nos newsletters
Lisez 01net pour 2,45 € / n° seulement
|
Avis sur les produits
|
 |
Avis sur les logiciels
|
|
Avis sur les jeux
|
|
Actualités
|
|
Micro Hebdo
|
|
L'Ordinateur Individuel
|
|
01net
|
|
A propos des forums
|
Infection VBS Malware et... - FORUMS 01net.
8 réponses / 1450 vues
Auteur
le 30/11/2009 21h31
Bonjour à tous,
comme indiqué dans le titre je suis infecté par
- VBS : Malware-gen
- Win32 : Mabezat
détectés par Avast
Initialement mon pc ne pouvait même pas démarrer en mode normal, j ai donc lancé plusieurs logiciels dont MalwareBytes, AdAware, Spybot,.. qui m ont permis d avoir de nouveau accès a mon pc en mode normal. Seulement l infection est toujours présente et il suffit que je démarre le bouclier résident d Avast pour que des messages apparaissent toutes les 2 secondes !
Si vous pouviez m aider à éradiquer totalement cette infection je vous en serais reconnaissant.
Merci d avance.
comme indiqué dans le titre je suis infecté par
- VBS : Malware-gen
- Win32 : Mabezat
détectés par Avast
Initialement mon pc ne pouvait même pas démarrer en mode normal, j ai donc lancé plusieurs logiciels dont MalwareBytes, AdAware, Spybot,.. qui m ont permis d avoir de nouveau accès a mon pc en mode normal. Seulement l infection est toujours présente et il suffit que je démarre le bouclier résident d Avast pour que des messages apparaissent toutes les 2 secondes !
Si vous pouviez m aider à éradiquer totalement cette infection je vous en serais reconnaissant.
Merci d avance.
Auteur
le 30/11/2009 21h39
Bonsoir!
J'aurais besoin du rapport de scan de malwarebytes', tu peux l'obtenir en lançant ce dernier et en te rendant dans l'onglet rapports/log
Et une fois que tu l'aurais, poste en même temps un hijack:
Télécharge sur le bureau « Hijackthis »
* Double-clic dessus
* Clic « Do a system scan and save a logfile »
* Copier le rapport, le coller dans la réponse
J'aurais besoin du rapport de scan de malwarebytes', tu peux l'obtenir en lançant ce dernier et en te rendant dans l'onglet rapports/log
Et une fois que tu l'aurais, poste en même temps un hijack:
Télécharge sur le bureau « Hijackthis »
* Double-clic dessus
* Clic « Do a system scan and save a logfile »
* Copier le rapport, le coller dans la réponse
Auteur
le 30/11/2009 23h04
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3263
Windows 5.1.2600 Service Pack 3
30/11/2009 22:20:48
mbam-log-2009-11-30 (22-20-48).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 171313
Temps écoulé: 29 minute(s), 12 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
C:\Documents and Settings\tazebama.dl_ (Worm.Mabezat) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\tazebama.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP22\A0006213.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP22\A0006214.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011976.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\benoît POMERAT\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\hook.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\tazebama.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\autorun.inf (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\zPharaoh.exe (Worm.Mabezat) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:20, on 30/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\Program Files\s3graphics\chrome3\s3loadsv.svc
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\s3graphics\chrome3\Chrome3.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\tazebama.dl_
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Documents and Settings\benoît POMERAT\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [VTTimer] ;;;VTTimer.exe
O4 - HKLM\..\Run: [Chrome3] C:\Program Files\s3graphics\chrome3\Chrome3.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
--
End of file - 8645 bytes
Version de la base de données: 3263
Windows 5.1.2600 Service Pack 3
30/11/2009 22:20:48
mbam-log-2009-11-30 (22-20-48).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 171313
Temps écoulé: 29 minute(s), 12 second(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
C:\Documents and Settings\tazebama.dl_ (Worm.Mabezat) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Documents and Settings\tazebama.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP22\A0006213.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP22\A0006214.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011976.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\benoît POMERAT\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\hook.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\tazebama.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\autorun.inf (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\zPharaoh.exe (Worm.Mabezat) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:20, on 30/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\Program Files\s3graphics\chrome3\s3loadsv.svc
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\s3graphics\chrome3\Chrome3.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\tazebama.dl_
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Documents and Settings\benoît POMERAT\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [VTTimer] ;;;VTTimer.exe
O4 - HKLM\..\Run: [Chrome3] C:\Program Files\s3graphics\chrome3\Chrome3.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
--
End of file - 8645 bytes
Auteur
le 01/12/2009 10h14
Il te reste encore une infection, ainsi qu'une infection usb:
* Désactive l'antivirus
Télécharger et enregistrer sur le bureau « Combofix »
* Double-clic sur « Combofix »
** Si invitation à télécharger et installer la console de récupération, l'accepter
* La recherche va ensuite se lancer
* Attendre la fermeture de l’outil ( 5 à 10 mn)
* Copier/coller le rapport dans la réponse
* Un rapport dans C:\Combofix.txt à mettre dans la réponse
* Qoobox dans C:\ à supprimer
Et pour l'infection USB:
Télécharger sur le bureau « UsbFix »
* Double-cliquez sur « UsbFix.exe » qui vient d'apparaître sur le bureau
* Taper « F » pour la languea française, puis valider
* Choisir l'option « 1 », et valider par « entrée »
* Quand le message vous y invite, Connecter au pc, clé USB, DD externes, susceptibles d'avoir été infectés, sans les ouvrir
** Note: Le menu Démarrer et les icônes vont disparaitrent
* La recherche s'effectue, cela peut prendre plusieurs minutes, ne touchez à rien
* Une fois l'analyse terminé, un rapport de scan vous est proposé... appuyez sur une touche pour ouvrir ce rapport.
* Copier/coller le rapport dans la réponse
----
* Double-cliquez sur « UsbFix.exe »
* Taper « F » pour la langue française, puis valider
* Choisir l'option « 2 », et valider par « entrée »
* Quand le message vous y invite, Connecter au pc, clé USB, DD externes, susceptibles d'avoir été infectés, sans les ouvrir
** Note: Le menu Démarrer et les icônes vont disparaitrent
* La supression s'effectue, l'ordinateur redémarrera automatiquement
* Au redémarrage usbfix se relance
** Note: Le processus d enettoyage peut-être long, soyez patient. Votre bureau ne sera pas accessible, c'est normal.
* Une fois l'analyse terminé, un rapport de scan vous est proposé... appuyez sur une touche pour ouvrir ce rapport.
* Copier/coller le rapport dans la réponse
===
En enfin pour vérifier que tout est clean:
Télécharge sur le bureau « RSIT »
* Double-clic dessus
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller le rapport « log.txt » dans la réponse, fermer l'autre
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
* Désactive l'antivirus
Télécharger et enregistrer sur le bureau « Combofix »
* Double-clic sur « Combofix »
** Si invitation à télécharger et installer la console de récupération, l'accepter
* La recherche va ensuite se lancer
* Attendre la fermeture de l’outil ( 5 à 10 mn)
* Copier/coller le rapport dans la réponse
* Un rapport dans C:\Combofix.txt à mettre dans la réponse
* Qoobox dans C:\ à supprimer
Et pour l'infection USB:
Télécharger sur le bureau « UsbFix »
* Double-cliquez sur « UsbFix.exe » qui vient d'apparaître sur le bureau
* Taper « F » pour la languea française, puis valider
* Choisir l'option « 1 », et valider par « entrée »
* Quand le message vous y invite, Connecter au pc, clé USB, DD externes, susceptibles d'avoir été infectés, sans les ouvrir
** Note: Le menu Démarrer et les icônes vont disparaitrent
* La recherche s'effectue, cela peut prendre plusieurs minutes, ne touchez à rien
* Une fois l'analyse terminé, un rapport de scan vous est proposé... appuyez sur une touche pour ouvrir ce rapport.
* Copier/coller le rapport dans la réponse
----
* Double-cliquez sur « UsbFix.exe »
* Taper « F » pour la langue française, puis valider
* Choisir l'option « 2 », et valider par « entrée »
* Quand le message vous y invite, Connecter au pc, clé USB, DD externes, susceptibles d'avoir été infectés, sans les ouvrir
** Note: Le menu Démarrer et les icônes vont disparaitrent
* La supression s'effectue, l'ordinateur redémarrera automatiquement
* Au redémarrage usbfix se relance
** Note: Le processus d enettoyage peut-être long, soyez patient. Votre bureau ne sera pas accessible, c'est normal.
* Une fois l'analyse terminé, un rapport de scan vous est proposé... appuyez sur une touche pour ouvrir ce rapport.
* Copier/coller le rapport dans la réponse
===
En enfin pour vérifier que tout est clean:
Télécharge sur le bureau « RSIT »
* Double-clic dessus
* Laisser « 1 month »
* Cliquer sur « Continue »
* À la fin du scan 2 rapports sont créés: « log.txt » et « info.txt »
* Copier/coller le rapport « log.txt » dans la réponse, fermer l'autre
** Note: les rapports se situent aussi dans « C:\rsit\log.txt » et « C:\rsit\info.txt »
Message édité par totoftotof le 01/12/2009 14:20:11
Auteur
le 01/12/2009 21h34
ComboFix 09-12-01.01 - benoît POMERAT 01/12/2009 19:07.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.894.322 [GMT 1:00]
Lancé depuis: c:\documents and settings\benoît POMERAT\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091201-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
c:\recycler\S-1-5-21-1123561945-920026266-1177238915-1003
c:\windows\msetup
c:\windows\msetup\MSetup.exe
C:\zPharaoh.exe
D:\zPharaoh.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-01 au 2009-12-01 ))))))))))))))))))))))))))))))))))))
.
2009-11-30 22:00 . 2009-11-30 22:00 0 ----a-w- c:\windows\nsreg.dat
2009-11-30 21:45 . 2009-12-01 18:00 32768 ----a-w- c:\documents and settings\tazebama.dll
2009-11-30 09:03 . 2009-11-30 09:03 -------- d-----w- c:\program files\RegistryBooster
2009-11-30 06:56 . 2009-11-30 06:06 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-30 06:05 . 2009-11-30 06:05 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-30 06:05 . 2009-11-30 06:05 5908024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-11-30 06:05 . 2009-11-30 06:05 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-11-30 06:05 . 2009-11-30 06:05 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-11-30 06:05 . 2009-11-30 06:05 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-11-30 06:05 . 2009-11-30 06:05 641632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-30 06:04 . 2009-11-30 06:05 816272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-11-30 06:04 . 2009-11-30 06:04 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-11-30 06:04 . 2009-11-30 06:04 1638640 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-11-30 06:04 . 2009-11-30 06:04 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-11-30 06:04 . 2009-11-30 06:04 1184912 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-11-30 06:03 . 2009-11-30 18:41 3081375 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-30 06:02 . 2009-11-30 06:02 -------- d-----w- c:\program files\Lavasoft
2009-11-30 06:02 . 2009-11-30 06:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-30 06:00 . 2009-11-30 06:00 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn
2009-11-30 06:00 . 2009-11-30 06:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ICS
2009-11-30 06:00 . 2009-09-28 18:34 83288 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2009-11-30 06:00 . 2009-09-28 18:34 47416 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2009-11-30 06:00 . 2009-09-28 18:34 28984 ----a-w- c:\windows\system32\LMIport.dll
2009-11-30 06:00 . 2008-08-11 11:41 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2009-11-30 06:00 . 2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
2009-11-30 05:59 . 2009-11-30 23:15 -------- d-----w- c:\program files\LogMeIn
2009-11-29 22:45 . 2009-11-30 07:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-11-29 22:45 . 2009-11-29 22:45 -------- d-----w- c:\program files\Yahoo!
2009-11-29 22:45 . 2009-11-29 22:45 -------- d-----w- c:\program files\CCleaner
2009-11-29 22:33 . 2009-11-29 22:33 164 ----a-w- c:\windows\install.dat
2009-11-29 22:08 . 2009-11-30 06:03 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-29 21:37 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-29 21:37 . 2009-11-29 21:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-29 21:37 . 2009-11-29 21:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-29 21:37 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-29 20:01 . 2009-11-29 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-29 20:01 . 2009-11-29 20:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-29 16:33 . 2009-11-29 16:33 -------- d-----w- c:\documents and settings\SYSTEM
2009-11-29 11:23 . 2009-11-29 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-11-29 11:23 . 2009-11-29 11:23 -------- d-----w- c:\program files\McAfee Security Scan
2009-11-29 11:23 . 2009-11-29 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-29 11:23 . 2009-11-29 16:42 -------- d-----w- c:\program files\NOS
2009-11-19 07:43 . 2009-11-19 07:43 -------- d-----w- C:\BrowserPlusPlugins
2009-11-14 18:33 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-14 18:33 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-14 18:33 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-14 18:33 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-14 18:33 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-14 18:33 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-14 18:33 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-14 18:33 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-14 18:32 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-14 18:32 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-14 18:32 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-14 18:32 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-11-14 18:32 . 2009-11-14 18:32 -------- d-----w- c:\program files\Alwil Software
2009-11-14 16:47 . 2009-03-24 15:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-10 17:26 . 2009-11-10 17:26 -------- d-----w- c:\documents and settings\amis\Bluetooth Software
2009-11-09 17:22 . 2009-11-09 17:22 -------- d-----w- c:\program files\Marvell
2009-11-08 15:31 . 2009-11-08 15:31 -------- d-----w- c:\documents and settings\caroline POMERAT\Application Data\dvdcss
2009-11-08 15:24 . 2009-11-08 15:56 -------- d-----w- c:\documents and settings\caroline POMERAT\Application Data\vlc
2009-11-05 10:03 . 2009-11-05 10:03 -------- d-----w- c:\windows\Sun
2009-11-05 10:02 . 2009-11-05 10:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-03 16:45 . 2009-11-03 16:45 -------- d-sh--w- c:\documents and settings\caroline POMERAT\PrivacIE
2009-11-03 16:44 . 2009-11-03 16:44 -------- d-sh--w- c:\documents and settings\caroline POMERAT\IETldCache
2009-11-03 11:26 . 2009-11-03 11:26 -------- d-----w- c:\windows\ie8updates
2009-11-03 08:20 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-03 08:20 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-03 08:20 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-03 08:20 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-03 08:20 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-03 08:20 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-03 08:20 . 2009-11-03 08:20 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-11-03 08:20 . 2009-11-03 08:20 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-11-03 08:20 . 2009-11-03 08:20 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-11-02 12:29 . 2009-11-02 12:29 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-11-02 11:30 . 2009-11-02 11:30 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-11-02 10:09 . 2009-11-02 10:09 -------- d-----w- c:\program files\VideoLAN
2009-11-02 09:22 . 2009-11-02 09:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-11-02 08:27 . 2009-11-02 08:29 -------- dc-h--w- c:\windows\ie8
2009-11-02 07:38 . 2009-03-26 15:37 409600 ----a-w- c:\windows\system32\s3iset32_2_00_96.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-30 19:09 . 2009-03-27 18:50 2864 ----a-w- c:\windows\system32\winsock.dll
2009-11-29 11:25 . 2009-03-27 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-11-21 17:32 . 2009-03-27 12:26 -------- d-----w- c:\program files\Samsung
2009-11-21 17:32 . 2009-03-27 12:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-11 12:32 . 2009-03-27 18:50 368314 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-11 12:32 . 2009-03-27 18:50 49054 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-09 19:15 . 2009-10-29 12:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore
2009-11-05 10:02 . 2009-03-27 12:23 -------- d-----w- c:\program files\Java
2009-10-31 07:52 . 2009-10-31 07:52 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SACore
2009-10-29 17:16 . 2009-10-29 17:16 43200 ----a-w- c:\documents and settings\caroline POMERAT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 17:13 . 2009-10-29 17:13 -------- d-----w- c:\documents and settings\caroline POMERAT\Application Data\MSNInstaller
2009-10-29 16:58 . 2009-10-29 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-10-29 15:53 . 2009-03-27 12:30 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-29 15:31 . 2009-10-29 15:31 -------- d-----w- c:\program files\Microsoft.NET
2009-10-29 11:37 . 2009-03-27 12:18 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-29 09:20 . 2009-10-29 09:20 -------- d-----w- c:\program files\CyberLink
2009-10-29 09:20 . 2009-10-29 09:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp
2009-10-29 09:18 . 2009-10-29 09:18 -------- d-----w- c:\program files\WIDCOMM
2009-10-29 09:18 . 2009-10-29 09:18 0 ----a-w- c:\windows\system32\drivers\144D_SAMSUNG_N_NC20_09MQ.mrk
2009-09-23 12:55 . 2009-11-30 06:06 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-11 14:18 . 2009-03-27 18:50 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2009-03-27 18:50 58880 ----a-w- c:\windows\system32\msasn1.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-27 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-30 305807]
"EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456]
"Chrome3"="c:\program files\s3graphics\chrome3\Chrome3.exe" [2009-04-30 1274368]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-11-27 2768896]
"MagicKeyboard"="c:\program files\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-14 151552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-17 17676288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-17 580200]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [30/11/2009 07:06 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [14/11/2009 19:33 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14/11/2009 19:33 20560]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [27/03/2009 13:23 4300]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1184912]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/08/2008 12:41 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [30/11/2009 07:00 47640]
R2 S3Funkey;S3Funkey;c:\program files\s3graphics\chrome3\S3Funkey.svc [30/04/2009 14:18 444416]
R2 S3LoadSv;S3LoadSv;c:\program files\s3graphics\chrome3\s3loadsv.svc [30/04/2009 14:18 387072]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [27/03/2009 19:50 14336]
R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [14/01/2008 19:01 30208]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [27/03/2009 19:53 581632]
R3 vcrdrx32;VIA MSP Cardreader Host Controller;c:\windows\system32\drivers\vcrdrx32.sys [27/03/2009 19:54 90752]
R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [27/03/2009 13:28 238464]
S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [01/08/2006 15:57 19840]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenu du dossier 'Tâches planifiées'
2009-12-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 06:04]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.my.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\benoît POMERAT\Application Data\Mozilla\Firefox\Profiles\5ub2umt3.default\
FF - plugin: c:\browserplusplugins\35c4ce3dc0119b5e07a1be2d07ff7a0d\npybrowserplus_2.4.21.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-VTTimer - VTTimer.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-Ad-Aware - c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-{E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\program files\NOS\bin\getPlus_Helper.dll
AddRemove-Yahoo! BrowserPlus - c:\documents and settings\benoît POMERAT\Local Settings\Application Data\Yahoo!\BrowserPlus\BrowserPlusUninstaller.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-01 19:15
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\LMIinit.dll
.
Heure de fin: 2009-12-01 19:17
ComboFix-quarantined-files.txt 2009-12-01 18:17
Avant-CF: 65 097 687 040 octets libres
Après-CF: 65 503 678 464 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
- - End Of File - - 6E151056AFF70C3696CA0C516BC006A0
############################## | UsbFix V6.059 |
User : benoît POMERAT (Administrateurs) # SAMSUNG
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 19:39:10 | 01/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
VIA Nano processor U2250@1300+MHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 091201-0] 4.8.1368 [ (!) Disabled | Updated ]
C:\ -> Disque fixe local # 70,04 Go (60,98 Go free) # NTFS
D:\ -> Disque fixe local # 73 Go (72,63 Go free) # NTFS
E:\ -> Disque amovible # 980,72 Mo (685,5 Mo free) # FAT
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 632
C:\WINDOWS\system32\csrss.exe 708
C:\WINDOWS\system32\winlogon.exe 732
C:\WINDOWS\system32\services.exe 776
C:\WINDOWS\system32\lsass.exe 788
C:\WINDOWS\system32\svchost.exe 944
C:\WINDOWS\system32\svchost.exe 1012
C:\WINDOWS\System32\svchost.exe 1052
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1092
C:\WINDOWS\system32\svchost.exe 1184
C:\WINDOWS\system32\svchost.exe 1248
C:\WINDOWS\System32\svchost.exe 1268
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1388
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1404
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1472
C:\WINDOWS\system32\spoolsv.exe 1860
C:\WINDOWS\system32\svchost.exe 1136
C:\Program Files\Java\jre6\bin\jqs.exe 1240
C:\Program Files\LogMeIn\x86\RaMaint.exe 1360
C:\Program Files\LogMeIn\x86\LogMeIn.exe 1752
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 1888
C:\Program Files\s3graphics\chrome3\s3funkey.svc 1920
C:\Program Files\s3graphics\chrome3\s3loadsv.svc 2004
C:\WINDOWS\system32\svchost.exe 168
C:\WINDOWS\RTHDCPL.EXE 328
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe 424
C:\Program Files\s3graphics\chrome3\Chrome3.exe 452
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 484
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 672
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe 1904
C:\WINDOWS\system32\ctfmon.exe 2064
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2072
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 2220
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 2232
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe 2248
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe 2264
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE 2668
C:\WINDOWS\system32\wbem\unsecapp.exe 2836
C:\WINDOWS\system32\wbem\wmiprvse.exe 2884
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3088
C:\WINDOWS\System32\alg.exe 3260
C:\Program Files\s3graphics\chrome3\s3funkey.svc 3528
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe 3212
C:\WINDOWS\system32\wscntfy.exe 2092
C:\WINDOWS\system32\wuauclt.exe 1612
C:\WINDOWS\explorer.exe 3356
C:\Program Files\LogMeIn\x86\LogMeIn.exe 2976
C:\Documents and Settings\tazebama.dl_ 3884
C:\WINDOWS\system32\wbem\wmiprvse.exe 5128
################## | Fichiers # Dossiers infectieux |
C:\autorun.inf
C:\autorun.inf -> fichier appelé : "C:\zPharaoh.exe" ( Présent ! )
D:\autorun.inf
D:\autorun.inf -> fichier appelé : "D:\zPharaoh.exe" ( Présent ! )
E:\autorun.inf
E:\autorun.inf -> fichier appelé : "E:\zPharaoh.exe" ( Présent ! )
################## | Spyware.OnlineGames |
################## | Mabezat |
C:\Documents and Settings\hook.dl_
C:\Documents and Settings\tazebama.dl_
C:\Documents and Settings\tazebama.dll
C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama\zPharaoh.dat
C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama
C:\zPharaoh.exe
D:\zPharaoh.exe
E:\zPharaoh.exe
C:\zPharaoh.exe
C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
C:\Documents and Settings\benoît POMERAT\Bureau\ComboFix.exe
C:\Documents and Settings\benoît POMERAT\Bureau\Firefox Setup 3.0.15.exe
C:\Documents and Settings\benoît POMERAT\Bureau\HiJackThis.exe
C:\Documents and Settings\benoît POMERAT\Bureau\lavasoft_adawarefree.exe
C:\Documents and Settings\benoît POMERAT\Bureau\registrybooster.exe
C:\Documents and Settings\benoît POMERAT\Bureau\SpySweeperSNRSetup_FR.exe
C:\Documents and Settings\benoît POMERAT\Bureau\programmes ordi\ccsetup224.exe
C:\Program Files\CCleaner\uninst.exe
C:\Program Files\CyberLink\Shared files\EffectExtractor.exe
C:\Program Files\CyberLink\YouCam\BigBang\CLUpdater.exe
C:\Program Files\CyberLink\YouCam\Language\youcam-tutorial.exe
C:\Program Files\CyberLink\YouCam\MUITransfer\muistartmenu.exe
C:\Program Files\CyberLink\YouCam\OLRSubmission\OLRStateCheck.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AcrobatUpdater.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\ReaderUpdater.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\AdobeUpdaterInstallMgr.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IDriver.exe
C:\Program Files\Fichiers communs\InstallShield\Engine\6\Intel 32\IKernel.exe
C:\Program Files\Fichiers communs\Microsoft Shared\DW\DW20.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\MODI\11.0\MSPVIEW.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\OINFOP11.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\DFUICOM.EXE
C:\Program Files\Fichiers communs\System\MSMAPI\1036\CNFNOT32.EXE
C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANOST.EXE
C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANPST.EXE
C:\Program Files\Google\Common\Google Updater\googleupdaterservice.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_1D643E0FC0BE74CC.exe
C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_5898FABCFA121C11.exe
C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe
C:\Program Files\Google\GoogleToolbarNotifier\swg-5.3.4501.1418\SearchWithGoogleUpdate.exe
C:\Program Files\Google\GoogleToolbarNotifier\swg-5.4.4525.1752\SearchWithGoogleUpdate.exe
C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe
C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe
C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\setup.exe
C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe
C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe
C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\Setup.exe
C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe
C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\setup.exe
C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
C:\Program Files\InstallShield Installation Information\{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}\setup.exe
C:\Program Files\Java\jre1.5.0\bin\java.exe
C:\Program Files\Java\jre1.5.0\bin\javacpl.exe
C:\Program Files\Java\jre1.5.0\bin\javaw.exe
C:\Program Files\Java\jre1.5.0\bin\javaws.exe
C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Java\jre1.5.0\bin\keytool.exe
C:\Program Files\Java\jre1.5.0\bin\kinit.exe
C:\Program Files\Java\jre1.5.0\bin\klist.exe
C:\Program Files\Java\jre1.5.0\bin\ktab.exe
C:\Program Files\Java\jre1.5.0\bin\orbd.exe
C:\Program Files\Java\jre1.5.0\bin\pack200.exe
C:\Program Files\Java\jre1.5.0\bin\policytool.exe
C:\Program Files\Java\jre1.5.0\bin\rmid.exe
C:\Program Files\Java\jre1.5.0\bin\rmiregistry.exe
C:\Program Files\Java\jre1.5.0\bin\servertool.exe
C:\Program Files\Java\jre1.5.0\bin\tnameserv.exe
C:\Program Files\Java\jre6\bin\java-rmi.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Java\jre6\bin\javacpl.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\jbroker.exe
C:\Program Files\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\jqsnotify.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Java\jre6\bin\jureg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\keytool.exe
C:\Program Files\Java\jre6\bin\kinit.exe
C:\Program Files\Java\jre6\bin\klist.exe
C:\Program Files\Java\jre6\bin\ktab.exe
C:\Program Files\Java\jre6\bin\orbd.exe
C:\Program Files\Java\jre6\bin\pack200.exe
C:\Program Files\Java\jre6\bin\policytool.exe
C:\Program Files\Java\jre6\bin\rmid.exe
C:\Program Files\Java\jre6\bin\rmiregistry.exe
C:\Program Files\Java\jre6\bin\servertool.exe
C:\Program Files\Java\jre6\bin\ssvagent.exe
C:\Program Files\Java\jre6\bin\tnameserv.exe
C:\Program Files\Lavasoft\Ad-Aware\Download Guard for Internet Explorer.exe
C:\Program Files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\AutoStart Manager.exe
C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\HostFileEditor.exe
C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.exe
C:\Program Files\LogMeIn\x86\LogMeInToolkit.exe
C:\Program Files\LogMeIn\x86\openssl.exe
C:\Program Files\LogMeIn\x86\rainst.exe
C:\Program Files\LogMeIn\x86\RA_SC.exe
C:\Program Files\LogMeIn\x86\zip.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Program Files\Marvell\Miniport Driver\installu.exe
C:\Program Files\Marvell\Miniport Driver\Uninst.exe
C:\Program Files\McAfee Security Scan\uninstall.exe
C:\Program Files\McAfee Security Scan\1.0.150\mcuicnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\OFFICE11\DSSM.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Office\OFFICE11\GRAPH.EXE
C:\Program Files\Microsoft Office\OFFICE11\INFOPATH.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSPUB.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSTORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OIS.EXE
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files\Microsoft Office\OFFICE11\PROFLWIZ.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\1036\MSOHELP.EXE
C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe
C:\Program Files\MSN\MsnInstaller\msninst.exe
C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\Alcmtr.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\AlcWzrd.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\MicCal.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RtkAudioService.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RTLCPL.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\SkyTel.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\SoundMan.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil.exe
C:\Program Files\RegistryBooster\registrybooster.exe
C:\Program Files\RegistryBooster\unins000.exe
C:\Program Files\S3\Chrome9HC\s3minset.exe
C:\Program Files\s3graphics\chrome3\s3loadsv.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Easy Display Manager\DMLauncher_XP.exe
C:\Program Files\Samsung\Easy Display Manager\dmloader.exe
C:\Program Files\Samsung\Easy Display Manager\EDM-BatteryWarning.exe
C:\Program Files\Samsung\Easy Display Manager\HotKeyOption.exe
C:\Program Files\Samsung\Easy Display Manager\wlan.exe
C:\Program Files\Samsung\Easy Network Manager\ENM.exe
C:\Program Files\Samsung\Easy Network Manager\HelpLaunch.exe
C:\Program Files\Samsung\Easy Network Manager\MakeAdHoc.exe
C:\Program Files\Samsung\Easy Network Manager\Support\InstallHelper.exe
C:\Program Files\Samsung\Easy Network Manager\Support\UninstallHelper.exe
C:\Program Files\Samsung\Samsung Battery Manager\KStartMem.exe
C:\Program Files\Samsung\Samsung Battery Manager\PSMode.exe
C:\Program Files\Samsung\Samsung Magic Doctor\KStartMem.exe
C:\Program Files\Samsung\Samsung Magic Doctor\RegSIS.exe
C:\Program Files\Samsung\Samsung Magic Doctor\Specinfo.exe
C:\Program Files\Samsung\Samsung Magic Doctor\OneclickSTS\FixWZC.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\GoRecovery.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\InstDrv.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\KStartMem.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\Manager1.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\WCScheduler.exe
C:\Program Files\Samsung\Samsung Update Plus\supbackground.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPClientApp.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPHelp.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\setup.exe
C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\SSetup.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_chs\samsungmanual_chs.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_cht\samsungmanual_cht.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_dan\samsungmanual_dan.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_dut\samsungmanual_dut.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_eng\samsungmanual_eng.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_fin\samsungmanual_fin.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_fra\samsungmanual_fra.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_ger\samsungmanual_ger.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_ita\samsungmanual_ita.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_kor\samsungmanual_kor.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_nor\samsungmanual_nor.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_pol\samsungmanual_pol.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_rus\samsungmanual_rus.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_spn\samsungmanual_spn.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_swe\samsungmanual_swe.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_tur\samsungmanual_tur.exe
C:\Program Files\Spybot - Search & Destroy\blindman.exe
C:\Program Files\Spybot - Search & Destroy\SDFiles.exe
C:\Program Files\Spybot - Search & Destroy\SDMain.exe
C:\Program Files\Spybot - Search & Destroy\SDShred.exe
C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\unins000.exe
C:\Program Files\Spybot - Search & Destroy\Update.exe
C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.exe
C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.exe
C:\Program Files\Synaptics\SynTP\InstNT.exe
C:\Program Files\Synaptics\SynTP\SynMood.exe
C:\Program Files\Synaptics\SynTP\SynZMetr.exe
C:\Program Files\Synaptics\SynTP\Tutorial.exe
C:\Program Files\Synaptics\SynTP\Media\InstNT.exe
C:\Program Files\Synaptics\SynTP\Media\SynMood.exe
C:\Program Files\Synaptics\SynTP\Media\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\Media\SynZMetr.exe
C:\Program Files\Synaptics\SynTP\Media\Tutorial.exe
C:\Program Files\VideoLAN\VLC\uninstall.exe
C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\isvmsetup.exe
C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\vuvcterm.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtwHfConfig.exe
C:\Program Files\WIDCOMM\Bluetooth Software\gzip.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006902.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006903.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007931.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007933.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0010938.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011957.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011958.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011959.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011960.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011961.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011962.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011974.EXE
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011975.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011977.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011978.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011979.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011980.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011981.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011989.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011999.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012000.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012106.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012107.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012108.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012594.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012595.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012596.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012597.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012791.exe
D:\zPharaoh.exe
D:\MSOCache\MSOCache .exe
D:\MSOCache\WinrRarSerialInstall.exe
D:\MSOCache\All Users\All Users .exe
D:\MSOCache\All Users\Make Windows Original.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\9000040c-6000-11D3-8CFE-0150048383C9 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\Office2003 CD-Key.doc.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\FILES .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\Office2007 Serial.txt.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\KasperSky6.0 Key.doc.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\PFILES .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\COMMON .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\InstallMSN11En.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\Crack_GoogleEarthPro.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\MSSHARED .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\AmericanOnLine.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DW .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DWTRIG20.EXE
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1036\1036 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1036\msjavx86.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\Lock Folder.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\MSOFFICE .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\FloppyDiskPartion.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\OFFICE11 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1036\1036 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1036\HP_LaserJetAllInOneConfig.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\JetAudio dump.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\SETUP .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\InstallMSN11Ar.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\WINDOWS .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF\INF .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF\Microsoft Windows Network.exe
D:\RECYCLER\RECYCLER .exe
D:\RECYCLER\WinrRarSerialInstall.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1005\NokiaN73Tools.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1005\S-1-5-21-951959548-2110113444-66279279-1005 .exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1006\Make Windows Original.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1006\S-1-5-21-951959548-2110113444-66279279-1006 .exe
E:\EMF.exe
E:\zPharaoh.exe
E:\Documents Formateur\Documents Formateur .exe
E:\Documents Formateur\WinrRarSerialInstall.exe
E:\files\files .exe
E:\files\NokiaN73Tools.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\MSOCache\WinrRarSerialInstall.exe
D:\MSOCache\All Users\Make Windows Original.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\InstallMSN11En.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\Crack_GoogleEarthPro.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\AmericanOnLine.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1036\msjavx86.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\Lock Folder.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\FloppyDiskPartion.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1036\HP_LaserJetAllInOneConfig.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\JetAudio dump.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\InstallMSN11Ar.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF\Microsoft Windows Network.exe
D:\RECYCLER\WinrRarSerialInstall.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1005\NokiaN73Tools.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1006\Make Windows Original.exe
E:\Documents Formateur\WinrRarSerialInstall.exe
E:\files\NokiaN73Tools.exe
################## | Registre # Clés infectieuses |
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
################## | Registre # Mountpoints2 |
################## | Cracks / Keygens / Serials |
"D:\MSOCache\WinrRarSerialInstall.exe"
28/11/2009 09:06 |Size 155031 |Crc32 e02a5f3d |Md5 ae4f6b2d9b169fe2f4249d28e517ef18
"D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\Crack_GoogleEarthPro.exe"
28/11/2009 09:06 |Size 154961 |Crc32 81bf71f8 |Md5 5abd2ef0194685d783a2cf1076a645ad
"D:\RECYCLER\WinrRarSerialInstall.exe"
01/12/2009 19:23 |Size 155031 |Crc32 e02a5f3d |Md5 ae4f6b2d9b169fe2f4249d28e517ef18
"E:\Documents Formateur\WinrRarSerialInstall.exe"
27/11/2009 20:05 |Size 155031 |Crc32 e02a5f3d |Md5 ae4f6b2d9b169fe2f4249d28e517ef18
################## | ! Fin du rapport # UsbFix V6.059 ! |
############################## | UsbFix V6.059 |
User : benoît POMERAT (Administrateurs) # SAMSUNG
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:40:45 | 01/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
VIA Nano processor U2250@1300+MHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 091201-0] 4.8.1368 [ Enabled | Updated ]
C:\ -> Disque fixe local # 70,04 Go (60,95 Go free) # NTFS
D:\ -> Disque fixe local # 73 Go (72,63 Go free) # NTFS
E:\ -> Disque amovible # 980,72 Mo (685,5 Mo free) # FAT
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 632
C:\WINDOWS\system32\csrss.exe 704
C:\WINDOWS\system32\winlogon.exe 728
C:\WINDOWS\system32\services.exe 772
C:\WINDOWS\system32\lsass.exe 784
C:\WINDOWS\system32\svchost.exe 940
C:\WINDOWS\system32\svchost.exe 1008
C:\WINDOWS\System32\svchost.exe 1048
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1080
C:\WINDOWS\system32\svchost.exe 1180
C:\WINDOWS\system32\svchost.exe 1244
C:\WINDOWS\System32\svchost.exe 1264
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1384
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1400
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1468
C:\WINDOWS\Explorer.EXE 1772
C:\WINDOWS\system32\spoolsv.exe 228
C:\WINDOWS\system32\svchost.exe 1356
C:\Program Files\Java\jre6\bin\jqs.exe 1536
C:\Program Files\LogMeIn\x86\RaMaint.exe 1664
C:\Program Files\Alwil Software\Avast4\setup\avast.setup 1692
C:\Program Files\LogMeIn\x86\LogMeIn.exe 1764
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 1860
C:\Program Files\s3graphics\chrome3\s3funkey.svc 1920
C:\Program Files\s3graphics\chrome3\s3loadsv.svc 392
C:\WINDOWS\system32\svchost.exe 436
C:\WINDOWS\system32\wuauclt.exe 1120
C:\WINDOWS\system32\wbem\wmiprvse.exe 1160
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 1816
C:\WINDOWS\system32\wbem\unsecapp.exe 2064
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2056
C:\WINDOWS\system32\wbem\wmiprvse.exe 2148
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2212
C:\WINDOWS\System32\alg.exe 2388
################## | Fichiers # Dossiers infectieux |
Non supprimé ! C:\autorun.inf
Non supprimé ! D:\autorun.inf
Non supprimé ! E:\autorun.inf
################## | Spyware.OnlineGames |
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006902.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011962.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012594.exe
################## | Mabezat |
Supprimé ! C:\Documents and Settings\hook.dl_
Supprimé ! C:\Documents and Settings\tazebama.dl_
Supprimé ! C:\Documents and Settings\tazebama.dll
Supprimé ! C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama\zPharaoh.dat
Supprimé ! C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama
Supprimé ! C:\zPharaoh.exe
Supprimé ! D:\zPharaoh.exe
Supprimé ! E:\zPharaoh.exe
Supprimé ! C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\ComboFix.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\Firefox Setup 3.0.15.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\HiJackThis.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\lavasoft_adawarefree.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\registrybooster.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\SpySweeperSNRSetup_FR.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\programmes ordi\ccsetup224.exe
Supprimé ! C:\Program Files\CCleaner\uninst.exe
Supprimé ! C:\Program Files\CyberLink\Shared files\EffectExtractor.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\BigBang\CLUpdater.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\Language\youcam-tutorial.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\MUITransfer\muistartmenu.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\OLRSubmission\OLRStateCheck.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AcrobatUpdater.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\ARM\1.0\ReaderUpdater.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\Updater6\AdobeUpdaterInstallMgr.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
Supprimé ! C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IDriver.exe
Supprimé ! C:\Program Files\Fichiers communs\InstallShield\Engine\6\Intel 32\IKernel.exe
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\DW\DW20.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\MODI\11.0\MSPVIEW.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\OINFOP11.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\DFUICOM.EXE
Supprimé ! C:\Program Files\Fichiers communs\System\MSMAPI\1036\CNFNOT32.EXE
Supprimé ! C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANOST.EXE
Supprimé ! C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANPST.EXE
Supprimé ! C:\Program Files\Google\Common\Google Updater\googleupdaterservice.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_1D643E0FC0BE74CC.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_5898FABCFA121C11.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe
Supprimé ! C:\Program Files\Google\GoogleToolbarNotifier\swg-5.3.4501.1418\SearchWithGoogleUpdate.exe
Supprimé ! C:\Program Files\Google\GoogleToolbarNotifier\swg-5.4.4525.1752\SearchWithGoogleUpdate.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\Setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}\setup.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\java.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\javacpl.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\javaw.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\javaws.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\jusched.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\keytool.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\kinit.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\klist.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\ktab.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\orbd.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\pack200.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\policytool.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\rmid.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\rmiregistry.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\servertool.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\tnameserv.exe
Supprimé ! C:\Program Files\Java\jre6\bin\java-rmi.exe
Supprimé ! C:\Program Files\Java\jre6\bin\javacpl.exe
Supprimé ! C:\Program Files\Java\jre6\bin\javaw.exe
Supprimé ! C:\Program Files\Java\jre6\bin\javaws.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jbroker.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jp2launcher.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jqsnotify.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jucheck.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jureg.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jusched.exe
Supprimé ! C:\Program Files\Java\jre6\bin\keytool.exe
Supprimé ! C:\Program Files\Java\jre6\bin\kinit.exe
Supprimé ! C:\Program Files\Java\jre6\bin\klist.exe
Supprimé ! C:\Program Files\Java\jre6\bin\ktab.exe
Supprimé ! C:\Program Files\Java\jre6\bin\orbd.exe
Supprimé ! C:\Program Files\Java\jre6\bin\pack200.exe
Supprimé ! C:\Program Files\Java\jre6\bin\policytool.exe
Supprimé ! C:\Program Files\Java\jre6\bin\rmid.exe
Supprimé ! C:\Program Files\Java\jre6\bin\rmiregistry.exe
Supprimé ! C:\Program Files\Java\jre6\bin\servertool.exe
Supprimé ! C:\Program Files\Java\jre6\bin\ssvagent.exe
Supprimé ! C:\Program Files\Java\jre6\bin\tnameserv.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\Download Guard for Internet Explorer.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\AutoStart Manager.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\HostFileEditor.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.exe
Supprimé ! C:\Program Files\LogMeIn\x86\LogMeInToolkit.exe
Supprimé ! C:\Program Files\LogMeIn\x86\openssl.exe
Supprimé ! C:\Program Files\LogMeIn\x86\rainst.exe
Supprimé ! C:\Program Files\LogMeIn\x86\RA_SC.exe
Supprimé ! C:\Program Files\LogMeIn\x86\zip.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\raupdate.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__LogMeInToolkit.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__openssl.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__rainst.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__ra_sc.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__zip.exe
Supprimé ! C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Supprimé ! C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
Supprimé ! C:\Program Files\Marvell\Miniport Driver\installu.exe
Supprimé ! C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Supprimé ! C:\Program Files\McAfee Security Scan\uninstall.exe
Supprimé ! C:\Program Files\McAfee Security Scan\1.0.150\mcuicnt.exe
Supprimé ! C:\Program Files\Messenger\msmsgs.exe
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\DSSM.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\GRAPH.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\INFOPATH.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSPUB.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSTORE.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\OIS.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\PROFLWIZ.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\1036\MSOHELP.EXE
Supprimé ! C:\Program Files\Mozilla Firefox\updater.exe
Supprimé ! C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Supprimé ! C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
Supprimé ! C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe
Supprimé ! C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe
Supprimé ! C:\Program Files\MSN\MsnInstaller\msninst.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\Alcmtr.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\AlcWzrd.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\MicCal.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RtkAudioService.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RTLCPL.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\SkyTel.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\SoundMan.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil.exe
Supprimé ! C:\Program Files\RegistryBooster\registrybooster.exe
Supprimé ! C:\Program Files\RegistryBooster\unins000.exe
Supprimé ! C:\Program Files\S3\Chrome9HC\s3minset.exe
Supprimé ! C:\Program Files\s3graphics\chrome3\s3loadsv.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\DMLauncher_XP.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\dmloader.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\EDM-BatteryWarning.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\HotKeyOption.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\wlan.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\ENM.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\HelpLaunch.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\MakeAdHoc.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\Support\InstallHelper.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\Support\UninstallHelper.exe
Supprimé ! C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
Supprimé ! C:\Program Files\Samsung\Samsung Battery Manager\KStartMem.exe
Supprimé ! C:\Program Files\Samsung\Samsung Battery Manager\PSMode.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\KStartMem.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\RegSIS.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\Specinfo.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\OneclickSTS\FixWZC.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\GoRecovery.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\InstDrv.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\KStartMem.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\Manager1.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\WCScheduler.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\supbackground.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\SUPClientApp.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\SUPHelp.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\setup.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\SSetup.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_chs\samsungmanual_chs.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_cht\samsungmanual_cht.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_dan\samsungmanual_dan.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_dut\samsungmanual_dut.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_eng\samsungmanual_eng.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_fin\samsungmanual_fin.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_fra\samsungmanual_fra.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_ger\samsungmanual_ger.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_ita\samsungmanual_ita.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_kor\samsungmanual_kor.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_nor\samsungmanual_nor.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_pol\samsungmanual_pol.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_rus\samsungmanual_rus.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_spn\samsungmanual_spn.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_swe\samsungmanual_swe.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_tur\samsungmanual_tur.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\InstNT.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\SynMood.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\SynZMetr.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Tutorial.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\InstNT.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\SynMood.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\SynTPEnh.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\SynZMetr.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\Tutorial.exe
Supprimé ! C:\Program Files\VideoLAN\VLC\uninstall.exe
Supprimé ! C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\isvmsetup.exe
Supprimé ! C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\vuvcterm.exe
Supprimé ! C:\Program Files\WIDCOMM\Bluetooth Software\BtwHfConfig.exe
Supprimé ! C:\Program Files\WIDCOMM\Bluetooth Software\gzip.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006903.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007931.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007933.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0010938.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011957.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011958.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011959.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011960.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011961.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011974.EXE
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011975.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011977.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011978.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011979.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011980.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011981.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011989.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011999.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012000.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012106.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012107.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012108.exe
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.894.322 [GMT 1:00]
Lancé depuis: c:\documents and settings\benoît POMERAT\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091201-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
c:\recycler\S-1-5-21-1123561945-920026266-1177238915-1003
c:\windows\msetup
c:\windows\msetup\MSetup.exe
C:\zPharaoh.exe
D:\zPharaoh.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-11-01 au 2009-12-01 ))))))))))))))))))))))))))))))))))))
.
2009-11-30 22:00 . 2009-11-30 22:00 0 ----a-w- c:\windows\nsreg.dat
2009-11-30 21:45 . 2009-12-01 18:00 32768 ----a-w- c:\documents and settings\tazebama.dll
2009-11-30 09:03 . 2009-11-30 09:03 -------- d-----w- c:\program files\RegistryBooster
2009-11-30 06:56 . 2009-11-30 06:06 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-30 06:05 . 2009-11-30 06:05 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-30 06:05 . 2009-11-30 06:05 5908024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-11-30 06:05 . 2009-11-30 06:05 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-11-30 06:05 . 2009-11-30 06:05 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-11-30 06:05 . 2009-11-30 06:05 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-11-30 06:05 . 2009-11-30 06:05 641632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-30 06:04 . 2009-11-30 06:05 816272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-11-30 06:04 . 2009-11-30 06:04 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-11-30 06:04 . 2009-11-30 06:04 1638640 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-11-30 06:04 . 2009-11-30 06:04 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-11-30 06:04 . 2009-11-30 06:04 1184912 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-11-30 06:03 . 2009-11-30 18:41 3081375 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-30 06:02 . 2009-11-30 06:02 -------- d-----w- c:\program files\Lavasoft
2009-11-30 06:02 . 2009-11-30 06:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-30 06:00 . 2009-11-30 06:00 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn
2009-11-30 06:00 . 2009-11-30 06:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ICS
2009-11-30 06:00 . 2009-09-28 18:34 83288 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2009-11-30 06:00 . 2009-09-28 18:34 47416 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2009-11-30 06:00 . 2009-09-28 18:34 28984 ----a-w- c:\windows\system32\LMIport.dll
2009-11-30 06:00 . 2008-08-11 11:41 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2009-11-30 06:00 . 2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
2009-11-30 05:59 . 2009-11-30 23:15 -------- d-----w- c:\program files\LogMeIn
2009-11-29 22:45 . 2009-11-30 07:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-11-29 22:45 . 2009-11-29 22:45 -------- d-----w- c:\program files\Yahoo!
2009-11-29 22:45 . 2009-11-29 22:45 -------- d-----w- c:\program files\CCleaner
2009-11-29 22:33 . 2009-11-29 22:33 164 ----a-w- c:\windows\install.dat
2009-11-29 22:08 . 2009-11-30 06:03 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-29 21:37 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-29 21:37 . 2009-11-29 21:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-29 21:37 . 2009-11-29 21:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-29 21:37 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-29 20:01 . 2009-11-29 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-29 20:01 . 2009-11-29 20:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-29 16:33 . 2009-11-29 16:33 -------- d-----w- c:\documents and settings\SYSTEM
2009-11-29 11:23 . 2009-11-29 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-11-29 11:23 . 2009-11-29 11:23 -------- d-----w- c:\program files\McAfee Security Scan
2009-11-29 11:23 . 2009-11-29 16:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-29 11:23 . 2009-11-29 16:42 -------- d-----w- c:\program files\NOS
2009-11-19 07:43 . 2009-11-19 07:43 -------- d-----w- C:\BrowserPlusPlugins
2009-11-14 18:33 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-14 18:33 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-14 18:33 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-14 18:33 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-14 18:33 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-14 18:33 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-14 18:33 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-14 18:33 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-14 18:32 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-14 18:32 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-14 18:32 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-14 18:32 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-11-14 18:32 . 2009-11-14 18:32 -------- d-----w- c:\program files\Alwil Software
2009-11-14 16:47 . 2009-03-24 15:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-10 17:26 . 2009-11-10 17:26 -------- d-----w- c:\documents and settings\amis\Bluetooth Software
2009-11-09 17:22 . 2009-11-09 17:22 -------- d-----w- c:\program files\Marvell
2009-11-08 15:31 . 2009-11-08 15:31 -------- d-----w- c:\documents and settings\caroline POMERAT\Application Data\dvdcss
2009-11-08 15:24 . 2009-11-08 15:56 -------- d-----w- c:\documents and settings\caroline POMERAT\Application Data\vlc
2009-11-05 10:03 . 2009-11-05 10:03 -------- d-----w- c:\windows\Sun
2009-11-05 10:02 . 2009-11-05 10:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-03 16:45 . 2009-11-03 16:45 -------- d-sh--w- c:\documents and settings\caroline POMERAT\PrivacIE
2009-11-03 16:44 . 2009-11-03 16:44 -------- d-sh--w- c:\documents and settings\caroline POMERAT\IETldCache
2009-11-03 11:26 . 2009-11-03 11:26 -------- d-----w- c:\windows\ie8updates
2009-11-03 08:20 . 2009-08-29 07:56 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-03 08:20 . 2009-08-29 07:56 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-11-03 08:20 . 2009-08-29 07:56 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-11-03 08:20 . 2009-08-29 07:56 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-03 08:20 . 2009-08-29 07:56 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-11-03 08:20 . 2009-08-29 07:56 11069440 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-11-03 08:20 . 2009-11-03 08:20 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-11-03 08:20 . 2009-11-03 08:20 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-11-03 08:20 . 2009-11-03 08:20 12067 ----a-w- c:\windows\system32\SIntf16.dll
2009-11-02 12:29 . 2009-11-02 12:29 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-11-02 11:30 . 2009-11-02 11:30 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-11-02 10:09 . 2009-11-02 10:09 -------- d-----w- c:\program files\VideoLAN
2009-11-02 09:22 . 2009-11-02 09:22 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-11-02 08:27 . 2009-11-02 08:29 -------- dc-h--w- c:\windows\ie8
2009-11-02 07:38 . 2009-03-26 15:37 409600 ----a-w- c:\windows\system32\s3iset32_2_00_96.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-30 19:09 . 2009-03-27 18:50 2864 ----a-w- c:\windows\system32\winsock.dll
2009-11-29 11:25 . 2009-03-27 12:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-11-21 17:32 . 2009-03-27 12:26 -------- d-----w- c:\program files\Samsung
2009-11-21 17:32 . 2009-03-27 12:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-11 12:32 . 2009-03-27 18:50 368314 ----a-w- c:\windows\system32\perfh00C.dat
2009-11-11 12:32 . 2009-03-27 18:50 49054 ----a-w- c:\windows\system32\perfc00C.dat
2009-11-09 19:15 . 2009-10-29 12:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore
2009-11-05 10:02 . 2009-03-27 12:23 -------- d-----w- c:\program files\Java
2009-10-31 07:52 . 2009-10-31 07:52 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\SACore
2009-10-29 17:16 . 2009-10-29 17:16 43200 ----a-w- c:\documents and settings\caroline POMERAT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 17:13 . 2009-10-29 17:13 -------- d-----w- c:\documents and settings\caroline POMERAT\Application Data\MSNInstaller
2009-10-29 16:58 . 2009-10-29 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-10-29 15:53 . 2009-03-27 12:30 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-10-29 15:31 . 2009-10-29 15:31 -------- d-----w- c:\program files\Microsoft.NET
2009-10-29 11:37 . 2009-03-27 12:18 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-29 09:20 . 2009-10-29 09:20 -------- d-----w- c:\program files\CyberLink
2009-10-29 09:20 . 2009-10-29 09:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp
2009-10-29 09:18 . 2009-10-29 09:18 -------- d-----w- c:\program files\WIDCOMM
2009-10-29 09:18 . 2009-10-29 09:18 0 ----a-w- c:\windows\system32\drivers\144D_SAMSUNG_N_NC20_09MQ.mrk
2009-09-23 12:55 . 2009-11-30 06:06 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-11 14:18 . 2009-03-27 18:50 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2009-03-27 18:50 58880 ----a-w- c:\windows\system32\msasn1.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-27 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-30 305807]
"EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-20 659456]
"Chrome3"="c:\program files\s3graphics\chrome3\Chrome3.exe" [2009-04-30 1274368]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480]
"BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-11-27 2768896]
"MagicKeyboard"="c:\program files\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-14 151552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-17 17676288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-17 580200]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [30/11/2009 07:06 64288]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [14/11/2009 19:33 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14/11/2009 19:33 20560]
R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [27/03/2009 13:23 4300]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1184912]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/08/2008 12:41 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [30/11/2009 07:00 47640]
R2 S3Funkey;S3Funkey;c:\program files\s3graphics\chrome3\S3Funkey.svc [30/04/2009 14:18 444416]
R2 S3LoadSv;S3LoadSv;c:\program files\s3graphics\chrome3\s3loadsv.svc [30/04/2009 14:18 387072]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe -k yksvcs [27/03/2009 19:50 14336]
R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [14/01/2008 19:01 30208]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [27/03/2009 19:53 581632]
R3 vcrdrx32;VIA MSP Cardreader Host Controller;c:\windows\system32\drivers\vcrdrx32.sys [27/03/2009 19:54 90752]
R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [27/03/2009 13:28 238464]
S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [01/08/2006 15:57 19840]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenu du dossier 'Tâches planifiées'
2009-12-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 06:04]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://fr.my.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\benoît POMERAT\Application Data\Mozilla\Firefox\Profiles\5ub2umt3.default\
FF - plugin: c:\browserplusplugins\35c4ce3dc0119b5e07a1be2d07ff7a0d\npybrowserplus_2.4.21.dll
.
- - - - ORPHELINS SUPPRIMES - - - -
HKLM-Run-VTTimer - VTTimer.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-Ad-Aware - c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe REMOVE=TRUE MODIFY=FALSE
AddRemove-{E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\program files\NOS\bin\getPlus_Helper.dll
AddRemove-Yahoo! BrowserPlus - c:\documents and settings\benoît POMERAT\Local Settings\Application Data\Yahoo!\BrowserPlus\BrowserPlusUninstaller.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-01 19:15
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\LMIinit.dll
.
Heure de fin: 2009-12-01 19:17
ComboFix-quarantined-files.txt 2009-12-01 18:17
Avant-CF: 65 097 687 040 octets libres
Après-CF: 65 503 678 464 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
- - End Of File - - 6E151056AFF70C3696CA0C516BC006A0
############################## | UsbFix V6.059 |
User : benoît POMERAT (Administrateurs) # SAMSUNG
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 19:39:10 | 01/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
VIA Nano processor U2250@1300+MHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 091201-0] 4.8.1368 [ (!) Disabled | Updated ]
C:\ -> Disque fixe local # 70,04 Go (60,98 Go free) # NTFS
D:\ -> Disque fixe local # 73 Go (72,63 Go free) # NTFS
E:\ -> Disque amovible # 980,72 Mo (685,5 Mo free) # FAT
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 632
C:\WINDOWS\system32\csrss.exe 708
C:\WINDOWS\system32\winlogon.exe 732
C:\WINDOWS\system32\services.exe 776
C:\WINDOWS\system32\lsass.exe 788
C:\WINDOWS\system32\svchost.exe 944
C:\WINDOWS\system32\svchost.exe 1012
C:\WINDOWS\System32\svchost.exe 1052
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1092
C:\WINDOWS\system32\svchost.exe 1184
C:\WINDOWS\system32\svchost.exe 1248
C:\WINDOWS\System32\svchost.exe 1268
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1388
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1404
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1472
C:\WINDOWS\system32\spoolsv.exe 1860
C:\WINDOWS\system32\svchost.exe 1136
C:\Program Files\Java\jre6\bin\jqs.exe 1240
C:\Program Files\LogMeIn\x86\RaMaint.exe 1360
C:\Program Files\LogMeIn\x86\LogMeIn.exe 1752
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 1888
C:\Program Files\s3graphics\chrome3\s3funkey.svc 1920
C:\Program Files\s3graphics\chrome3\s3loadsv.svc 2004
C:\WINDOWS\system32\svchost.exe 168
C:\WINDOWS\RTHDCPL.EXE 328
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe 424
C:\Program Files\s3graphics\chrome3\Chrome3.exe 452
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 484
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe 672
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe 1904
C:\WINDOWS\system32\ctfmon.exe 2064
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 2072
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe 2220
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 2232
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe 2248
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe 2264
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE 2668
C:\WINDOWS\system32\wbem\unsecapp.exe 2836
C:\WINDOWS\system32\wbem\wmiprvse.exe 2884
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3088
C:\WINDOWS\System32\alg.exe 3260
C:\Program Files\s3graphics\chrome3\s3funkey.svc 3528
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe 3212
C:\WINDOWS\system32\wscntfy.exe 2092
C:\WINDOWS\system32\wuauclt.exe 1612
C:\WINDOWS\explorer.exe 3356
C:\Program Files\LogMeIn\x86\LogMeIn.exe 2976
C:\Documents and Settings\tazebama.dl_ 3884
C:\WINDOWS\system32\wbem\wmiprvse.exe 5128
################## | Fichiers # Dossiers infectieux |
C:\autorun.inf
C:\autorun.inf -> fichier appelé : "C:\zPharaoh.exe" ( Présent ! )
D:\autorun.inf
D:\autorun.inf -> fichier appelé : "D:\zPharaoh.exe" ( Présent ! )
E:\autorun.inf
E:\autorun.inf -> fichier appelé : "E:\zPharaoh.exe" ( Présent ! )
################## | Spyware.OnlineGames |
################## | Mabezat |
C:\Documents and Settings\hook.dl_
C:\Documents and Settings\tazebama.dl_
C:\Documents and Settings\tazebama.dll
C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama\zPharaoh.dat
C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama
C:\zPharaoh.exe
D:\zPharaoh.exe
E:\zPharaoh.exe
C:\zPharaoh.exe
C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
C:\Documents and Settings\benoît POMERAT\Bureau\ComboFix.exe
C:\Documents and Settings\benoît POMERAT\Bureau\Firefox Setup 3.0.15.exe
C:\Documents and Settings\benoît POMERAT\Bureau\HiJackThis.exe
C:\Documents and Settings\benoît POMERAT\Bureau\lavasoft_adawarefree.exe
C:\Documents and Settings\benoît POMERAT\Bureau\registrybooster.exe
C:\Documents and Settings\benoît POMERAT\Bureau\SpySweeperSNRSetup_FR.exe
C:\Documents and Settings\benoît POMERAT\Bureau\programmes ordi\ccsetup224.exe
C:\Program Files\CCleaner\uninst.exe
C:\Program Files\CyberLink\Shared files\EffectExtractor.exe
C:\Program Files\CyberLink\YouCam\BigBang\CLUpdater.exe
C:\Program Files\CyberLink\YouCam\Language\youcam-tutorial.exe
C:\Program Files\CyberLink\YouCam\MUITransfer\muistartmenu.exe
C:\Program Files\CyberLink\YouCam\OLRSubmission\OLRStateCheck.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AcrobatUpdater.exe
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\ReaderUpdater.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\AdobeUpdaterInstallMgr.exe
C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IDriver.exe
C:\Program Files\Fichiers communs\InstallShield\Engine\6\Intel 32\IKernel.exe
C:\Program Files\Fichiers communs\Microsoft Shared\DW\DW20.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\MODI\11.0\MSPVIEW.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\OINFOP11.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\DFUICOM.EXE
C:\Program Files\Fichiers communs\System\MSMAPI\1036\CNFNOT32.EXE
C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANOST.EXE
C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANPST.EXE
C:\Program Files\Google\Common\Google Updater\googleupdaterservice.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_1D643E0FC0BE74CC.exe
C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_5898FABCFA121C11.exe
C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe
C:\Program Files\Google\GoogleToolbarNotifier\swg-5.3.4501.1418\SearchWithGoogleUpdate.exe
C:\Program Files\Google\GoogleToolbarNotifier\swg-5.4.4525.1752\SearchWithGoogleUpdate.exe
C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe
C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe
C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\setup.exe
C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe
C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe
C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\Setup.exe
C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe
C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\setup.exe
C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
C:\Program Files\InstallShield Installation Information\{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}\setup.exe
C:\Program Files\Java\jre1.5.0\bin\java.exe
C:\Program Files\Java\jre1.5.0\bin\javacpl.exe
C:\Program Files\Java\jre1.5.0\bin\javaw.exe
C:\Program Files\Java\jre1.5.0\bin\javaws.exe
C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\Java\jre1.5.0\bin\keytool.exe
C:\Program Files\Java\jre1.5.0\bin\kinit.exe
C:\Program Files\Java\jre1.5.0\bin\klist.exe
C:\Program Files\Java\jre1.5.0\bin\ktab.exe
C:\Program Files\Java\jre1.5.0\bin\orbd.exe
C:\Program Files\Java\jre1.5.0\bin\pack200.exe
C:\Program Files\Java\jre1.5.0\bin\policytool.exe
C:\Program Files\Java\jre1.5.0\bin\rmid.exe
C:\Program Files\Java\jre1.5.0\bin\rmiregistry.exe
C:\Program Files\Java\jre1.5.0\bin\servertool.exe
C:\Program Files\Java\jre1.5.0\bin\tnameserv.exe
C:\Program Files\Java\jre6\bin\java-rmi.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Java\jre6\bin\javacpl.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\jbroker.exe
C:\Program Files\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\jqsnotify.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Java\jre6\bin\jureg.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\keytool.exe
C:\Program Files\Java\jre6\bin\kinit.exe
C:\Program Files\Java\jre6\bin\klist.exe
C:\Program Files\Java\jre6\bin\ktab.exe
C:\Program Files\Java\jre6\bin\orbd.exe
C:\Program Files\Java\jre6\bin\pack200.exe
C:\Program Files\Java\jre6\bin\policytool.exe
C:\Program Files\Java\jre6\bin\rmid.exe
C:\Program Files\Java\jre6\bin\rmiregistry.exe
C:\Program Files\Java\jre6\bin\servertool.exe
C:\Program Files\Java\jre6\bin\ssvagent.exe
C:\Program Files\Java\jre6\bin\tnameserv.exe
C:\Program Files\Lavasoft\Ad-Aware\Download Guard for Internet Explorer.exe
C:\Program Files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\AutoStart Manager.exe
C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\HostFileEditor.exe
C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.exe
C:\Program Files\LogMeIn\x86\LogMeInToolkit.exe
C:\Program Files\LogMeIn\x86\openssl.exe
C:\Program Files\LogMeIn\x86\rainst.exe
C:\Program Files\LogMeIn\x86\RA_SC.exe
C:\Program Files\LogMeIn\x86\zip.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Program Files\Marvell\Miniport Driver\installu.exe
C:\Program Files\Marvell\Miniport Driver\Uninst.exe
C:\Program Files\McAfee Security Scan\uninstall.exe
C:\Program Files\McAfee Security Scan\1.0.150\mcuicnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\OFFICE11\DSSM.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Office\OFFICE11\GRAPH.EXE
C:\Program Files\Microsoft Office\OFFICE11\INFOPATH.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSPUB.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSTORE.EXE
C:\Program Files\Microsoft Office\OFFICE11\OIS.EXE
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
C:\Program Files\Microsoft Office\OFFICE11\PROFLWIZ.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\1036\MSOHELP.EXE
C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe
C:\Program Files\MSN\MsnInstaller\msninst.exe
C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\Alcmtr.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\AlcWzrd.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\MicCal.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RtkAudioService.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RTLCPL.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\SkyTel.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\SoundMan.exe
C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil.exe
C:\Program Files\RegistryBooster\registrybooster.exe
C:\Program Files\RegistryBooster\unins000.exe
C:\Program Files\S3\Chrome9HC\s3minset.exe
C:\Program Files\s3graphics\chrome3\s3loadsv.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Easy Display Manager\DMLauncher_XP.exe
C:\Program Files\Samsung\Easy Display Manager\dmloader.exe
C:\Program Files\Samsung\Easy Display Manager\EDM-BatteryWarning.exe
C:\Program Files\Samsung\Easy Display Manager\HotKeyOption.exe
C:\Program Files\Samsung\Easy Display Manager\wlan.exe
C:\Program Files\Samsung\Easy Network Manager\ENM.exe
C:\Program Files\Samsung\Easy Network Manager\HelpLaunch.exe
C:\Program Files\Samsung\Easy Network Manager\MakeAdHoc.exe
C:\Program Files\Samsung\Easy Network Manager\Support\InstallHelper.exe
C:\Program Files\Samsung\Easy Network Manager\Support\UninstallHelper.exe
C:\Program Files\Samsung\Samsung Battery Manager\KStartMem.exe
C:\Program Files\Samsung\Samsung Battery Manager\PSMode.exe
C:\Program Files\Samsung\Samsung Magic Doctor\KStartMem.exe
C:\Program Files\Samsung\Samsung Magic Doctor\RegSIS.exe
C:\Program Files\Samsung\Samsung Magic Doctor\Specinfo.exe
C:\Program Files\Samsung\Samsung Magic Doctor\OneclickSTS\FixWZC.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\GoRecovery.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\InstDrv.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\KStartMem.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\Manager1.exe
C:\Program Files\Samsung\Samsung Recovery Solution III\WCScheduler.exe
C:\Program Files\Samsung\Samsung Update Plus\supbackground.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPClientApp.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPHelp.exe
C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\setup.exe
C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\SSetup.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_chs\samsungmanual_chs.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_cht\samsungmanual_cht.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_dan\samsungmanual_dan.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_dut\samsungmanual_dut.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_eng\samsungmanual_eng.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_fin\samsungmanual_fin.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_fra\samsungmanual_fra.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_ger\samsungmanual_ger.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_ita\samsungmanual_ita.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_kor\samsungmanual_kor.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_nor\samsungmanual_nor.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_pol\samsungmanual_pol.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_rus\samsungmanual_rus.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_spn\samsungmanual_spn.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_swe\samsungmanual_swe.exe
C:\Program Files\Samsung\SamsungManual\samsungmanual_tur\samsungmanual_tur.exe
C:\Program Files\Spybot - Search & Destroy\blindman.exe
C:\Program Files\Spybot - Search & Destroy\SDFiles.exe
C:\Program Files\Spybot - Search & Destroy\SDMain.exe
C:\Program Files\Spybot - Search & Destroy\SDShred.exe
C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\unins000.exe
C:\Program Files\Spybot - Search & Destroy\Update.exe
C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.exe
C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.exe
C:\Program Files\Synaptics\SynTP\InstNT.exe
C:\Program Files\Synaptics\SynTP\SynMood.exe
C:\Program Files\Synaptics\SynTP\SynZMetr.exe
C:\Program Files\Synaptics\SynTP\Tutorial.exe
C:\Program Files\Synaptics\SynTP\Media\InstNT.exe
C:\Program Files\Synaptics\SynTP\Media\SynMood.exe
C:\Program Files\Synaptics\SynTP\Media\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\Media\SynZMetr.exe
C:\Program Files\Synaptics\SynTP\Media\Tutorial.exe
C:\Program Files\VideoLAN\VLC\uninstall.exe
C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\isvmsetup.exe
C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\vuvcterm.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtwHfConfig.exe
C:\Program Files\WIDCOMM\Bluetooth Software\gzip.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006902.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006903.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007931.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007933.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0010938.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011957.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011958.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011959.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011960.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011961.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011962.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011974.EXE
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011975.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011977.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011978.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011979.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011980.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011981.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011989.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011999.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012000.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012106.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012107.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012108.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012594.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012595.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012596.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012597.exe
C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012791.exe
D:\zPharaoh.exe
D:\MSOCache\MSOCache .exe
D:\MSOCache\WinrRarSerialInstall.exe
D:\MSOCache\All Users\All Users .exe
D:\MSOCache\All Users\Make Windows Original.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\9000040c-6000-11D3-8CFE-0150048383C9 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\Office2003 CD-Key.doc.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\FILES .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\Office2007 Serial.txt.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\KasperSky6.0 Key.doc.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\PFILES .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\COMMON .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\InstallMSN11En.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\Crack_GoogleEarthPro.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\MSSHARED .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\AmericanOnLine.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DW .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DWTRIG20.EXE
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1036\1036 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1036\msjavx86.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\Lock Folder.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\MSOFFICE .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\FloppyDiskPartion.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\OFFICE11 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1036\1036 .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1036\HP_LaserJetAllInOneConfig.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\JetAudio dump.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\OSE.EXE
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\SETUP .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\InstallMSN11Ar.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\WINDOWS .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF\INF .exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF\Microsoft Windows Network.exe
D:\RECYCLER\RECYCLER .exe
D:\RECYCLER\WinrRarSerialInstall.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1005\NokiaN73Tools.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1005\S-1-5-21-951959548-2110113444-66279279-1005 .exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1006\Make Windows Original.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1006\S-1-5-21-951959548-2110113444-66279279-1006 .exe
E:\EMF.exe
E:\zPharaoh.exe
E:\Documents Formateur\Documents Formateur .exe
E:\Documents Formateur\WinrRarSerialInstall.exe
E:\files\files .exe
E:\files\NokiaN73Tools.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\MSOCache\WinrRarSerialInstall.exe
D:\MSOCache\All Users\Make Windows Original.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\InstallMSN11En.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\Crack_GoogleEarthPro.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\AmericanOnLine.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1036\msjavx86.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\Lock Folder.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\FloppyDiskPartion.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1036\HP_LaserJetAllInOneConfig.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\SETUP\JetAudio dump.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\InstallMSN11Ar.exe
D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF\Microsoft Windows Network.exe
D:\RECYCLER\WinrRarSerialInstall.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1005\NokiaN73Tools.exe
D:\RECYCLER\S-1-5-21-951959548-2110113444-66279279-1006\Make Windows Original.exe
E:\Documents Formateur\WinrRarSerialInstall.exe
E:\files\NokiaN73Tools.exe
################## | Registre # Clés infectieuses |
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"
[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
################## | Registre # Mountpoints2 |
################## | Cracks / Keygens / Serials |
"D:\MSOCache\WinrRarSerialInstall.exe"
28/11/2009 09:06 |Size 155031 |Crc32 e02a5f3d |Md5 ae4f6b2d9b169fe2f4249d28e517ef18
"D:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\Crack_GoogleEarthPro.exe"
28/11/2009 09:06 |Size 154961 |Crc32 81bf71f8 |Md5 5abd2ef0194685d783a2cf1076a645ad
"D:\RECYCLER\WinrRarSerialInstall.exe"
01/12/2009 19:23 |Size 155031 |Crc32 e02a5f3d |Md5 ae4f6b2d9b169fe2f4249d28e517ef18
"E:\Documents Formateur\WinrRarSerialInstall.exe"
27/11/2009 20:05 |Size 155031 |Crc32 e02a5f3d |Md5 ae4f6b2d9b169fe2f4249d28e517ef18
################## | ! Fin du rapport # UsbFix V6.059 ! |
############################## | UsbFix V6.059 |
User : benoît POMERAT (Administrateurs) # SAMSUNG
Update on 01/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 20:40:45 | 01/12/2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com
VIA Nano processor U2250@1300+MHz
Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : avast! antivirus 4.8.1368 [VPS 091201-0] 4.8.1368 [ Enabled | Updated ]
C:\ -> Disque fixe local # 70,04 Go (60,95 Go free) # NTFS
D:\ -> Disque fixe local # 73 Go (72,63 Go free) # NTFS
E:\ -> Disque amovible # 980,72 Mo (685,5 Mo free) # FAT
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe 632
C:\WINDOWS\system32\csrss.exe 704
C:\WINDOWS\system32\winlogon.exe 728
C:\WINDOWS\system32\services.exe 772
C:\WINDOWS\system32\lsass.exe 784
C:\WINDOWS\system32\svchost.exe 940
C:\WINDOWS\system32\svchost.exe 1008
C:\WINDOWS\System32\svchost.exe 1048
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 1080
C:\WINDOWS\system32\svchost.exe 1180
C:\WINDOWS\system32\svchost.exe 1244
C:\WINDOWS\System32\svchost.exe 1264
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1384
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1400
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1468
C:\WINDOWS\Explorer.EXE 1772
C:\WINDOWS\system32\spoolsv.exe 228
C:\WINDOWS\system32\svchost.exe 1356
C:\Program Files\Java\jre6\bin\jqs.exe 1536
C:\Program Files\LogMeIn\x86\RaMaint.exe 1664
C:\Program Files\Alwil Software\Avast4\setup\avast.setup 1692
C:\Program Files\LogMeIn\x86\LogMeIn.exe 1764
C:\Program Files\LogMeIn\x86\LMIGuardian.exe 1860
C:\Program Files\s3graphics\chrome3\s3funkey.svc 1920
C:\Program Files\s3graphics\chrome3\s3loadsv.svc 392
C:\WINDOWS\system32\svchost.exe 436
C:\WINDOWS\system32\wuauclt.exe 1120
C:\WINDOWS\system32\wbem\wmiprvse.exe 1160
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 1816
C:\WINDOWS\system32\wbem\unsecapp.exe 2064
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 2056
C:\WINDOWS\system32\wbem\wmiprvse.exe 2148
C:\WINDOWS\system32\wbem\wmiapsrv.exe 2212
C:\WINDOWS\System32\alg.exe 2388
################## | Fichiers # Dossiers infectieux |
Non supprimé ! C:\autorun.inf
Non supprimé ! D:\autorun.inf
Non supprimé ! E:\autorun.inf
################## | Spyware.OnlineGames |
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006902.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011962.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP26\A0012594.exe
################## | Mabezat |
Supprimé ! C:\Documents and Settings\hook.dl_
Supprimé ! C:\Documents and Settings\tazebama.dl_
Supprimé ! C:\Documents and Settings\tazebama.dll
Supprimé ! C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama\zPharaoh.dat
Supprimé ! C:\DOCUME~1\BENOTP~1\APPLIC~1\tazebama
Supprimé ! C:\zPharaoh.exe
Supprimé ! D:\zPharaoh.exe
Supprimé ! E:\zPharaoh.exe
Supprimé ! C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\ComboFix.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\Firefox Setup 3.0.15.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\HiJackThis.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\lavasoft_adawarefree.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\registrybooster.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\SpySweeperSNRSetup_FR.exe
Supprimé ! C:\Documents and Settings\benoŒt POMERAT\Bureau\programmes ordi\ccsetup224.exe
Supprimé ! C:\Program Files\CCleaner\uninst.exe
Supprimé ! C:\Program Files\CyberLink\Shared files\EffectExtractor.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\BigBang\CLUpdater.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\Language\youcam-tutorial.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\MUITransfer\muistartmenu.exe
Supprimé ! C:\Program Files\CyberLink\YouCam\OLRSubmission\OLRStateCheck.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AcrobatUpdater.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\ARM\1.0\ReaderUpdater.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\Updater6\AdobeUpdaterInstallMgr.exe
Supprimé ! C:\Program Files\Fichiers communs\Adobe\Updater6\Adobe_Updater.exe
Supprimé ! C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IDriver.exe
Supprimé ! C:\Program Files\Fichiers communs\InstallShield\Engine\6\Intel 32\IKernel.exe
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\DW\DW20.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\MODI\11.0\MSPVIEW.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\MSInfo\OINFOP11.EXE
Supprimé ! C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\DFUICOM.EXE
Supprimé ! C:\Program Files\Fichiers communs\System\MSMAPI\1036\CNFNOT32.EXE
Supprimé ! C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANOST.EXE
Supprimé ! C:\Program Files\Fichiers communs\System\MSMAPI\1036\SCANPST.EXE
Supprimé ! C:\Program Files\Google\Common\Google Updater\googleupdaterservice.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarUser_32_1D643E0FC0BE74CC.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\GoogleUpdaterService_5898FABCFA121C11.exe
Supprimé ! C:\Program Files\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe
Supprimé ! C:\Program Files\Google\GoogleToolbarNotifier\swg-5.3.4501.1418\SearchWithGoogleUpdate.exe
Supprimé ! C:\Program Files\Google\GoogleToolbarNotifier\swg-5.4.4525.1752\SearchWithGoogleUpdate.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}\Setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
Supprimé ! C:\Program Files\InstallShield Installation Information\{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}\setup.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\java.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\javacpl.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\javaw.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\javaws.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\jusched.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\keytool.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\kinit.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\klist.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\ktab.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\orbd.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\pack200.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\policytool.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\rmid.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\rmiregistry.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\servertool.exe
Supprimé ! C:\Program Files\Java\jre1.5.0\bin\tnameserv.exe
Supprimé ! C:\Program Files\Java\jre6\bin\java-rmi.exe
Supprimé ! C:\Program Files\Java\jre6\bin\javacpl.exe
Supprimé ! C:\Program Files\Java\jre6\bin\javaw.exe
Supprimé ! C:\Program Files\Java\jre6\bin\javaws.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jbroker.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jp2launcher.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jqsnotify.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jucheck.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jureg.exe
Supprimé ! C:\Program Files\Java\jre6\bin\jusched.exe
Supprimé ! C:\Program Files\Java\jre6\bin\keytool.exe
Supprimé ! C:\Program Files\Java\jre6\bin\kinit.exe
Supprimé ! C:\Program Files\Java\jre6\bin\klist.exe
Supprimé ! C:\Program Files\Java\jre6\bin\ktab.exe
Supprimé ! C:\Program Files\Java\jre6\bin\orbd.exe
Supprimé ! C:\Program Files\Java\jre6\bin\pack200.exe
Supprimé ! C:\Program Files\Java\jre6\bin\policytool.exe
Supprimé ! C:\Program Files\Java\jre6\bin\rmid.exe
Supprimé ! C:\Program Files\Java\jre6\bin\rmiregistry.exe
Supprimé ! C:\Program Files\Java\jre6\bin\servertool.exe
Supprimé ! C:\Program Files\Java\jre6\bin\ssvagent.exe
Supprimé ! C:\Program Files\Java\jre6\bin\tnameserv.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\Download Guard for Internet Explorer.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\ToolBox\AutoStart Manager\AutoStart Manager.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\HostFileEditor.exe
Supprimé ! C:\Program Files\Lavasoft\Ad-Aware\ToolBox\LT\ProcessWatch.exe
Supprimé ! C:\Program Files\LogMeIn\x86\LogMeInToolkit.exe
Supprimé ! C:\Program Files\LogMeIn\x86\openssl.exe
Supprimé ! C:\Program Files\LogMeIn\x86\rainst.exe
Supprimé ! C:\Program Files\LogMeIn\x86\RA_SC.exe
Supprimé ! C:\Program Files\LogMeIn\x86\zip.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\raupdate.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__LogMeInToolkit.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__openssl.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__rainst.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__ra_sc.exe
Supprimé ! C:\Program Files\LogMeIn\x86\update\x86__zip.exe
Supprimé ! C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Supprimé ! C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
Supprimé ! C:\Program Files\Marvell\Miniport Driver\installu.exe
Supprimé ! C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Supprimé ! C:\Program Files\McAfee Security Scan\uninstall.exe
Supprimé ! C:\Program Files\McAfee Security Scan\1.0.150\mcuicnt.exe
Supprimé ! C:\Program Files\Messenger\msmsgs.exe
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\DSSM.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\GRAPH.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\INFOPATH.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSPUB.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\MSTORE.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\OIS.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\PROFLWIZ.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
Supprimé ! C:\Program Files\Microsoft Office\OFFICE11\1036\MSOHELP.EXE
Supprimé ! C:\Program Files\Mozilla Firefox\updater.exe
Supprimé ! C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Supprimé ! C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
Supprimé ! C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe
Supprimé ! C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe
Supprimé ! C:\Program Files\MSN\MsnInstaller\msninst.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\Alcmtr.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\AlcWzrd.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\MicCal.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RtkAudioService.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RTLCPL.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\SkyTel.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\SoundMan.exe
Supprimé ! C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil.exe
Supprimé ! C:\Program Files\RegistryBooster\registrybooster.exe
Supprimé ! C:\Program Files\RegistryBooster\unins000.exe
Supprimé ! C:\Program Files\S3\Chrome9HC\s3minset.exe
Supprimé ! C:\Program Files\s3graphics\chrome3\s3loadsv.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\DMLauncher_XP.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\dmloader.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\EDM-BatteryWarning.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\HotKeyOption.exe
Supprimé ! C:\Program Files\Samsung\Easy Display Manager\wlan.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\ENM.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\HelpLaunch.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\MakeAdHoc.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\Support\InstallHelper.exe
Supprimé ! C:\Program Files\Samsung\Easy Network Manager\Support\UninstallHelper.exe
Supprimé ! C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe
Supprimé ! C:\Program Files\Samsung\Samsung Battery Manager\KStartMem.exe
Supprimé ! C:\Program Files\Samsung\Samsung Battery Manager\PSMode.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\KStartMem.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\RegSIS.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\Specinfo.exe
Supprimé ! C:\Program Files\Samsung\Samsung Magic Doctor\OneclickSTS\FixWZC.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\GoRecovery.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\InstDrv.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\KStartMem.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\Manager1.exe
Supprimé ! C:\Program Files\Samsung\Samsung Recovery Solution III\WCScheduler.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\supbackground.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\SUPClientApp.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\SUPHelp.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\setup.exe
Supprimé ! C:\Program Files\Samsung\Samsung Update Plus\Archives\IT00000384\SSetup.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_chs\samsungmanual_chs.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_cht\samsungmanual_cht.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_dan\samsungmanual_dan.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_dut\samsungmanual_dut.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_eng\samsungmanual_eng.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_fin\samsungmanual_fin.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_fra\samsungmanual_fra.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_ger\samsungmanual_ger.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_ita\samsungmanual_ita.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_kor\samsungmanual_kor.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_nor\samsungmanual_nor.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_pol\samsungmanual_pol.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_rus\samsungmanual_rus.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_spn\samsungmanual_spn.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_swe\samsungmanual_swe.exe
Supprimé ! C:\Program Files\Samsung\SamsungManual\samsungmanual_tur\samsungmanual_tur.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\InstNT.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\SynMood.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\SynZMetr.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Tutorial.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\InstNT.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\SynMood.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\SynTPEnh.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\SynZMetr.exe
Supprimé ! C:\Program Files\Synaptics\SynTP\Media\Tutorial.exe
Supprimé ! C:\Program Files\VideoLAN\VLC\uninstall.exe
Supprimé ! C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\isvmsetup.exe
Supprimé ! C:\Program Files\Vimicro Corporation\VMC326\DriverBackup\vuvcterm.exe
Supprimé ! C:\Program Files\WIDCOMM\Bluetooth Software\BtwHfConfig.exe
Supprimé ! C:\Program Files\WIDCOMM\Bluetooth Software\gzip.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0006903.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007931.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0007933.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0010938.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011957.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011958.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011959.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011960.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011961.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011974.EXE
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011975.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011977.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011978.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011979.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011980.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011981.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011989.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0011999.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012000.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012106.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012107.exe
Supprimé ! C:\System Volume Information\_restore{B8351707-18C8-4C75-85F9-DF984B93B760}\RP25\A0012108.exe
Auteur
le 01/12/2009 21h55
Ok, tu as pas mal d'exécutable qui ont été infecté par Mabezat et supprimé ensuite, va falloir que tu réinstalles les programmes suivant:
CCleaner
CyberLink
Adobe reader
Java
(ad-aware) je le met entre parenthèse, car malwarebytes' est beaucoup mieux pour le même job
LogMeIn
Malwarebytes'
McAfee
Microsoft Office
Marvell Miniport Driver
Firefox
MSN
Realtek Audio
RegistryBooster
Samsung
SynTP de Synaptics
Vimicro Corporation
Bluetooth Software de Widcomm
===
En gros tous ceux qui sont listés dans les suppressions de USBFix
Avant de les réinstaller, j'espère que tu avais bien connecter tous tes supports amovibles au pc avant de lancer USBFix, si ce n'est pas le cas, fait le et relance le
Ensuite re-installe les et fais le log RSIT comme dit dans mon post précédent
CCleaner
CyberLink
Adobe reader
Java
(ad-aware) je le met entre parenthèse, car malwarebytes' est beaucoup mieux pour le même job
LogMeIn
Malwarebytes'
McAfee
Microsoft Office
Marvell Miniport Driver
Firefox
MSN
Realtek Audio
RegistryBooster
Samsung
SynTP de Synaptics
Vimicro Corporation
Bluetooth Software de Widcomm
===
En gros tous ceux qui sont listés dans les suppressions de USBFix
Avant de les réinstaller, j'espère que tu avais bien connecter tous tes supports amovibles au pc avant de lancer USBFix, si ce n'est pas le cas, fait le et relance le
Ensuite re-installe les et fais le log RSIT comme dit dans mon post précédent
Auteur
le 02/12/2009 20h11
Logfile of random's system information tool 1.06 (written by random/random)
Run by benoît POMERAT at 2009-12-02 20:09:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 62 GB (87%) free of 72 GB
Total RAM: 894 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:52, on 02/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\s3graphics\chrome3\Chrome3.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\Program Files\s3graphics\chrome3\s3loadsv.svc
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\benoît POMERAT\Bureau\RSIT.exe
C:\Program Files\trend micro\benoît POMERAT.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [Chrome3] C:\Program Files\s3graphics\chrome3\Chrome3.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
--
End of file - 8395 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-30 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-11 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-30 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-05 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-30 256112]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-18 17676288]
"EDS"=C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe [2007-12-20 659456]
"Chrome3"=C:\Program Files\s3graphics\chrome3\Chrome3.exe [2009-04-30 1274368]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-28 1044480]
"BatteryManager"=C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe [2008-11-27 2768896]
"MagicKeyboard"=C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe [2006-05-14 151552]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-08-11 63048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoActiveDesktop"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-12-02 19:51:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-02 19:51:06 ----D---- C:\Program Files\Adobe
2009-12-02 19:49:18 ----SHD---- C:\Config.Msi
2009-12-01 23:25:55 ----RASHD---- C:\autorun.inf
2009-12-01 22:48:29 ----A---- C:\UsbFix.txt
2009-12-01 22:24:12 ----HD---- C:\WINDOWS\PIF
2009-12-01 21:32:17 ----D---- C:\Program Files\trend micro
2009-12-01 21:32:15 ----D---- C:\rsit
2009-12-01 19:38:24 ----D---- C:\UsbFix
2009-12-01 19:17:59 ----A---- C:\ComboFix.txt
2009-12-01 19:05:05 ----A---- C:\Boot.bak
2009-12-01 19:04:59 ----RASHD---- C:\cmdcons
2009-12-01 19:03:27 ----A---- C:\WINDOWS\zip.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\SWSC.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\SWREG.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\sed.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\PEV.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\MBR.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\grep.exe
2009-12-01 19:03:15 ----D---- C:\WINDOWS\ERDNT
2009-11-30 23:00:27 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Mozilla
2009-11-30 23:00:18 ----D---- C:\Program Files\Mozilla Firefox
2009-11-30 10:03:08 ----D---- C:\Program Files\RegistryBooster
2009-11-30 09:58:09 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Uniblue
2009-11-30 07:56:14 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-11-30 07:02:54 ----D---- C:\Program Files\Lavasoft
2009-11-30 07:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-30 07:00:19 ----D---- C:\Documents and Settings\All Users\Application Data\LogMeIn
2009-11-30 07:00:13 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2009-11-30 07:00:13 ----A---- C:\WINDOWS\system32\LMIport.dll
2009-11-30 07:00:07 ----A---- C:\WINDOWS\system32\LMIinit.dll
2009-11-30 06:59:56 ----D---- C:\Program Files\LogMeIn
2009-11-30 06:54:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-29 23:45:49 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Yahoo!
2009-11-29 23:45:49 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-11-29 23:45:48 ----D---- C:\Program Files\Yahoo!
2009-11-29 23:45:44 ----D---- C:\Program Files\CCleaner
2009-11-29 23:08:58 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-29 22:37:42 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Malwarebytes
2009-11-29 22:37:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-29 22:37:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-29 21:01:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-29 21:01:08 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-29 12:23:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-11-29 12:23:26 ----D---- C:\Program Files\McAfee Security Scan
2009-11-29 12:23:00 ----D---- C:\Program Files\NOS
2009-11-29 12:23:00 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-11-25 17:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 17:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-19 08:43:02 ----D---- C:\BrowserPlusPlugins
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-14 19:32:34 ----D---- C:\Program Files\Alwil Software
2009-11-11 13:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 18:27:10 ----D---- C:\WINDOWS\Minidump
2009-11-10 18:26:33 ----N---- C:\WINDOWS\system32\amis_KBD.ini
2009-11-09 20:19:24 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\dvdcss
2009-11-09 18:22:53 ----D---- C:\Program Files\Marvell
2009-11-05 11:03:46 ----D---- C:\WINDOWS\Sun
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\java.exe
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-05 11:00:31 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Sun
2009-11-03 12:26:26 ----D---- C:\WINDOWS\ie8updates
2009-11-03 09:20:11 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-11-03 09:20:11 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-11-03 09:20:11 ----A---- C:\WINDOWS\system32\SIntf16.dll
======List of files/folders modified in the last 1 months======
2009-12-02 20:09:40 ----D---- C:\WINDOWS\Prefetch
2009-12-02 20:08:48 ----SD---- C:\WINDOWS\Tasks
2009-12-02 20:02:10 ----D---- C:\WINDOWS\Temp
2009-12-02 20:01:11 ----D---- C:\WINDOWS
2009-12-02 19:58:58 ----D---- C:\WINDOWS\system32
2009-12-02 19:58:43 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-02 19:58:22 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-12-02 19:57:17 ----SHD---- C:\WINDOWS\Installer
2009-12-02 19:57:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-02 19:57:07 ----D---- C:\WINDOWS\system32\drivers
2009-12-02 19:56:47 ----HD---- C:\WINDOWS\inf
2009-12-02 19:56:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-02 19:54:15 ----A---- C:\WINDOWS\system32\btrez.dll
2009-12-02 19:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-02 19:51:06 ----RD---- C:\Program Files
2009-12-02 19:51:06 ----D---- C:\Program Files\Fichiers communs
2009-12-02 19:45:23 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\vlc
2009-12-01 23:25:51 ----SHD---- C:\RECYCLER
2009-12-01 22:24:24 ----A---- C:\WINDOWS\system.ini
2009-12-01 21:27:39 ----SHD---- C:\System Volume Information
2009-12-01 21:25:15 ----D---- C:\Program Files\Messenger
2009-12-01 20:56:14 ----D---- C:\Documents and Settings
2009-12-01 20:38:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-01 20:38:31 ----D---- C:\Program Files\Internet Explorer
2009-12-01 20:38:30 ----D---- C:\Program Files\Windows Media Player
2009-12-01 20:38:30 ----D---- C:\Program Files\Outlook Express
2009-12-01 20:38:22 ----D---- C:\WINDOWS\system32\Restore
2009-12-01 20:38:20 ----D---- C:\Program Files\Windows NT
2009-12-01 20:38:20 ----D---- C:\Program Files\Movie Maker
2009-12-01 20:38:19 ----D---- C:\Program Files\NetMeeting
2009-12-01 19:11:21 ----D---- C:\WINDOWS\AppPatch
2009-12-01 19:05:05 ----RASH---- C:\boot.ini
2009-11-30 20:09:08 ----A---- C:\WINDOWS\system32\winsock.dll
2009-11-30 19:05:45 ----D---- C:\WINDOWS\Help
2009-11-30 07:06:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-29 23:48:24 ----D---- C:\WINDOWS\Debug
2009-11-29 17:42:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-29 12:25:08 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-11-26 16:05:18 ----A---- C:\WINDOWS\win.ini
2009-11-25 17:37:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-25 17:37:19 ----D---- C:\WINDOWS\WinSxS
2009-11-22 09:52:02 ----D---- C:\WINDOWS\Network Diagnostic
2009-11-21 18:32:12 ----D---- C:\Program Files\Samsung
2009-11-21 18:32:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-15 13:57:25 ----D---- C:\WINDOWS\system32\config
2009-11-14 17:44:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-11-11 13:32:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-08 12:28:37 ----A---- C:\WINDOWS\ODBC.INI
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 11:02:06 ----D---- C:\Program Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 DOSMEMIO;MEMIO; \??\C:\WINDOWS\system32\MEMIO.SYS []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-10-08 1334432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-12-02 879832]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-12-02 74688]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DNSeFilter;DNSeFilter; C:\WINDOWS\system32\drivers\SamsungEDS.sys [2008-01-14 30208]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-19 4951040]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 10144]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2009-04-29 581632]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-08-28 224736]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vcrdrx32;VIA MSP Cardreader Host Controller; C:\WINDOWS\system32\DRIVERS\vcrdrx32.sys [2008-12-23 90752]
R3 VMC326;Vimicro Camera Service VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [2008-09-23 238464]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-04-21 297344]
S3 catchme;catchme; \??\C:\DOCUME~1\BENOTP~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SUEPD;SUE NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2006-08-01 19840]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-17 264800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-05 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-11-30 1184912]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-09-28 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-08-11 63040]
R2 S3Funkey;S3Funkey; C:\Program Files\s3graphics\chrome3\s3funkey.svc [2009-04-30 444416]
R2 S3LoadSv;S3LoadSv; C:\Program Files\s3graphics\chrome3\s3loadsv.svc [2009-04-30 387072]
R2 yksvc;Marvell Yukon Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Run by benoît POMERAT at 2009-12-02 20:09:33
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 62 GB (87%) free of 72 GB
Total RAM: 894 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:52, on 02/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\s3graphics\chrome3\Chrome3.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\Program Files\s3graphics\chrome3\s3loadsv.svc
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\s3graphics\chrome3\s3funkey.svc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\benoît POMERAT\Bureau\RSIT.exe
C:\Program Files\trend micro\benoît POMERAT.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [Chrome3] C:\Program Files\s3graphics\chrome3\Chrome3.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
--
End of file - 8395 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-30 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-11 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-30 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-05 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-30 256112]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-18 17676288]
"EDS"=C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe [2007-12-20 659456]
"Chrome3"=C:\Program Files\s3graphics\chrome3\Chrome3.exe [2009-04-30 1274368]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-28 1044480]
"BatteryManager"=C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe [2008-11-27 2768896]
"MagicKeyboard"=C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe [2006-05-14 151552]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-08-11 63048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=145
"NoDriveTypeAutoRun"=145
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoActiveDesktop"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-12-02 19:51:06 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-02 19:51:06 ----D---- C:\Program Files\Adobe
2009-12-02 19:49:18 ----SHD---- C:\Config.Msi
2009-12-01 23:25:55 ----RASHD---- C:\autorun.inf
2009-12-01 22:48:29 ----A---- C:\UsbFix.txt
2009-12-01 22:24:12 ----HD---- C:\WINDOWS\PIF
2009-12-01 21:32:17 ----D---- C:\Program Files\trend micro
2009-12-01 21:32:15 ----D---- C:\rsit
2009-12-01 19:38:24 ----D---- C:\UsbFix
2009-12-01 19:17:59 ----A---- C:\ComboFix.txt
2009-12-01 19:05:05 ----A---- C:\Boot.bak
2009-12-01 19:04:59 ----RASHD---- C:\cmdcons
2009-12-01 19:03:27 ----A---- C:\WINDOWS\zip.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\SWSC.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\SWREG.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\sed.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\PEV.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\MBR.exe
2009-12-01 19:03:27 ----A---- C:\WINDOWS\grep.exe
2009-12-01 19:03:15 ----D---- C:\WINDOWS\ERDNT
2009-11-30 23:00:27 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Mozilla
2009-11-30 23:00:18 ----D---- C:\Program Files\Mozilla Firefox
2009-11-30 10:03:08 ----D---- C:\Program Files\RegistryBooster
2009-11-30 09:58:09 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Uniblue
2009-11-30 07:56:14 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-11-30 07:02:54 ----D---- C:\Program Files\Lavasoft
2009-11-30 07:02:53 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-11-30 07:00:19 ----D---- C:\Documents and Settings\All Users\Application Data\LogMeIn
2009-11-30 07:00:13 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll
2009-11-30 07:00:13 ----A---- C:\WINDOWS\system32\LMIport.dll
2009-11-30 07:00:07 ----A---- C:\WINDOWS\system32\LMIinit.dll
2009-11-30 06:59:56 ----D---- C:\Program Files\LogMeIn
2009-11-30 06:54:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-29 23:45:49 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Yahoo!
2009-11-29 23:45:49 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-11-29 23:45:48 ----D---- C:\Program Files\Yahoo!
2009-11-29 23:45:44 ----D---- C:\Program Files\CCleaner
2009-11-29 23:08:58 ----HDC---- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-29 22:37:42 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Malwarebytes
2009-11-29 22:37:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-29 22:37:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-29 21:01:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-29 21:01:08 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-29 12:23:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-11-29 12:23:26 ----D---- C:\Program Files\McAfee Security Scan
2009-11-29 12:23:00 ----D---- C:\Program Files\NOS
2009-11-29 12:23:00 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-11-25 17:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 17:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-19 08:43:02 ----D---- C:\BrowserPlusPlugins
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-11-14 19:32:37 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-14 19:32:34 ----D---- C:\Program Files\Alwil Software
2009-11-11 13:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-10 18:27:10 ----D---- C:\WINDOWS\Minidump
2009-11-10 18:26:33 ----N---- C:\WINDOWS\system32\amis_KBD.ini
2009-11-09 20:19:24 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\dvdcss
2009-11-09 18:22:53 ----D---- C:\Program Files\Marvell
2009-11-05 11:03:46 ----D---- C:\WINDOWS\Sun
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\javaws.exe
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\javaw.exe
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\java.exe
2009-11-05 11:02:53 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-11-05 11:00:31 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\Sun
2009-11-03 12:26:26 ----D---- C:\WINDOWS\ie8updates
2009-11-03 09:20:11 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-11-03 09:20:11 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-11-03 09:20:11 ----A---- C:\WINDOWS\system32\SIntf16.dll
======List of files/folders modified in the last 1 months======
2009-12-02 20:09:40 ----D---- C:\WINDOWS\Prefetch
2009-12-02 20:08:48 ----SD---- C:\WINDOWS\Tasks
2009-12-02 20:02:10 ----D---- C:\WINDOWS\Temp
2009-12-02 20:01:11 ----D---- C:\WINDOWS
2009-12-02 19:58:58 ----D---- C:\WINDOWS\system32
2009-12-02 19:58:43 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-02 19:58:22 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-12-02 19:57:17 ----SHD---- C:\WINDOWS\Installer
2009-12-02 19:57:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-02 19:57:07 ----D---- C:\WINDOWS\system32\drivers
2009-12-02 19:56:47 ----HD---- C:\WINDOWS\inf
2009-12-02 19:56:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-02 19:54:15 ----A---- C:\WINDOWS\system32\btrez.dll
2009-12-02 19:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-02 19:51:06 ----RD---- C:\Program Files
2009-12-02 19:51:06 ----D---- C:\Program Files\Fichiers communs
2009-12-02 19:45:23 ----D---- C:\Documents and Settings\benoît POMERAT\Application Data\vlc
2009-12-01 23:25:51 ----SHD---- C:\RECYCLER
2009-12-01 22:24:24 ----A---- C:\WINDOWS\system.ini
2009-12-01 21:27:39 ----SHD---- C:\System Volume Information
2009-12-01 21:25:15 ----D---- C:\Program Files\Messenger
2009-12-01 20:56:14 ----D---- C:\Documents and Settings
2009-12-01 20:38:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-01 20:38:31 ----D---- C:\Program Files\Internet Explorer
2009-12-01 20:38:30 ----D---- C:\Program Files\Windows Media Player
2009-12-01 20:38:30 ----D---- C:\Program Files\Outlook Express
2009-12-01 20:38:22 ----D---- C:\WINDOWS\system32\Restore
2009-12-01 20:38:20 ----D---- C:\Program Files\Windows NT
2009-12-01 20:38:20 ----D---- C:\Program Files\Movie Maker
2009-12-01 20:38:19 ----D---- C:\Program Files\NetMeeting
2009-12-01 19:11:21 ----D---- C:\WINDOWS\AppPatch
2009-12-01 19:05:05 ----RASH---- C:\boot.ini
2009-11-30 20:09:08 ----A---- C:\WINDOWS\system32\winsock.dll
2009-11-30 19:05:45 ----D---- C:\WINDOWS\Help
2009-11-30 07:06:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-29 23:48:24 ----D---- C:\WINDOWS\Debug
2009-11-29 17:42:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-29 12:25:08 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-11-26 16:05:18 ----A---- C:\WINDOWS\win.ini
2009-11-25 17:37:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-25 17:37:19 ----D---- C:\WINDOWS\WinSxS
2009-11-22 09:52:02 ----D---- C:\WINDOWS\Network Diagnostic
2009-11-21 18:32:12 ----D---- C:\Program Files\Samsung
2009-11-21 18:32:11 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-15 13:57:25 ----D---- C:\WINDOWS\system32\config
2009-11-14 17:44:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-11-11 13:32:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-08 12:28:37 ----A---- C:\WINDOWS\ODBC.INI
2009-11-05 18:36:21 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-05 11:02:06 ----D---- C:\Program Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 DOSMEMIO;MEMIO; \??\C:\WINDOWS\system32\MEMIO.SYS []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-10-08 1334432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-12-02 879832]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-12-02 74688]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DNSeFilter;DNSeFilter; C:\WINDOWS\system32\drivers\SamsungEDS.sys [2008-01-14 30208]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-19 4951040]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 10144]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2009-04-29 581632]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-08-28 224736]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vcrdrx32;VIA MSP Cardreader Host Controller; C:\WINDOWS\system32\DRIVERS\vcrdrx32.sys [2008-12-23 90752]
R3 VMC326;Vimicro Camera Service VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [2008-09-23 238464]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-04-21 297344]
S3 catchme;catchme; \??\C:\DOCUME~1\BENOTP~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SUEPD;SUE NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2006-08-01 19840]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-17 264800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-05 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-11-30 1184912]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2009-09-28 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-08-11 63040]
R2 S3Funkey;S3Funkey; C:\Program Files\s3graphics\chrome3\s3funkey.svc [2009-04-30 444416]
R2 S3LoadSv;S3LoadSv; C:\Program Files\s3graphics\chrome3\s3loadsv.svc [2009-04-30 387072]
R2 yksvc;Marvell Yukon Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Auteur
le 02/12/2009 20h58
Tu as encore des soucis?
Auteur
le 02/12/2009 21h01
non nickel
je te remercie encore !
je te remercie encore !
1
Légende
ConnectéNon connecté
Dernier message lu
Nouveau message
Dernier message lu après votre participation
Sujet non lu
Pas de nouveau message
Sujet verrouillé
Sujet avec sondageAVIS ET COMMENTAIRES
A PROPOS DE 01NET
Forums du groupe 01
MON 01NET.
se connecter / s'inscrire
mot de passe oublié
mot de passe oublié
les modérateurs
DERNIERS SONDAGES
FLUX RSS
Qu'est-ce qu'un flux RSS
guide d'achat
Nous contacter | Charte de confiance | Mentions légales et CGU | Conditions d'abonnement | Publicité (CGV)| 01net. recrute