2 mdmxsdk;mdmxsdk; c:\windows\system32\drivers\mdmxsdk.sys [2006-06-19 12672]
r2 xaudio;xaudio; c:\windows\system32\drivers\xaudio.sys [2007-07-10 8704]
r3 afc;ppdus aspi shell; c:\windows\system32\drivers\afc.sys [2006-11-10 18688]
r3 bcm43xx;pilote pour carte réseau broadcom 802.11; c:\windows\system32\drivers\bcmwl6.sys [2007-01-03 534016]
r3 cmbatt;pilote pour batterie à méthode de contrôle acpi microsoft; c:\windows\system32\drivers\cmbatt.sys [2008-01-19 14208]
r3 cnxthdaudservice;conexant uaa function driver for high definition audio service; c:\windows\system32\drivers\chdrt32.sys [2008-03-04 188416]
r3 hbtnkey;hbtnkey; c:\windows\system32\drivers\cpqbttn.sys [2006-06-28 9472]
r3 hsf_dpv;hsf_dpv; c:\windows\system32\drivers\hsx_dpv.sys [2007-06-20 984064]
r3 hsxhwazl;hsxhwazl; c:\windows\system32\drivers\hsxhwazl.sys [2007-06-20 208896]
r3 igfx;igfx; c:\windows\system32\drivers\igdkmd32.sys [2008-02-11 2302976]
r3 rtl8023xp;realtek 10/100 nic family ndis x86 driver; c:\windows\system32\drivers\rtnicxp.sys [2007-02-16 50176]
r3 sasenum;sasenum; \??\c:\program files\divers\superantispyware\sasenum.sys [2008-05-13 7408]
r3 syntp;synaptics touchpad driver; c:\windows\system32\drivers\syntp.sys [2007-09-15 191408]
r3 winachsf;winachsf; c:\windows\system32\drivers\hsx_cnxt.sys [2007-06-20 660480]
r3 wmiacpi;microsoft windows management interface for acpi; c:\windows\system32\drivers\wmiacpi.sys [2008-01-19 11264]
s1 as6eio;as6eio; c:\windows\system32\drivers\as6eio.sys []
s1 sasdifsv;sasdifsv; \??\c:\program files\divers\superantispyware\sasdifsv.sys [2009-03-27 9968]
s2 gt680x;usb flatbed scanner; c:\windows\system32\drivers\gt680x.sys [2000-11-17 17168]
s3 bcm43xv;pilote de la carte réseau extensible broadcom 802.11; c:\windows\system32\drivers\bcmwl6.sys [2007-01-03 534016]
s3 drmkaud;filtre de décodeur drm (noyau microsoft); c:\windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
s3 e100b;pilote de carte intel (r) pro; c:\windows\system32\drivers\e100b325.sys [2006-11-02 163328]
s3 hdaudaddservice;microsoft uaa function driver for high definition audio service; c:\windows\system32\drivers\chdart.sys [2007-02-22 159232]
s3 hsfhwazl;hsfhwazl; c:\windows\system32\drivers\vstazl3.sys [2006-11-02 200704]
s3 ialm;ialm; c:\windows\system32\drivers\igdkmd32.sys [2008-02-11 2302976]
s3 mskssrv;proxy de service de répartition microsoft; c:\windows\system32\drivers\mskssrv.sys [2008-01-19 8192]
s3 mspclock;proxy d'horloge de répartition microsoft; c:\windows\system32\drivers\mspclock.sys [2008-01-19 5888]
s3 mspqm;proxy de gestion de qualité de répartition microsoft; c:\windows\system32\drivers\mspqm.sys [2008-01-19 5504]
s3 mstee;convertisseur en t/site-à-site de répartition microsoft; c:\windows\system32\drivers\mstee.sys [2008-01-19 6016]
s3 netw3v32;pilote de carte réseau intel(r) pro/wireless 3945abg pour windows vista 32 bits; c:\windows\system32\drivers\netw3v32.sys [2007-02-07 1786880]
s3 nmwcd;nokia usb phone parent; c:\windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
s3 nmwcdc;nokia usb generic; c:\windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
s3 pccsmcfd;pccs mode change filter driver; c:\windows\system32\drivers\pccsmcfd.sys [2007-09-17 21632]
s3 ultradfg;ultradfg; c:\windows\system32\drivers\ultradfg.sys [2008-10-02 24576]
s3 upperdev;upperdev; c:\windows\system32\drivers\usbser_lowerflt.sys [2009-02-09 7808]
s3 usbscan;pilote de scanneur usb; c:\windows\system32\drivers\usbscan.sys [2008-01-19 35328]
s3 usbser;usb modem driver; c:\windows\system32\drivers\usbser.sys [2008-01-19 28160]
s3 usbserfilt;usbserfilt; c:\windows\system32\drivers\usbser_lowerfltj.sys [2009-02-09 7808]
s3 wimfltr;wimfltr; c:\windows\system32\drivers\wimfltr.sys [2008-01-19 131000]
s3 wpdusb;wpdusb; c:\windows\system32\drivers\wpdusb.sys [2008-01-19 39936]
s3 wudfrd;wudfrd; c:\windows\system32\drivers\wudfrd.sys [2008-01-19 83328]
======list of services (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r2 aawservice;ad-aware 2007 service; c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-03-19 607576]
r2 acdaemon;arcsoft connect daemon; c:\program files\common files\arcsoft\connection service\bin\acservice.exe [2008-02-22 104960]
r2 aswupdsv;avast! iavs4 control service; c:\program files\alwil software\avast4\aswupdsv.exe [2009-02-05 18752]
r2 avast! antivirus;avast! antivirus; c:\program files\alwil software\avast4\ashserv.exe [2009-02-05 138680]
r2 ezntsvc;easybits magic desktop services for windows nt; c:\windows\system32\ezntsvc.exe [2007-08-03 33792]
r2 hp health check service;hp health check service; c:\program files\hewlett-packard\hp health check\hphc_service.exe [2007-03-14 62984]
r2 hpqwmiex;hpqwmiex; c:\program files\hewlett-packard\shared\hpqwmiex.exe [2006-05-02 135168]
r2 lightscribeservice;lightscribeservice direct disc labeling service; c:\program files\common files\lightscribe\lssrvc.exe [2006-12-14 61440]
r2 mdm;machine debug manager; c:\program files\common files\microsoft shared\vs7debug\mdm.exe [2006-10-26 335872]
r2 seaport;seaport; c:\program files\microsoft\search enhancement pack\seaport\seaport.exe [2009-05-19 240512]
r2 tomtomhomeservice;tomtomhomeservice; c:\program files\tomtom home 2\tomtomhomeservice.exe [2009-04-08 92008]
r2 uxtuneup;@%systemroot%\system32\uxtuneup.dll,-4096; c:\windows\system32\svchost.exe [2008-01-19 21504]
r2 vsmon;truevector internet monitor; c:\windows\system32\zonelabs\vsmon.exe [2008-03-03 79400]
r2 wlidsvc;windows live id sign-in assistant; c:\program files\common files\microsoft shared\windows live\wlidsvc.exe [2009-03-30 1533808]
r2 xaudioservice;xaudioservice; c:\windows\system32\drivers\xaudio.exe [2007-07-10 386560]
r3 avast! mail scanner;avast! mail scanner; c:\program files\alwil software\avast4\ashmaisv.exe [2009-02-05 254040]
r3 avast! web scanner;avast! web scanner; c:\program files\alwil software\avast4\ashwebsv.exe [2009-02-05 352920]
s2 planificateur liveupdate automatique;planificateur liveupdate automatique; c:\program files\symantec\liveupdate\aluschedulersvc.exe []
s3 boonty games;boonty games; c:\program files\common files\boonty shared\service\boonty.exe [2008-08-18 69120]
s3 com4qlb;com4qlb; c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe [2007-03-05 110592]
s3 gusvc;google updater service; c:\program files\google\common\google updater\googleupdaterservice.exe [2007-08-16 138168]
s3 idrivert;installdriver table manager; c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe [2004-10-22 73728]
s3 odserv;microsoft office diagnostics service; c:\program files\common files\microsoft shared\office12\odserv.exe [2008-11-04 441712]
s3 ose;office source engine; c:\program files\common files\microsoft shared\source engine\ose.exe [2006-10-26 145184]
s3 roxmediadb9;roxmediadb9; c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe [2007-02-12 880640]
s3 servicelayer;servicelayer; c:\program files\pc connectivity solution\servicelayer.exe [2008-08-07 575488]
s3 stllssvr;stllssvr; c:\program files\common files\surething shared\stllssvr.exe [2007-02-17 74656]
s3 symantec core lc;symantec core lc; c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-04-25 1174664]
s3 tuneup.defrag;@%systemroot%\system32\tuneupdefragservice.exe,-1; c:\windows\system32\tuneupdefragservice.exe [2008-12-11 355584]
-----------------eof-----------------
bip41 a écrit :
logfile of random's system information tool 1.06 (written by random/random) run by andre at 2009-08-08 16:59:08
microsoft® windows vista™ édition familiale basique service pack 1
system drive c: has 13 gb (18%) free of 70 gb
total ram: 2037 mb (46% free)
logfile of trend micro hijackthis v2.0.2
scan saved at 16:59:47, on 08/08/2009
platform: windows vista sp1 (winnt 6.00.1905)
msie: internet explorer v8.00 (8.00.6001.18813)
boot mode: normal
running processes:
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\windows\system32\taskeng.exe
c:\program files\zone labs\zonealarm\zlclient.exe
c:\windows\system32\igfxtray.exe
c:\windows\system32\hkcmd.exe
c:\windows\system32\igfxpers.exe
c:\program files\synaptics\syntp\syntpstart.exe
c:\program files\alwil software\avast4\ashdisp.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\vista start menu\vistastartmenu.exe
c:\program files\divers\pop peeper\poppeeper.exe
c:\program files\tomtom home 2\tomtomhomerunner.exe
c:\program files\spybot - search & destroy\teatimer.exe
c:\program files\orange\logiciel de synchronisation orange\voxsync.exe
c:\program files\windows media player\wmpnscfg.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\orange\logiciel de synchronisation orange\syncmanager.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\microsoft office\office11\outlook.exe
c:\program files\synaptics\syntp\syntpenh.exe
c:\program files\divers\superantispyware\superantispyware.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\windows live\toolbar\wltuser.exe
c:\windows\system32\taskeng.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\macromed\flash\flashutil10b.exe
c:\users\andre\desktop\rsit.exe
c:\windows\system32\searchfilterhost.exe
c:\program files\trend micro\andre.exe
r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hkcu\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hkcu\software\microsoft\internet explorer\main,start page = http://www.orange.fr/
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=fr_fr&c(...)
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\software\microsoft\internet explorer\main,start page = http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=fr_fr&c(...)
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: askbar bho - {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askbar3.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\sdhelper.dll
o2 - bho: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
o2 - bho: eorezobho - {64f56fc1-1272-44cd-ba6e-39723696e350} - (no file)
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: programme d'aide de l'assistant de connexion windows live id - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
o2 - bho: (no name) - {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - c:\program files\microsoft money\system\mnyviewer.dll
o3 - toolbar: &google - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
o3 - toolbar: mediadico familial - {cedda62b-5fbe-4ab2-ae2e-5e069f444444} - c:\program files\laventure\mdtoolbar\mdtoolbar.dll
o3 - toolbar: (no name) - {ed0e8ca5-42fb-4b18-997b-769e0408e79d} - (no file)
o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
o3 - toolbar: ask toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askbar3.dll
o4 - hklm\..\run: [zonealarm client] "c:\program files\zone labs\zonealarm\zlclient.exe"
o4 - hklm\..\run: [igfxtray] c:\windows\system32\igfxtray.exe
o4 - hklm\..\run: [hotkeyscmds] c:\windows\system32\hkcmd.exe
o4 - hklm\..\run: [persistence] c:\windows\system32\igfxpers.exe
o4 - hklm\..\run: [syntpstart] c:\program files\synaptics\syntp\syntpstart.exe
o4 - hklm\..\run: [avast!] c:\progra~1\alwils~1\avast4\ashdisp.exe
o4 - hklm\..\run: [sunjavaupdatesched] "c:\program files\java\jre6\bin\jusched.exe"
o4 - hklm\..\run: [adobe reader speed launcher] "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
o4 - hklm\..\runonce: [launcher] %windir%\sminst\launcher.exe
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [vistastartmenu] "c:\program files\vista start menu\vistastartmenu.exe"
o4 - hkcu\..\run: [epson stylus dx7400 series] c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe /fu "c:\windows\temp\e_saf72.tmp" /ef "hkcu"
o4 - hkcu\..\run: [pop peeper] "c:\program files\divers\pop peeper\poppeeper.exe" -min
o4 - hkcu\..\run: [superantispyware] c:\program files\divers\superantispyware\superantispyware.exe
o4 - hkcu\..\run: [tomtomhome.exe] "c:\program files\tomtom home 2\tomtomhomerunner.exe" -s
o4 - hkcu\..\run: [spybotsd teatimer] c:\program files\spybot - search & destroy\teatimer.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'service local')
o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'service local')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'service réseau')
o4 - hkus\s-1-5-18\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background (user 'system')
o4 - hkus\.default\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background (user 'default user')
o4 - global startup: logiciel de synchronisation orange.lnk = ?
o8 - extra context menu item: add to google photos screensa&ver - res://c:\windows\system32\gphotos.scr/200
o8 - extra context menu item: add to windows &live favorites - http://favorites.live.com/quickadd.aspx
o8 - extra context menu item: e&xporter vers microsoft excel - res://c:\progra~1\micros~3\office12\excel.exe/3000
o9 - extra button: freshdownload - {07cc7f05-1d78-4347-afb4-718d64fa43d0} - c:\program files\divers\freshdownload\fd.exe (file missing)
o9 - extra button: ajout direct - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &ajout direct dans windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: recherche - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~3\office11\refiebar.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search && destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
o9 - extra button: moneyside - {e023f504-0c5a-4750-a1e7-a9046dea8a21} - c:\program files\microsoft money\system\mnyviewer.dll
o13 - gopher prefix:
o20 - winlogon notify: !saswinlogon - c:\program files\divers\superantispyware\saswinlo.dll
o23 - service: ad-aware 2007 service (aawservice) - lavasoft - c:\program files\lavasoft\ad-aware 2007\aawservice.exe
o23 - service: arcsoft connect daemon (acdaemon) - arcsoft inc. - c:\program files\common files\arcsoft\connection service\bin\acservice.exe
o23 - service: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\aswupdsv.exe
o23 - service: avast! antivirus - alwil software - c:\program files\alwil software\avast4\ashserv.exe
o23 - service: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\ashmaisv.exe
o23 - service: avast! web scanner - alwil software - c:\program files\alwil software\avast4\ashwebsv.exe
o23 - service: boonty games - boonty - c:\program files\common files\boonty shared\service\boonty.exe
o23 - service: com4qlb - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe
o23 - service: easybits magic desktop services for windows nt (ezntsvc) - easybits software corp. - c:\windows\system32\ezntsvc.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: hp health check service - hewlett-packard - c:\program files\hewlett-packard\hp health check\hphc_service.exe
o23 - service: hpqwmiex - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\shared\hpqwmiex.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - c:\program files\common files\lightscribe\lssrvc.exe
o23 - service: planificateur liveupdate automatique - unknown owner - c:\program files\symantec\liveupdate\aluschedulersvc.exe (file missing)
o23 - service: roxmediadb9 - sonic solutions - c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe
o23 - service: servicelayer - nokia. - c:\program files\pc connectivity solution\servicelayer.exe
o23 - service: stllssvr - microvision development, inc. - c:\program files\common files\surething shared\stllssvr.exe
o23 - service: symantec core lc - symantec corporation - c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe
o23 - service: tomtomhomeservice - tomtom - c:\program files\tomtom home 2\tomtomhomeservice.exe
o23 - service: @%systemroot%\system32\tuneupdefragservice.exe,-1 (tuneup.defrag) - tuneup software gmbh - c:\windows\system32\tuneupdefragservice.exe
o23 - service: truevector internet monitor (vsmon) - check point software technologies ltd - c:\windows\system32\zonelabs\vsmon.exe
o23 - service: xaudioservice - conexant systems, inc. - c:\windows\system32\drivers\xaudio.exe
--
end of file - 11244 bytes
======scheduled tasks folder======
c:\windows\tasks\glaryinitialize.job
c:\windows\tasks\maintenance en 1 clic.job
c:\windows\tasks\user_feed_synchronization-{c221eab5-0c91-4f5b-a7ff-2bb0e7e40658}.job
======registry dump======
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{18df081c-e8ad-4283-a596-fa578c2ebdc3}]
adobe pdf link helper - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll [2009-02-27 75128]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
askbar bho - c:\program files\askbardis\bar\bin\askbar3.dll [2008-07-17 279944]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{53707962-6f74-2d53-2644-206d7942484f}]
spybot-s&d ie protection - c:\program files\spybot - search & destroy\sdhelper.dll [2009-01-26 1879896]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{5c255c8a-e604-49b4-9d64-90988571cecb}]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{64f56fc1-1272-44cd-ba6e-39723696e350}]
eobho class
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{6ebf7485-159f-4bff-a14f-b9e3aac4465b}]
search helper - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll [2009-05-19 137600]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{9030d464-4c02-4abf-8ecc-5164760863c6}]
programme d'aide de l'assistant de connexion windows live id - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll [2009-03-30 403824]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
google toolbar helper - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
java(tm) plug-in 2 ssv helper - c:\program files\java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{e15a8dc0-8516-42a1-81ea-dc94ec1acf10}]
windows live toolbar helper - c:\program files\windows live\toolbar\wltcore.dll [2009-02-06 1068904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{fdd3b846-8d59-4ffb-8758-209b6ad74acc}]
c:\program files\microsoft money\system\mnyviewer.dll [2001-07-25 143420]
[hkey_local_machine\software\microsoft\internet explorer\toolbar]
{2318c2b1-4965-11d4-9b18-009027a5cd4f} - &google - c:\program files\google\googletoolbar2.dll [2007-08-16 2436160]
{cedda62b-5fbe-4ab2-ae2e-5e069f444444} - mediadico familial - c:\program files\laventure\mdtoolbar\mdtoolbar.dll [2007-06-09 811008]
{ed0e8ca5-42fb-4b18-997b-769e0408e79d}
{21fa44ef-376d-4d53-9b0f-8a89d3229068} - &windows live toolbar - c:\program files\windows live\toolbar\wltcore.dll [2009-02-06 1068904]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - ask toolbar - c:\program files\askbardis\bar\bin\askbar3.dll [2008-07-17 279944]
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"zonealarm client"=c:\program files\zone labs\zonealarm\zlclient.exe [2008-03-03 959976]
"igfxtray"=c:\windows\system32\igfxtray.exe [2008-02-11 141848]
"hotkeyscmds"=c:\windows\system32\hkcmd.exe [2008-02-11 166424]
"persistence"=c:\windows\system32\igfxpers.exe [2008-02-11 133656]
"syntpstart"=c:\program files\synaptics\syntp\syntpstart.exe [2007-09-15 102400]
"avast!"=c:\progra~1\alwils~1\avast4\ashdisp.exe [2009-02-05 81000]
"sunjavaupdatesched"=c:\program files\java\jre6\bin\jusched.exe [2009-03-09 148888]
"adobe reader speed launcher"=c:\program files\adobe\reader 9.0\reader\reader_sl.exe [2009-02-27 35696]
[hkey_local_machine\software\microsoft\windows\currentversion\runonce]
"launcher"=c:\windows\sminst\launcher.exe [2006-11-07 44128]
[hkey_current_user\software\microsoft\windows\currentversion\run]
"sidebar"=c:\program files\windows sidebar\sidebar.exe [2008-01-19 1233920]
"vistastartmenu"=c:\program files\vista start menu\vistastartmenu.exe [2009-04-13 2171392]
"epson stylus dx7400 series"=c:\windows\system32\spool\drivers\w32x86\3\e_faticde.exe [2007-04-12 182272]
"pop peeper"=c:\program files\divers\pop peeper\poppeeper.exe [2009-01-22 1470464]
"superantispyware"=c:\program files\divers\superantispyware\superantispyware.exe [2009-08-08 1830128]
"tomtomhome.exe"=c:\program files\tomtom home 2\tomtomhomerunner.exe [2009-04-08 251240]
"spybotsd teatimer"=c:\program files\spybot - search & destroy\teatimer.exe [2009-03-05 2260480]
[hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\egrkhsnprz]
[]
c:\programdata\microsoft\windows\start menu\programs\startup
logiciel de synchronisation orange.lnk - c:\program files\orange\logiciel de synchronisation orange\voxsync.exe
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
c:\program files\divers\superantispyware\saswinlo.dll [2008-12-31 356352]
[hkey_local_machine\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
c:\windows\system32\igfxdev.dll [2008-02-11 204800]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5ae067d3-9afb-48e0-853a-ebb7f4a000da}"=c:\program files\divers\superantispyware\sasseh.dll [2008-05-13 77824]
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\aawservice]
[hkey_local_machine\system\currentcontrolset\control\safeboot\network\aawservice]
[hkey_current_user\software\microsoft\windows\currentversion\policies\system]
"disablelockworkstation"=0
"disablechangepassword"=0
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"enableuiadesktoptoggle"=0
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"nologoff"=0
"noclose"=0
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[hkey_current_user\software\microsoft\windows\currentversion\explorer\mountpoints2\{448586e8-98ec-11dd-9d9e-0016d4f08416}]
shell\autorun\command - f:\installtomtomhome.exe
[hkey_current_user\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3e1d3d5-b394-11dc-84d7-0016d4f08416}]
shell\autorun\command - f:\installtomtomhome.exe
======file associations======
.js - edit - c:\windows\system32\notepad.exe %1
.js - open - c:\windows\system32\wscript.exe "%1" %*
======list of files/folders created in the last 1 months======
2009-08-08 16:59:11 ----d---- c:\program files\trend micro
2009-08-08 16:59:08 ----d---- c:\rsit
2009-08-08 16:36:14 ----a---- c:\windows\isrs-000.tmp
2009-07-29 21:24:30 ----a---- c:\windows\system32\mshtml.dll
2009-07-29 21:24:28 ----a---- c:\windows\system32\ieframe.dll
2009-07-29 21:24:27 ----a---- c:\windows\system32\urlmon.dll
2009-07-29 21:24:27 ----a---- c:\windows\system32\iertutil.dll
2009-07-29 21:24:26 ----a---- c:\windows\system32\wininet.dll
2009-07-29 21:24:26 ----a---- c:\windows\system32\msfeeds.dll
2009-07-29 21:24:25 ----a---- c:\windows\system32\occache.dll
2009-07-29 21:24:25 ----a---- c:\windows\system32\iedkcs32.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\msfeedsbs.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\jsproxy.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\ieunatt.exe
2009-07-29 21:24:23 ----a---- c:\windows\system32\ieui.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\iesysprep.dll
2009-07-29 21:24:23 ----a---- c:\windows\system32\iepeers.dll
2009-07-29 21:24:22 ----a---- c:\windows\system32\msfeedssync.exe
2009-07-29 21:24:22 ----a---- c:\windows\system32\iesetup.dll
2009-07-29 21:24:22 ----a---- c:\windows\system32\iernonce.dll
2009-07-29 21:24:22 ----a---- c:\windows\system32\ie4uinit.exe
2009-07-26 11:53:42 ----hd---- c:\program files\installjammer registry
2009-07-26 11:53:00 ----d---- c:\program files\virtual agc
2009-07-23 14:19:16 ----d---- c:\programdata\daussy dominique
2009-07-20 17:08:16 ----d---- c:\program files\safer networking
2009-07-20 16:48:39 ----d---- c:\program files\spybot - search & destroy
2009-07-18 10:10:54 ----a---- c:\windows\system32\t2embed.dll
2009-07-18 10:10:53 ----a---- c:\windows\system32\fontsub.dll
2009-07-18 10:10:53 ----a---- c:\windows\system32\dciman32.dll
2009-07-18 10:10:53 ----a---- c:\windows\system32\atmfd.dll
======list of files/folders modified in the last 1 months======
2009-08-08 16:59:16 ----d---- c:\windows\temp
2009-08-08 16:59:11 ----d---- c:\program files
2009-08-08 16:58:07 ----d---- c:\windows\internet logs
2009-08-08 16:43:13 ----d---- c:\program files\askbardis
2009-08-08 16:42:58 ----d---- c:\windows\tasks
2009-08-08 16:42:57 ----d---- c:\program files\glary utilities
2009-08-08 16:39:50 ----d---- c:\windows
2009-08-08 16:39:48 ----d---- c:\windows\sminst
2009-08-08 16:33:49 ----shd---- c:\system volume information
2009-08-08 16:25:52 ----d---- c:\programdata\is-m313k
2009-08-08 16:25:52 ----d---- c:\programdata\is-29t9e
2009-08-07 12:04:27 ----d---- c:\users\andre\appdata\roaming\vista start menu
2009-08-06 16:32:55 ----shd---- c:\windows\installer
2009-08-06 16:32:52 ----d---- c:\program files\jeux
2009-08-06 16:08:18 ----d---- c:\program files\divers
2009-08-04 17:20:30 ----d---- c:\windows\system32
2009-08-04 17:20:30 ----d---- c:\windows\inf
2009-08-04 17:20:30 ----a---- c:\windows\system32\perfstringbackup.ini
2009-08-04 10:29:06 ----d---- c:\program files\microsoft silverlight
2009-08-04 08:27:36 ----d---- c:\program files\common files\microsoft shared
2009-08-01 11:37:38 ----d---- c:\windows\system32\migration
2009-08-01 11:37:38 ----d---- c:\program files\internet explorer
2009-08-01 10:26:50 ----d---- c:\windows\winsxs
2009-07-30 21:29:43 ----d---- c:\windows\system32\catroot2
2009-07-29 22:04:50 ----d---- c:\windows\system32\drivers
2009-07-29 21:20:27 ----d---- c:\windows\system32\catroot
2009-07-23 14:19:16 ----d---- c:\programdata
2009-07-20 17:03:15 ----d---- c:\programdata\spybot - search & destroy
2009-07-18 16:44:55 ----d---- c:\users\andre\appdata\roaming\wormux
2009-07-18 10:19:38 ----d---- c:\program files\windows mail
2009-07-18 10:19:32 ----d---- c:\programdata\microsoft help
2009-07-09 14:58:19 ----d---- c:\windows\prefetch
======list of drivers (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r1 aswrdr;aswrdr; c:\windows\system32\drivers\aswrdr.sys [2009-02-05 23152]
r1 aswsp;avast! self protection; c:\windows\system32\drivers\aswsp.sys [2009-02-05 114768]
r1 aswtdi;avast! network shield support; c:\windows\system32\drivers\aswtdi.sys [2009-02-05 51376]
r1 eabfiltr;eabfiltr; c:\windows\system32\drivers\eabfiltr.sys [2006-11-30 8192]
r1 saskutil;saskutil; \??\c:\program files\divers\superantispyware\saskutil.sys [2009-08-08 74480]
r1 vsdatant;zone alarm firewall driver; c:\windows\system32\drivers\vsdatant.sys [2008-03-03 279440]
r2 aswfsblk;aswfsblk; c:\windows\system32\drivers\aswfsblk.sys [2009-02-05 20560]
r2 aswmonflt;aswmonflt; c:\windows\system32\drivers\aswmonflt.sys [2009-02-05 51792]
r2 mdmxsdk;mdmxsdk; c:\windows\system32\drivers\mdmxsdk.sys [2006-06-19 12672]
r2 xaudio;xaudio; c:\windows\system32\drivers\xaudio.sys [2007-07-10 8704]
r3 afc;ppdus aspi shell; c:\windows\system32\drivers\afc.sys [2006-11-10 18688]
r3 bcm43xx;pilote pour carte réseau broadcom 802.11; c:\windows\system32\drivers\bcmwl6.sys [2007-01-03 534016]
r3 cmbatt;pilote pour batterie à méthode de contrôle acpi microsoft; c:\windows\system32\drivers\cmbatt.sys [2008-01-19 14208]
r3 cnxthdaudservice;conexant uaa function driver for high definition audio service; c:\windows\system32\drivers\chdrt32.sys [2008-03-04 188416]
r3 hbtnkey;hbtnkey; c:\windows\system32\drivers\cpqbttn.sys [2006-06-28 9472]
r3 hsf_dpv;hsf_dpv; c:\windows\system32\drivers\hsx_dpv.sys [2007-06-20 984064]
r3 hsxhwazl;hsxhwazl; c:\windows\system32\drivers\hsxhwazl.sys [2007-06-20 208896]
r3 igfx;igfx; c:\windows\system32\drivers\igdkmd32.sys [2008-02-11 2302976]
r3 rtl8023xp;realtek 10/100 nic family ndis x86 driver; c:\windows\system32\drivers\rtnicxp.sys [2007-02-16 50176]
r3 sasenum;sasenum; \??\c:\program files\divers\superantispyware\sasenum.sys [2008-05-13 7408]
r3 syntp;synaptics touchpad driver; c:\windows\system32\drivers\syntp.sys [2007-09-15 191408]
r3 winachsf;winachsf; c:\windows\system32\drivers\hsx_cnxt.sys [2007-06-20 660480]
r3 wmiacpi;microsoft windows management interface for acpi; c:\windows\system32\drivers\wmiacpi.sys [2008-01-19 11264]
s1 as6eio;as6eio; c:\windows\system32\drivers\as6eio.sys []
s1 sasdifsv;sasdifsv; \??\c:\program files\divers\superantispyware\sasdifsv.sys [2009-03-27 9968]
s2 gt680x;usb flatbed scanner; c:\windows\system32\drivers\gt680x.sys [2000-11-17 17168]
s3 bcm43xv;pilote de la carte réseau extensible broadcom 802.11; c:\windows\system32\drivers\bcmwl6.sys [2007-01-03 534016]
s3 drmkaud;filtre de décodeur drm (noyau microsoft); c:\windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
s3 e100b;pilote de carte intel (r) pro; c:\windows\system32\drivers\e100b325.sys [2006-11-02 163328]
s3 hdaudaddservice;microsoft uaa function driver for high definition audio service; c:\windows\system32\drivers\chdart.sys [2007-02-22 159232]
s3 hsfhwazl;hsfhwazl; c:\windows\system32\drivers\vstazl3.sys [2006-11-02 200704]
s3 ialm;ialm; c:\windows\system32\drivers\igdkmd32.sys [2008-02-11 2302976]
s3 mskssrv;proxy de service de répartition microsoft; c:\windows\system32\drivers\mskssrv.sys [2008-01-19 8192]
s3 mspclock;proxy d'horloge de répartition microsoft; c:\windows\system32\drivers\mspclock.sys [2008-01-19 5888]
s3 mspqm;proxy de gestion de qualité de répartition microsoft; c:\windows\system32\drivers\mspqm.sys [2008-01-19 5504]
s3 mstee;convertisseur en t/site-à-site de répartition microsoft; c:\windows\system32\drivers\mstee.sys [2008-01-19 6016]
s3 netw3v32;pilote de carte réseau intel(r) pro/wireless 3945abg pour windows vista 32 bits; c:\windows\system32\drivers\netw3v32.sys [2007-02-07 1786880]
s3 nmwcd;nokia usb phone parent; c:\windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
s3 nmwcdc;nokia usb generic; c:\windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
s3 pccsmcfd;pccs mode change filter driver; c:\windows\system32\drivers\pccsmcfd.sys [2007-09-17 21632]
s3 ultradfg;ultradfg; c:\windows\system32\drivers\ultradfg.sys [2008-10-02 24576]
s3 upperdev;upperdev; c:\windows\system32\drivers\usbser_lowerflt.sys [2009-02-09 7808]
s3 usbscan;pilote de scanneur usb; c:\windows\system32\drivers\usbscan.sys [2008-01-19 35328]
s3 usbser;usb modem driver; c:\windows\system32\drivers\usbser.sys [2008-01-19 28160]
s3 usbserfilt;usbserfilt; c:\windows\system32\drivers\usbser_lowerfltj.sys [2009-02-09 7808]
s3 wimfltr;wimfltr; c:\windows\system32\drivers\wimfltr.sys [2008-01-19 131000]
s3 wpdusb;wpdusb; c:\windows\system32\drivers\wpdusb.sys [2008-01-19 39936]
s3 wudfrd;wudfrd; c:\windows\system32\drivers\wudfrd.sys [2008-01-19 83328]
======list of services (r=running, s=stopped, 0=boot, 1=system, 2=auto, 3=demand, 4=disabled)======
r2 aawservice;ad-aware 2007 service; c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-03-19 607576]
r2 acdaemon;arcsoft connect daemon; c:\program files\common files\arcsoft\connection service\bin\acservice.exe [2008-02-22 104960]
r2 aswupdsv;avast! iavs4 control service; c:\program files\alwil software\avast4\aswupdsv.exe [2009-02-05 18752]
r2 avast! antivirus;avast! antivirus; c:\program files\alwil software\avast4\ashserv.exe [2009-02-05 138680]
r2 ezntsvc;easybits magic desktop services for windows nt; c:\windows\system32\ezntsvc.exe [2007-08-03 33792]
r2 hp health check service;hp health check service; c:\program files\hewlett-packard\hp health check\hphc_service.exe [2007-03-14 62984]
r2 hpqwmiex;hpqwmiex; c:\program files\hewlett-packard\shared\hpqwmiex.exe [2006-05-02 135168]
r2 lightscribeservice;lightscribeservice direct disc labeling service; c:\program files\common files\lightscribe\lssrvc.exe [2006-12-14 61440]
r2 mdm;machine debug manager; c:\program files\common files\microsoft shared\vs7debug\mdm.exe [2006-10-26 335872]
r2 seaport;seaport; c:\program files\microsoft\search enhancement pack\seaport\seaport.exe [2009-05-19 240512]
r2 tomtomhomeservice;tomtomhomeservice; c:\program files\tomtom home 2\tomtomhomeservice.exe [2009-04-08 92008]
r2 uxtuneup;@%systemroot%\system32\uxtuneup.dll,-4096; c:\windows\system32\svchost.exe [2008-01-19 21504]
r2 vsmon;truevector internet monitor; c:\windows\system32\zonelabs\vsmon.exe [2008-03-03 79400]
r2 wlidsvc;windows live id sign-in assistant; c:\program files\common files\microsoft shared\windows live\wlidsvc.exe [2009-03-30 1533808]
r2 xaudioservice;xaudioservice; c:\windows\system32\drivers\xaudio.exe [2007-07-10 386560]
r3 avast! mail scanner;avast! mail scanner; c:\program files\alwil software\avast4\ashmaisv.exe [2009-02-05 254040]
r3 avast! web scanner;avast! web scanner; c:\program files\alwil software\avast4\ashwebsv.exe [2009-02-05 352920]
s2 planificateur liveupdate automatique;planificateur liveupdate automatique; c:\program files\symantec\liveupdate\aluschedulersvc.exe []
s3 boonty games;boonty games; c:\program files\common files\boonty shared\service\boonty.exe [2008-08-18 69120]
s3 com4qlb;com4qlb; c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe [2007-03-05 110592]
s3 gusvc;google updater service; c:\program files\google\common\google updater\googleupdaterservice.exe [2007-08-16 138168]
s3 idrivert;installdriver table manager; c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe [2004-10-22 73728]
s3 odserv;microsoft office diagnostics service; c:\program files\common files\microsoft shared\office12\odserv.exe [2008-11-04 441712]
s3 ose;office source engine; c:\program files\common files\microsoft shared\source engine\ose.exe [2006-10-26 145184]
s3 roxmediadb9;roxmediadb9; c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe [2007-02-12 880640]
s3 servicelayer;servicelayer; c:\program files\pc connectivity solution\servicelayer.exe [2008-08-07 575488]
s3 stllssvr;stllssvr; c:\program files\common files\surething shared\stllssvr.exe [2007-02-17 74656]
s3 symantec core lc;symantec core lc; c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-04-25 1174664]
s3 tuneup.defrag;@%systemroot%\system32\tuneupdefragservice.exe,-1; c:\windows\system32\tuneupdefragservice.exe [2008-12-11 355584]
-----------------eof-----------------
bernard53
le 08 aout 2009 à 20h28
Laisse HijackThis et fait mes autres demandes s.t.p
fml
le 15 aout 2009 à 17h06
Le titre n'étant toujours pas corrigé, je ferme le sujet.
À PROPOS DU FORUM MICRO HEBDO
LES FORUMS THÉMATIQUES ET TECHNIQUES
- Matériels |
- Logiciels |
- Windows, Linux, Mac et les autres... |
- Questions techniques diverses |
- Internet, réseaux et high tech |
- Photo numérique
LES FORUMS GÉNÉRAUX
ARCHIVES DU FORUM
publicité
Messages des modérateurs
A lire aussi
À PROPOS DU FORUM MICRO HEBDO
LES FORUMS THÉMATIQUES ET TECHNIQUES
- outlook 2002
- Comment installer money 98 avec window XP
- Sauvegarde Money & Vista
- MONEY 2002
- Compatibilité Vista Money 2003 (RESOLU)
LES FORUMS GÉNÉRAUX
ARCHIVES DU FORUM
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Nous contacter
|
Charte de confiance
|
Voir notice légale
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
Tous droits réservés © 1999 - 2009 Internext - 01net.