LE NEWSMAGAZINE Nº1 DES NOUVELLES TECHNOLOGIES
134 utilisateurs connectés
Forum de Micro Hebdo / Windows, Linux, Mac et les autres... / Vista/ Explorateur windows a cessé de fonctionner
Explorateur windows a cessé de fonctionner
blueaddicted
le 20 mai 2009 à 20h42
Bonjour, Je suis sur Vista Home Premium et cet après-midi le revoilou le méchant:
"Explorateur windows a cessé de fonctionner" suivi du "Explorateur windows redémarre!"
Pourquoi? Je me le demande encore
. J'ai tout essayé: CCleaner, un scan de mon antivirus Nod32, une petite visite dans les paramètres de système avancé, rien n'y fait. 
Voilà le rapport:
Logfile of random's system information tool 1.06 (written by random/random)
Run by sejour at 2009-05-20 20:27:44
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 24 GB (27%) free of 86 GB
Total RAM: 1919 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:28:12, on 20/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkSrv.exe
C:\Program Files\TeamViewer3\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter3.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1173170792\ee\aolsoftware.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\msiUpdate.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\iPhoneRingToneMaker\iPhoneRingToneMaker.exe
C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\mmc.exe
C:\Windows\explorer.exe
C:\Users\sejour\Downloads\RSIT.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\sejour.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GroupManager] C:\Windows\msiUpdate.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: iPhoneRingToneMaker.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9a2935262f433) (gupdate1c9a2935262f433) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkSrv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe
--
End of file - 8933 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Extension de garantie.job
C:\Windows\tasks\GBM - Portable-Full.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\Recovery DVD Creator.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-11 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-20 4018176]
"HostManager"=C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe [2006-11-14 50736]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-19 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-19 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-19 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"GroupManager"=C:\Windows\msiUpdate.exe [2009-01-21 22528]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"Ask and Record FLV Service"=C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe [2009-03-10 156672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
C:\Users\sejour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
iPhoneRingToneMaker.lnk - C:\Program Files\iPhoneRingToneMaker\iPhoneRingToneMaker.exe
PdaNet Desktop.lnk - C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deffe938-0cee-11de-ac42-001a92202215}]
shell\AutoRun\command - G:\LaunchU3.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-20 20:27:44 ----D---- C:\rsit
2009-05-20 20:27:44 ----D---- C:\Program Files\trend micro
2009-05-20 13:36:43 ----D---- C:\Program Files\Enigma Software Group
2009-05-20 13:16:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-19 14:34:13 ----D---- C:\Users\sejour\AppData\Roaming\gtk-2.0
2009-05-19 13:52:30 ----D---- C:\Users\sejour\AppData\Roaming\deluge
2009-05-19 12:17:31 ----D---- C:\Program Files\Kommute
2009-05-18 10:50:21 ----D---- C:\Program Files\i2p
2009-05-18 09:57:15 ----A---- C:\Windows\GPInstall.exe
2009-05-17 23:18:47 ----A---- C:\ioSpecial.ini
2009-05-14 01:22:53 ----A---- C:\Windows\system32\msls31.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\ieui.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\icardie.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\corpol.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\admparse.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\imgutil.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\iernonce.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\webcheck.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\occache.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\msrating.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\inseng.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\iepeers.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\wextract.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\mstime.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\iesetup.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\ieakui.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\vbscript.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\jscript.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\advpack.dll
2009-05-14 01:22:48 ----A---- C:\Windows\system32\url.dll
2009-05-14 01:22:48 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-14 01:22:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\mshta.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\iexpress.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\wininet.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\iertutil.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-14 01:22:45 ----A---- C:\Windows\system32\urlmon.dll
2009-05-14 01:22:44 ----A---- C:\Windows\system32\ieframe.dll
2009-05-14 01:22:43 ----A---- C:\Windows\system32\mshtml.dll
2009-05-14 01:14:07 ----D---- C:\Program Files\Paragon Software
2009-05-13 13:16:10 ----D---- C:\ProgramData\Cobian
2009-05-12 18:50:05 ----D---- C:\ProgramData\Genie-Soft
2009-05-12 18:49:10 ----D---- C:\Users\sejour\AppData\Roaming\Genie-Soft
2009-05-12 18:01:10 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-05-12 16:52:08 ----D---- C:\New Folder 1
2009-05-12 11:08:21 ----D---- C:\Users\sejour\AppData\Roaming\Novosoft
2009-05-11 08:22:54 ----D---- C:\Users\sejour\AppData\Roaming\VMware
2009-05-09 21:58:55 ----D---- C:\ProgramData\VMware
2009-05-09 19:21:02 ----RSHD---- C:\BOOTWIZ
2009-05-08 18:50:10 ----D---- C:\Program Files\Common Files\Acronis
2009-05-08 18:50:10 ----D---- C:\Program Files\Acronis
2009-05-07 20:29:27 ----A---- C:\Windows\EuBcd.ini
2009-05-07 20:29:27 ----A---- C:\Windows\BcdLog.txt
2009-05-07 19:35:52 ----A---- C:\Windows\system32\EuEpmGdi.dll
2009-05-07 19:35:51 ----A---- C:\Windows\system32\BootMan.exe
2009-05-07 19:35:50 ----A---- C:\Windows\system32\setupempdrv03.exe
2009-05-07 19:35:35 ----D---- C:\Program Files\EASEUS
2009-05-07 18:56:43 ----D---- C:\Program Files\Lavalys
2009-05-05 18:17:37 ----D---- C:\Users\sejour\AppData\Roaming\eMusic
2009-05-05 18:17:25 ----D---- C:\Program Files\eMusic Download Manager
2009-04-27 16:52:52 ----D---- C:\Users\sejour\AppData\Roaming\GrabIt
2009-04-27 12:28:12 ----D---- C:\Users\sejour\AppData\Roaming\Xi
2009-04-27 12:22:12 ----D---- C:\Program Files\Xi
2009-04-27 12:18:34 ----D---- C:\Windows\Replay Converter 3
2009-04-27 12:17:28 ----A---- C:\Windows\iun6002.exe
2009-04-27 12:16:03 ----D---- C:\Program Files\Replay AV 8
2009-04-26 20:18:12 ----D---- C:\Windows\Replay Video Capture
2009-04-26 13:21:27 ----D---- C:\Program Files\AskBarDis
2009-04-26 13:20:50 ----D---- C:\Windows\Ask & Record Toolbar
2009-04-26 13:20:50 ----D---- C:\Program Files\Ask & Record Toolbar
2009-04-26 10:29:54 ----D---- C:\Program Files\Absolute Sound Recorder
2009-04-26 10:16:21 ----D---- C:\Program Files\Audacity
2009-04-26 00:26:01 ----D---- C:\Windows\Minidump
2009-04-25 10:59:37 ----D---- C:\Windows\system32\Samsung_USB_Drivers
======List of files/folders modified in the last 1 months======
2009-05-20 20:28:02 ----D---- C:\Windows\Prefetch
2009-05-20 20:27:53 ----D---- C:\Windows\Temp
2009-05-20 20:27:44 ----RD---- C:\Program Files
2009-05-20 18:18:22 ----D---- C:\Program Files\Mozilla Firefox
2009-05-20 18:17:02 ----D---- C:\Windows
2009-05-20 18:15:37 ----D---- C:\Windows\system32\drivers
2009-05-20 18:15:00 ----D---- C:\Windows\Tasks
2009-05-20 18:13:31 ----D---- C:\Users\sejour\AppData\Roaming\iPhoneRingToneMaker
2009-05-20 14:13:12 ----D---- C:\ProgramData\Google Updater
2009-05-20 14:03:41 ----SD---- C:\ProgramData\Microsoft
2009-05-20 13:36:49 ----D---- C:\Windows\system32\Tasks
2009-05-20 13:36:45 ----AD---- C:\Windows\System32
2009-05-20 13:14:00 ----D---- C:\Users\sejour\AppData\Roaming\uTorrent
2009-05-20 11:14:58 ----SHD---- C:\System Volume Information
2009-05-20 09:47:49 ----D---- C:\Windows\Logs
2009-05-18 19:22:40 ----SD---- C:\Users\sejour\AppData\Roaming\Microsoft
2009-05-17 20:44:55 ----D---- C:\Windows\inf
2009-05-17 20:44:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-17 16:20:06 ----D---- C:\Users\sejour\AppData\Roaming\DiskAid
2009-05-15 09:19:14 ----SHD---- C:\Windows\Installer
2009-05-15 09:18:52 ----D---- C:\Program Files\Google
2009-05-14 23:49:07 ----RSD---- C:\Windows\assembly
2009-05-14 23:49:03 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 09:31:01 ----D---- C:\Windows\rescache
2009-05-14 09:25:58 ----D---- C:\Windows\winsxs
2009-05-14 01:25:56 ----D---- C:\Program Files\Internet Explorer
2009-05-14 01:25:55 ----D---- C:\Windows\system32\fr-FR
2009-05-14 01:25:52 ----D---- C:\Windows\system32\migration
2009-05-14 01:25:52 ----D---- C:\Windows\system32\en-US
2009-05-14 01:25:52 ----D---- C:\Windows\PolicyDefinitions
2009-05-14 01:24:37 ----D---- C:\Windows\system32\catroot
2009-05-14 01:24:15 ----D---- C:\Windows\system32\catroot2
2009-05-14 01:20:43 ----D---- C:\Windows\Debug
2009-05-14 01:20:27 ----D---- C:\Program Files\Windows Mail
2009-05-14 01:15:11 ----DC---- C:\Windows\system32\DRVSTORE
2009-05-13 13:16:10 ----HD---- C:\ProgramData
2009-05-12 18:01:10 ----D---- C:\Program Files\Common Files
2009-05-11 23:15:55 ----D---- C:\Users\sejour\AppData\Roaming\OneSwarm
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-04 11:49:47 ----AD---- C:\ProgramData\TEMP
2009-05-02 23:49:34 ----D---- C:\Windows\system32\WDI
2009-04-30 18:49:59 ----D---- C:\Windows\system32\NDF
2009-04-29 16:30:27 ----D---- C:\Users\sejour\AppData\Roaming\dvdcss
2009-04-28 10:43:58 ----D---- C:\Program Files\OneSwarm
2009-04-27 12:08:48 ----D---- C:\Program Files\Safari
2009-04-25 11:41:57 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2008-09-26 129824]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2008-09-26 32048]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-12-21 509440]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-23 1652968]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-19 4447808]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam; C:\Windows\system32\DRIVERS\StkCMini.sys [2006-11-10 669568]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 NetBurn;Paragon NetBurning Driver; C:\Windows\system32\DRIVERS\NetBurn.sys [2008-06-07 84752]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-02-25 9728]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-02-25 3072]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06 36864]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2006-09-15 11520]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkSrv.exe [2006-09-07 24576]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Service.exe [2008-08-29 181544]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe []
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-11 234888]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate1c9a2935262f433;Service Google Update (gupdate1c9a2935262f433); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-11 182768]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-23 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Merci de m'aider.
répondre
bernard53
le 20 mai 2009 à 21h31
Télécharge >>OTMoveIt3<< (de Old_Timer) sur ton Bureau.
>> Pour VISTA : Clic-droit et choisis "Exécuter en tant qu'administrateur".
>> AVAST reconnait ce logiciel comme un intrus, donc le désactiver le temps des manipulations.
Double-clique sur OTMoveIt3.exe pour le lancer.
Copie la liste qui se trouve en citation ci-dessous:
:Processes
ASKUpgrade.exe
:Services
ASKUpgrade
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASKUpgrade]
:Files
C:\Program Files\AskBarDis
:Commands
[purity]
[emptytemp]
[Reboot]
et colle-la dans le cadre de gauche de OTMoveIt3
Clique sur
pour lancer la suppression. attendre la fin du travail de l'outil puis fermer OTMoveIt3.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.
Poste le rapport situé dans C:\_OTMoveIt\MovedFiles\*******_******.log
NB: Il te sera peut-être demandé de redémarrer le pc pour achever la suppression.
si c'est le cas accepte par Oui/Yes.
ensuite ceci.
Installe Malewarebytes' Antimalware,
Téléchargement et tuto
![[:fml:8]](/data/globaldata/usmilies/fml-8.gif "[:fml:8]")
Met-le à jour puis passe en mode sans échec : http://www.pcloisirs.eu/mode_sans_echec.htm
Choisi, Exécuter un examen complet (environ 1 à 2 heures)
Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.
Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui → choisissez Outils dans la barre de navigation sur la gauche → Résident et là vous pouvez décocher les cases situées devant les deux outils.
Nouveau rapport HijackThis après cela s.t.p -->Message édité par bernard53 le 20/05/2009 21:49:44<--
blueaddicted
le 20 mai 2009 à 22h12
========== PROCESSES ==========
Unable to kill process: ASKUpgrade.exe
========== SERVICES/DRIVERS ==========
Service\Driver ASKUpgrade deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASKUpgrade\\ not found.
========== FILES ==========
C:\Program Files\AskBarDis\bar\Settings moved successfully.
C:\Program Files\AskBarDis\bar\bin moved successfully.
C:\Program Files\AskBarDis\bar moved successfully.
C:\Program Files\AskBarDis moved successfully.
========== COMMANDS ==========
File delete failed. C:\Users\sejour\AppData\Local\Temp\etilqs_168nj6YCD5Ud4gahhddP scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Temp\~DFFE18.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Windows\temp\TMP000000513571412632C270E7 scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05202009_221043
Unable to kill process: ASKUpgrade.exe
========== SERVICES/DRIVERS ==========
Service\Driver ASKUpgrade deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ASKUpgrade\\ not found.
========== FILES ==========
C:\Program Files\AskBarDis\bar\Settings moved successfully.
C:\Program Files\AskBarDis\bar\bin moved successfully.
C:\Program Files\AskBarDis\bar moved successfully.
C:\Program Files\AskBarDis moved successfully.
========== COMMANDS ==========
File delete failed. C:\Users\sejour\AppData\Local\Temp\etilqs_168nj6YCD5Ud4gahhddP scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Temp\~DFFE18.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Windows\temp\TMP000000513571412632C270E7 scheduled to be deleted on reboot.
Windows Temp folder emptied.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Users\sejour\AppData\Local\Mozilla\Firefox\Profiles\i6c4gdsl.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05202009_221043
blueaddicted
le 21 mai 2009 à 11h27
Voici le rapport final après exécution de MAB en mode sans échec:
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2159
Windows 6.0.6001 Service Pack 1
21/05/2009 11:19:20
mbam-log-2009-05-21 (11-19-20).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 220019
Temps écoulé: 38 minute(s), 12 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GroupManager (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft IT Update (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft IT Update (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\msiUpdate.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2159
Windows 6.0.6001 Service Pack 1
21/05/2009 11:19:20
mbam-log-2009-05-21 (11-19-20).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 220019
Temps écoulé: 38 minute(s), 12 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GroupManager (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft IT Update (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft IT Update (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Windows\msiUpdate.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
blueaddicted
le 21 mai 2009 à 11h33
Et voici le rapport Hijackthis:
Logfile of random's system information tool 1.06 (written by random/random)
Run by sejour at 2009-05-21 11:31:42
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 23 GB (27%) free of 86 GB
Total RAM: 1919 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:32:06, on 21/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1173170792\ee\aolsoftware.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\iPhoneRingToneMaker\iPhoneRingToneMaker.exe
C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\sejour\Desktop\RSIT.exe
C:\Program Files\trend micro\sejour.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: iPhoneRingToneMaker.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9a2935262f433) (gupdate1c9a2935262f433) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkSrv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe
--
End of file - 7230 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Extension de garantie.job
C:\Windows\tasks\GBM - Portable-Full.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\Recovery DVD Creator.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-11 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-20 4018176]
"HostManager"=C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe [2006-11-14 50736]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-19 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-19 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-19 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"Ask and Record FLV Service"=C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe [2009-03-10 156672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
C:\Users\sejour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
iPhoneRingToneMaker.lnk - C:\Program Files\iPhoneRingToneMaker\iPhoneRingToneMaker.exe
PdaNet Desktop.lnk - C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deffe938-0cee-11de-ac42-001a92202215}]
shell\AutoRun\command - G:\LaunchU3.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-21 10:23:44 ----A---- C:\Windows\ntbtlog.txt
2009-05-20 22:46:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-20 22:10:43 ----D---- C:\_OTMoveIt
2009-05-20 20:27:44 ----D---- C:\rsit
2009-05-20 20:27:44 ----D---- C:\Program Files\trend micro
2009-05-20 13:36:43 ----D---- C:\Program Files\Enigma Software Group
2009-05-19 14:34:13 ----D---- C:\Users\sejour\AppData\Roaming\gtk-2.0
2009-05-19 13:52:30 ----D---- C:\Users\sejour\AppData\Roaming\deluge
2009-05-19 12:17:31 ----D---- C:\Program Files\Kommute
2009-05-18 10:50:21 ----D---- C:\Program Files\i2p
2009-05-18 09:57:15 ----A---- C:\Windows\GPInstall.exe
2009-05-17 23:18:47 ----A---- C:\ioSpecial.ini
2009-05-14 01:22:53 ----A---- C:\Windows\system32\msls31.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\ieui.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\icardie.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\corpol.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\admparse.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\imgutil.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\iernonce.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\webcheck.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\occache.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\msrating.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\inseng.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\iepeers.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\wextract.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\mstime.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\iesetup.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\ieakui.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\vbscript.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\jscript.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\advpack.dll
2009-05-14 01:22:48 ----A---- C:\Windows\system32\url.dll
2009-05-14 01:22:48 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-14 01:22:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\mshta.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\iexpress.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\wininet.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\iertutil.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-14 01:22:45 ----A---- C:\Windows\system32\urlmon.dll
2009-05-14 01:22:44 ----A---- C:\Windows\system32\ieframe.dll
2009-05-14 01:22:43 ----A---- C:\Windows\system32\mshtml.dll
2009-05-14 01:14:07 ----D---- C:\Program Files\Paragon Software
2009-05-13 13:16:10 ----D---- C:\ProgramData\Cobian
2009-05-12 18:50:05 ----D---- C:\ProgramData\Genie-Soft
2009-05-12 18:49:10 ----D---- C:\Users\sejour\AppData\Roaming\Genie-Soft
2009-05-12 18:01:10 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-05-12 16:52:08 ----D---- C:\New Folder 1
2009-05-12 11:08:21 ----D---- C:\Users\sejour\AppData\Roaming\Novosoft
2009-05-11 08:22:54 ----D---- C:\Users\sejour\AppData\Roaming\VMware
2009-05-09 21:58:55 ----D---- C:\ProgramData\VMware
2009-05-09 19:21:02 ----RSHD---- C:\BOOTWIZ
2009-05-08 18:50:10 ----D---- C:\Program Files\Common Files\Acronis
2009-05-08 18:50:10 ----D---- C:\Program Files\Acronis
2009-05-07 20:29:27 ----A---- C:\Windows\EuBcd.ini
2009-05-07 20:29:27 ----A---- C:\Windows\BcdLog.txt
2009-05-07 19:35:52 ----A---- C:\Windows\system32\EuEpmGdi.dll
2009-05-07 19:35:51 ----A---- C:\Windows\system32\BootMan.exe
2009-05-07 19:35:50 ----A---- C:\Windows\system32\setupempdrv03.exe
2009-05-07 19:35:35 ----D---- C:\Program Files\EASEUS
2009-05-07 18:56:43 ----D---- C:\Program Files\Lavalys
2009-05-05 18:17:37 ----D---- C:\Users\sejour\AppData\Roaming\eMusic
2009-05-05 18:17:25 ----D---- C:\Program Files\eMusic Download Manager
2009-04-27 16:52:52 ----D---- C:\Users\sejour\AppData\Roaming\GrabIt
2009-04-27 12:28:12 ----D---- C:\Users\sejour\AppData\Roaming\Xi
2009-04-27 12:22:12 ----D---- C:\Program Files\Xi
2009-04-27 12:18:34 ----D---- C:\Windows\Replay Converter 3
2009-04-27 12:17:28 ----A---- C:\Windows\iun6002.exe
2009-04-27 12:16:03 ----D---- C:\Program Files\Replay AV 8
2009-04-26 20:18:12 ----D---- C:\Windows\Replay Video Capture
2009-04-26 13:21:27 ----D---- C:\Program Files\AskBarDis
2009-04-26 13:20:50 ----D---- C:\Windows\Ask & Record Toolbar
2009-04-26 13:20:50 ----D---- C:\Program Files\Ask & Record Toolbar
2009-04-26 10:29:54 ----D---- C:\Program Files\Absolute Sound Recorder
2009-04-26 10:16:21 ----D---- C:\Program Files\Audacity
2009-04-26 00:26:01 ----D---- C:\Windows\Minidump
2009-04-25 10:59:37 ----D---- C:\Windows\system32\Samsung_USB_Drivers
======List of files/folders modified in the last 1 months======
2009-05-21 11:31:52 ----D---- C:\Windows\Temp
2009-05-21 11:23:43 ----D---- C:\Windows\Tasks
2009-05-21 11:21:50 ----D---- C:\Users\sejour\AppData\Roaming\iPhoneRingToneMaker
2009-05-21 11:21:00 ----RD---- C:\Program Files
2009-05-21 11:21:00 ----D---- C:\Windows\system32\drivers
2009-05-21 11:19:20 ----D---- C:\Windows
2009-05-20 23:36:09 ----D---- C:\Windows\system32\config
2009-05-20 23:36:03 ----D---- C:\Windows\system32\Tasks
2009-05-20 23:36:03 ----D---- C:\Windows\system32\spool
2009-05-20 23:36:03 ----D---- C:\Windows\system32\Msdtc
2009-05-20 23:36:03 ----D---- C:\Windows\system32\CodeIntegrity
2009-05-20 23:36:03 ----D---- C:\Windows\system32\catroot2
2009-05-20 23:36:03 ----D---- C:\Windows\inf
2009-05-20 23:36:03 ----D---- C:\Users\sejour\AppData\Roaming\uTorrent
2009-05-20 23:36:03 ----AD---- C:\Windows\System32
2009-05-20 23:36:00 ----D---- C:\Windows\system32\wbem
2009-05-20 23:36:00 ----D---- C:\Windows\registration
2009-05-20 23:34:28 ----SHD---- C:\System Volume Information
2009-05-20 23:30:09 ----D---- C:\Users\sejour\AppData\Roaming\vlc
2009-05-20 22:39:59 ----D---- C:\ProgramData\Google Updater
2009-05-20 22:39:47 ----D---- C:\Windows\Prefetch
2009-05-20 22:25:24 ----D---- C:\Program Files\Mozilla Firefox
2009-05-20 14:03:41 ----SD---- C:\ProgramData\Microsoft
2009-05-20 09:47:49 ----D---- C:\Windows\Logs
2009-05-18 19:22:40 ----SD---- C:\Users\sejour\AppData\Roaming\Microsoft
2009-05-17 20:44:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-17 16:20:06 ----D---- C:\Users\sejour\AppData\Roaming\DiskAid
2009-05-15 09:19:14 ----SHD---- C:\Windows\Installer
2009-05-15 09:18:52 ----D---- C:\Program Files\Google
2009-05-14 23:49:07 ----RSD---- C:\Windows\assembly
2009-05-14 23:49:03 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 09:31:01 ----D---- C:\Windows\rescache
2009-05-14 09:25:58 ----D---- C:\Windows\winsxs
2009-05-14 01:25:56 ----D---- C:\Program Files\Internet Explorer
2009-05-14 01:25:55 ----D---- C:\Windows\system32\fr-FR
2009-05-14 01:25:52 ----D---- C:\Windows\system32\migration
2009-05-14 01:25:52 ----D---- C:\Windows\system32\en-US
2009-05-14 01:25:52 ----D---- C:\Windows\PolicyDefinitions
2009-05-14 01:24:37 ----D---- C:\Windows\system32\catroot
2009-05-14 01:20:43 ----D---- C:\Windows\Debug
2009-05-14 01:20:27 ----D---- C:\Program Files\Windows Mail
2009-05-14 01:15:11 ----DC---- C:\Windows\system32\DRVSTORE
2009-05-13 13:16:10 ----HD---- C:\ProgramData
2009-05-12 18:01:10 ----D---- C:\Program Files\Common Files
2009-05-11 23:15:55 ----D---- C:\Users\sejour\AppData\Roaming\OneSwarm
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-04 11:49:47 ----AD---- C:\ProgramData\TEMP
2009-05-02 23:49:34 ----D---- C:\Windows\system32\WDI
2009-04-30 18:49:59 ----D---- C:\Windows\system32\NDF
2009-04-29 16:30:27 ----D---- C:\Users\sejour\AppData\Roaming\dvdcss
2009-04-28 10:43:58 ----D---- C:\Program Files\OneSwarm
2009-04-27 12:08:48 ----D---- C:\Program Files\Safari
2009-04-25 11:41:57 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2008-09-26 129824]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2008-09-26 32048]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-12-21 509440]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-23 1652968]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-19 4447808]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam; C:\Windows\system32\DRIVERS\StkCMini.sys [2006-11-10 669568]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 NetBurn;Paragon NetBurning Driver; C:\Windows\system32\DRIVERS\NetBurn.sys [2008-06-07 84752]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-02-25 9728]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-02-25 3072]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06 36864]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2006-09-15 11520]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkSrv.exe [2006-09-07 24576]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Service.exe [2008-08-29 181544]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe []
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-11 234888]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate1c9a2935262f433;Service Google Update (gupdate1c9a2935262f433); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-11 182768]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-23 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by sejour at 2009-05-21 11:31:42
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 23 GB (27%) free of 86 GB
Total RAM: 1919 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:32:06, on 21/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\aol\1173170792\ee\aolsoftware.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\iPhoneRingToneMaker\iPhoneRingToneMaker.exe
C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\sejour\Desktop\RSIT.exe
C:\Program Files\trend micro\sejour.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: iPhoneRingToneMaker.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9a2935262f433) (gupdate1c9a2935262f433) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkSrv.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Service.exe
--
End of file - 7230 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Extension de garantie.job
C:\Windows\tasks\GBM - Portable-Full.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\Recovery DVD Creator.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-11 657904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-02-11 365960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-20 4018176]
"HostManager"=C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe [2006-11-14 50736]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-19 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-19 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-19 81920]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"Ask and Record FLV Service"=C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe [2009-03-10 156672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
C:\Users\sejour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
iPhoneRingToneMaker.lnk - C:\Program Files\iPhoneRingToneMaker\iPhoneRingToneMaker.exe
PdaNet Desktop.lnk - C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{deffe938-0cee-11de-ac42-001a92202215}]
shell\AutoRun\command - G:\LaunchU3.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-21 10:23:44 ----A---- C:\Windows\ntbtlog.txt
2009-05-20 22:46:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-20 22:10:43 ----D---- C:\_OTMoveIt
2009-05-20 20:27:44 ----D---- C:\rsit
2009-05-20 20:27:44 ----D---- C:\Program Files\trend micro
2009-05-20 13:36:43 ----D---- C:\Program Files\Enigma Software Group
2009-05-19 14:34:13 ----D---- C:\Users\sejour\AppData\Roaming\gtk-2.0
2009-05-19 13:52:30 ----D---- C:\Users\sejour\AppData\Roaming\deluge
2009-05-19 12:17:31 ----D---- C:\Program Files\Kommute
2009-05-18 10:50:21 ----D---- C:\Program Files\i2p
2009-05-18 09:57:15 ----A---- C:\Windows\GPInstall.exe
2009-05-17 23:18:47 ----A---- C:\ioSpecial.ini
2009-05-14 01:22:53 ----A---- C:\Windows\system32\msls31.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\ieui.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\icardie.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\corpol.dll
2009-05-14 01:22:53 ----A---- C:\Windows\system32\admparse.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\imgutil.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\iernonce.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-14 01:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\webcheck.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\occache.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\msrating.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\inseng.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\iepeers.dll
2009-05-14 01:22:51 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\wextract.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\mstime.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-14 01:22:50 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\iesetup.dll
2009-05-14 01:22:50 ----A---- C:\Windows\system32\ieakui.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\vbscript.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\jscript.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-14 01:22:49 ----A---- C:\Windows\system32\advpack.dll
2009-05-14 01:22:48 ----A---- C:\Windows\system32\url.dll
2009-05-14 01:22:48 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-14 01:22:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\mshta.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\iexpress.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-14 01:22:47 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\wininet.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\iertutil.dll
2009-05-14 01:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-14 01:22:45 ----A---- C:\Windows\system32\urlmon.dll
2009-05-14 01:22:44 ----A---- C:\Windows\system32\ieframe.dll
2009-05-14 01:22:43 ----A---- C:\Windows\system32\mshtml.dll
2009-05-14 01:14:07 ----D---- C:\Program Files\Paragon Software
2009-05-13 13:16:10 ----D---- C:\ProgramData\Cobian
2009-05-12 18:50:05 ----D---- C:\ProgramData\Genie-Soft
2009-05-12 18:49:10 ----D---- C:\Users\sejour\AppData\Roaming\Genie-Soft
2009-05-12 18:01:10 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-05-12 16:52:08 ----D---- C:\New Folder 1
2009-05-12 11:08:21 ----D---- C:\Users\sejour\AppData\Roaming\Novosoft
2009-05-11 08:22:54 ----D---- C:\Users\sejour\AppData\Roaming\VMware
2009-05-09 21:58:55 ----D---- C:\ProgramData\VMware
2009-05-09 19:21:02 ----RSHD---- C:\BOOTWIZ
2009-05-08 18:50:10 ----D---- C:\Program Files\Common Files\Acronis
2009-05-08 18:50:10 ----D---- C:\Program Files\Acronis
2009-05-07 20:29:27 ----A---- C:\Windows\EuBcd.ini
2009-05-07 20:29:27 ----A---- C:\Windows\BcdLog.txt
2009-05-07 19:35:52 ----A---- C:\Windows\system32\EuEpmGdi.dll
2009-05-07 19:35:51 ----A---- C:\Windows\system32\BootMan.exe
2009-05-07 19:35:50 ----A---- C:\Windows\system32\setupempdrv03.exe
2009-05-07 19:35:35 ----D---- C:\Program Files\EASEUS
2009-05-07 18:56:43 ----D---- C:\Program Files\Lavalys
2009-05-05 18:17:37 ----D---- C:\Users\sejour\AppData\Roaming\eMusic
2009-05-05 18:17:25 ----D---- C:\Program Files\eMusic Download Manager
2009-04-27 16:52:52 ----D---- C:\Users\sejour\AppData\Roaming\GrabIt
2009-04-27 12:28:12 ----D---- C:\Users\sejour\AppData\Roaming\Xi
2009-04-27 12:22:12 ----D---- C:\Program Files\Xi
2009-04-27 12:18:34 ----D---- C:\Windows\Replay Converter 3
2009-04-27 12:17:28 ----A---- C:\Windows\iun6002.exe
2009-04-27 12:16:03 ----D---- C:\Program Files\Replay AV 8
2009-04-26 20:18:12 ----D---- C:\Windows\Replay Video Capture
2009-04-26 13:21:27 ----D---- C:\Program Files\AskBarDis
2009-04-26 13:20:50 ----D---- C:\Windows\Ask & Record Toolbar
2009-04-26 13:20:50 ----D---- C:\Program Files\Ask & Record Toolbar
2009-04-26 10:29:54 ----D---- C:\Program Files\Absolute Sound Recorder
2009-04-26 10:16:21 ----D---- C:\Program Files\Audacity
2009-04-26 00:26:01 ----D---- C:\Windows\Minidump
2009-04-25 10:59:37 ----D---- C:\Windows\system32\Samsung_USB_Drivers
======List of files/folders modified in the last 1 months======
2009-05-21 11:31:52 ----D---- C:\Windows\Temp
2009-05-21 11:23:43 ----D---- C:\Windows\Tasks
2009-05-21 11:21:50 ----D---- C:\Users\sejour\AppData\Roaming\iPhoneRingToneMaker
2009-05-21 11:21:00 ----RD---- C:\Program Files
2009-05-21 11:21:00 ----D---- C:\Windows\system32\drivers
2009-05-21 11:19:20 ----D---- C:\Windows
2009-05-20 23:36:09 ----D---- C:\Windows\system32\config
2009-05-20 23:36:03 ----D---- C:\Windows\system32\Tasks
2009-05-20 23:36:03 ----D---- C:\Windows\system32\spool
2009-05-20 23:36:03 ----D---- C:\Windows\system32\Msdtc
2009-05-20 23:36:03 ----D---- C:\Windows\system32\CodeIntegrity
2009-05-20 23:36:03 ----D---- C:\Windows\system32\catroot2
2009-05-20 23:36:03 ----D---- C:\Windows\inf
2009-05-20 23:36:03 ----D---- C:\Users\sejour\AppData\Roaming\uTorrent
2009-05-20 23:36:03 ----AD---- C:\Windows\System32
2009-05-20 23:36:00 ----D---- C:\Windows\system32\wbem
2009-05-20 23:36:00 ----D---- C:\Windows\registration
2009-05-20 23:34:28 ----SHD---- C:\System Volume Information
2009-05-20 23:30:09 ----D---- C:\Users\sejour\AppData\Roaming\vlc
2009-05-20 22:39:59 ----D---- C:\ProgramData\Google Updater
2009-05-20 22:39:47 ----D---- C:\Windows\Prefetch
2009-05-20 22:25:24 ----D---- C:\Program Files\Mozilla Firefox
2009-05-20 14:03:41 ----SD---- C:\ProgramData\Microsoft
2009-05-20 09:47:49 ----D---- C:\Windows\Logs
2009-05-18 19:22:40 ----SD---- C:\Users\sejour\AppData\Roaming\Microsoft
2009-05-17 20:44:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-17 16:20:06 ----D---- C:\Users\sejour\AppData\Roaming\DiskAid
2009-05-15 09:19:14 ----SHD---- C:\Windows\Installer
2009-05-15 09:18:52 ----D---- C:\Program Files\Google
2009-05-14 23:49:07 ----RSD---- C:\Windows\assembly
2009-05-14 23:49:03 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 09:31:01 ----D---- C:\Windows\rescache
2009-05-14 09:25:58 ----D---- C:\Windows\winsxs
2009-05-14 01:25:56 ----D---- C:\Program Files\Internet Explorer
2009-05-14 01:25:55 ----D---- C:\Windows\system32\fr-FR
2009-05-14 01:25:52 ----D---- C:\Windows\system32\migration
2009-05-14 01:25:52 ----D---- C:\Windows\system32\en-US
2009-05-14 01:25:52 ----D---- C:\Windows\PolicyDefinitions
2009-05-14 01:24:37 ----D---- C:\Windows\system32\catroot
2009-05-14 01:20:43 ----D---- C:\Windows\Debug
2009-05-14 01:20:27 ----D---- C:\Program Files\Windows Mail
2009-05-14 01:15:11 ----DC---- C:\Windows\system32\DRVSTORE
2009-05-13 13:16:10 ----HD---- C:\ProgramData
2009-05-12 18:01:10 ----D---- C:\Program Files\Common Files
2009-05-11 23:15:55 ----D---- C:\Users\sejour\AppData\Roaming\OneSwarm
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-04 11:49:47 ----AD---- C:\ProgramData\TEMP
2009-05-02 23:49:34 ----D---- C:\Windows\system32\WDI
2009-04-30 18:49:59 ----D---- C:\Windows\system32\NDF
2009-04-29 16:30:27 ----D---- C:\Users\sejour\AppData\Roaming\dvdcss
2009-04-28 10:43:58 ----D---- C:\Program Files\OneSwarm
2009-04-27 12:08:48 ----D---- C:\Program Files\Safari
2009-04-25 11:41:57 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2008-09-26 129824]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2008-09-26 32048]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-12-21 509440]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-23 1652968]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-19 4447808]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
R3 StkCMini;Syntek AVStream USB2.0 VGA WebCam; C:\Windows\system32\DRIVERS\StkCMini.sys [2006-11-10 669568]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 NetBurn;Paragon NetBurning Driver; C:\Windows\system32\DRIVERS\NetBurn.sys [2008-06-07 84752]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-02-25 9728]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-02-25 3072]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-06 36864]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-01 33588]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2006-09-15 11520]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-20 90112]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkSrv.exe [2006-09-07 24576]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Service.exe [2008-08-29 181544]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe []
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-11 234888]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate1c9a2935262f433;Service Google Update (gupdate1c9a2935262f433); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-11 182768]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-23 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
blueaddicted
le 21 mai 2009 à 11h37
Mais hélas 
rien n'a changé!! 
rien n'a changé!!
blueaddicted
le 21 mai 2009 à 22h37
Personne pour m'aider?SVP! 
bernard53
le 22 mai 2009 à 13h22
Désolé mais hier j'étais absent.
Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173170792\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /run
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - Startup: iPhoneRingToneMaker.lnk = ?
O4 - Startup: PdaNet Desktop.lnk = C:\Program Files\PdaNet for iPhone\PdaNetPC.exe
Après cela dis moi si cela vas mieux.
À PROPOS DU FORUM MICRO HEBDO
LES FORUMS THÉMATIQUES ET TECHNIQUES
- Matériels |
- Logiciels |
- Windows, Linux, Mac et les autres... |
- Questions techniques diverses |
- Internet, réseaux et high tech |
- Photo numérique
LES FORUMS GÉNÉRAUX
ARCHIVES DU FORUM
publicité
Messages des modérateurs
A lire aussi
À PROPOS DU FORUM MICRO HEBDO
- windows titanium
- erreur windows
- redemarer et rebooter windows 98
- Sujet du message: probleme réinstallation windows
- Horloge Windows
LES FORUMS THÉMATIQUES ET TECHNIQUES
- perte de photos dans WINDOWS XP (resolu)
- internet explorer a cessé de fonctionner
- COM Surrogate a cessé de fonctionner [Résolu]
- Q-DIR un remarquable explorateur Windows
- Windows Live Communications Platform a cessé de fonctionner
LES FORUMS GÉNÉRAUX
- Acheter un PC sans Windows ? c'est possible
- [forum] pourquoi [s]Windows[/s] et les autres?
- Quel Windows as-tu déjà utilisé avant Windows XP et Vista ?
- trouver une formation windows avancée
- "le Conseiller Windows".........
ARCHIVES DU FORUM
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Nous contacter
|
Charte de confiance
|
Voir notice légale
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
01net. - 01men - RMC - BFM Radio - BFM TV - TousLesPodcasts - 01informatique.fr - Association RMC-BFM
Tous droits réservés © 1999 - 2009 Internext - 01net.