Bonjour a tous.
Je suis assez étonné car mon pc marche tres bien, pas de soucis de connexion, pas de ralentissement.
j'étais sur internet et d'un coup avast me donne une alerte d'un trojan : JS-pdfka-kb.sur http: oda.mwtrust.net/pdfdoc.doc1.pdf. site où je n'étais pas. dans le journal avast il est dans avertissement. je fais donc un scan avec avast, rien, puis avec spybot, rien non plus.
je cherche un peu sur le net, et du coup j'installe zone alarme via commentcamarche (j'avais laissé le pare feu windows de base, erreur je sais lol ). donc en lisant le forum jai donc fait RSIT et voici le rapport:
info.txt logfile of random's system information tool 1.06 2009-09-08 19:51:48
======Uninstall list======
-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Coffret de pilotes Logitech Webcam Software-->"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\12.0.1278\LgDrvInst.exe" -remove -instdir"C:\Program Files\Fichiers communs\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_12.0" /clone_wait /hide_progress
DMIView B06.1227.01-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}\setup.exe" -l0x9 -removeonly
EasyTune5Pro-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Gigabyte\ET5Pro\Uninst.isu" -c"C:\Program Files\Gigabyte\ET5Pro\uninstdrv.dll"
Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\System32\igxpun.exe -uninstall
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Logitech Webcam Software-->MsiExec.exe /I{AC96671C-2001-432C-9826-5266D84EF1DC}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly
Reason-->MsiExec.exe /X{E52BFE61-E0FF-11D6-9D69-00065BABCB42}
ReBirth Modpacker v1.0-->C:\audio\RBMODP~1\UNWISE.EXE C:\audio\RBMODP~1\INSTALL.LOG
ReBirth RB-338 2.0 Addon Pack 1-->C:\audio\rebirth2\UNWISE.EXE C:\audio\rebirth2\INSTALL.LOG
ReBirth RB-338 2.01-->C:\WINDOWS\UNWISE.EXE C:\audio\rebirth2\INSTALL.LOG
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Samples Installer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x40c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sonic Foundry XFX vol2 v1.0b-->C:\audio\XFX2\UNWISE.EXE C:\audio\XFX2\INSTALL.LOG
Sonic Foundry XFX vol3 v1.0b-->C:\audio\XFX3\UNWISE.EXE C:\audio\XFX3\INSTALL.LOG
Sonic Foundry XFX1 v1.0b-->C:\audio\XFX1\UNWISE.EXE C:\audio\XFX1\INSTALL.LOG
Sony Sound Forge 8.0-->MsiExec.exe /X{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
VDownloader 1.1-->"C:\Program Files\VDOWNLOADER\unins000.exe"
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Security center information======
AV: avast! antivirus 4.8.1351 [VPS 090908-0]
FW: ZoneAlarm Firewall
======System event log======
Computer Name: WAWAN
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.
Record Number: 9581
Source Name: Service Control Manager
Time Written: 20090809195135.000000+120
Event Type: Informations
User:
Computer Name: WAWAN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
Record Number: 9580
Source Name: Service Control Manager
Time Written: 20090809195135.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: WAWAN
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.
Record Number: 9579
Source Name: Service Control Manager
Time Written: 20090809195135.000000+120
Event Type: Informations
User:
Computer Name: WAWAN
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur.
Record Number: 9578
Source Name: Service Control Manager
Time Written: 20090809195135.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: WAWAN
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 9577
Source Name: Service Control Manager
Time Written: 20090809195135.000000+120
Event Type: Informations
User:
=====Application event log=====
Computer Name: WAWAN
Event Code: 300
Message: wuaueng.dll (1260) SUS20ClientDataStore: Le moteur de base de données initialise la procédure de récupération.
Record Number: 1272
Source Name: ESENT
Time Written: 20090531092857.000000+120
Event Type: Informations
User:
Computer Name: WAWAN
Event Code: 102
Message: wuaueng.dll (1260) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 1271
Source Name: ESENT
Time Written: 20090531092857.000000+120
Event Type: Informations
User:
Computer Name: WAWAN
Event Code: 100
Message: wuauclt (1260) Le moteur de base de données 5.01.2600.5512 est démarré.
Record Number: 1270
Source Name: ESENT
Time Written: 20090531092857.000000+120
Event Type: Informations
User:
Computer Name: WAWAN
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 1269
Source Name: SecurityCenter
Time Written: 20090531092812.000000+120
Event Type: Informations
User:
Computer Name: WAWAN
Event Code: 302
Message: wuaueng.dll (556) SUS20ClientDataStore: Le moteur de base de données a exécuté la procédure de récupération avec succès.
Record Number: 1268
Source Name: ESENT
Time Written: 20090531091022.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"tvdumpflags"=8
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by wanesh at 2009-09-08 19:51:08
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 11 GB (37%) free of 30 GB
Total RAM: 2037 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:51:46, on 08/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmjb.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_director.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MM_TDM~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\a-squared Free\a2free.exe
C:\Documents and Settings\wanesh\Mes documents\Téléchargements\RSIT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\trend micro\wanesh.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.fr/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Google Update (gupdate1ca1ac625168e84) (gupdate1ca1ac625168e84) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 7961 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-08-11 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-05-19 1144712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-05-19 1144712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2007-09-05 141848]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2007-09-05 166424]
"Persistence"=C:\WINDOWS\System32\igfxpers.exe [2007-09-05 137752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"GEST"= []
"EasyTuneVPro"=C:\Program Files\Gigabyte\ET5Pro\ETcall.exe [2007-07-26 20480]
"MMTray"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2004-07-29 131072]
"mmtask"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [2004-07-29 53248]
"NWEReboot"= []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-11 39408]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08a22078-6fc2-11de-a257-001d7d7b2dd8}]
shell\AutoRun\command - F:\EmDesk.exe
shell\EmDesk\command - F:\EmDesk.exe
======List of files/folders created in the last 1 months======
2009-09-08 19:51:10 ----D---- C:\Program Files\trend micro
2009-09-08 19:51:08 ----D---- C:\rsit
2009-09-08 17:24:04 ----D---- C:\Program Files\a-squared Free
2009-09-08 13:58:12 ----D---- C:\Program Files\AskBarDis
2009-09-08 13:57:50 ----A---- C:\WINDOWS\system32\vsregexp.dll
2009-09-08 13:57:47 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2009-09-08 13:57:47 ----A---- C:\WINDOWS\system32\zlcomm.dll
2009-09-08 13:57:44 ----A---- C:\WINDOWS\system32\vswmi.dll
2009-09-08 13:57:43 ----A---- C:\WINDOWS\system32\zpeng25.dll
2009-09-08 13:57:42 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-09-08 13:57:42 ----D---- C:\Program Files\Zone Labs
2009-09-08 13:57:42 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-09-08 13:57:42 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-09-08 13:57:42 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-09-08 13:56:52 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-09-08 13:56:52 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-09-08 13:56:52 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-09-08 13:56:49 ----D---- C:\WINDOWS\Internet Logs
2009-08-29 00:13:07 ----D---- C:\Program Files\Ask.com
2009-08-29 00:13:01 ----D---- C:\Program Files\VDOWNLOADER
2009-08-18 17:26:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-18 17:26:22 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-16 21:15:38 ----D---- C:\Documents and Settings\wanesh\Application Data\BitTorrent
2009-08-16 21:13:02 ----D---- C:\Program Files\BitTorrent
2009-08-16 12:56:06 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-16 12:56:06 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-16 12:56:06 ----A---- C:\WINDOWS\system32\java.exe
2009-08-15 12:19:14 ----D---- C:\WINDOWS\Sun
2009-08-15 12:11:07 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-08-15 12:10:55 ----D---- C:\Program Files\Java
2009-08-15 12:10:26 ----D---- C:\Documents and Settings\wanesh\Application Data\Sun
2009-08-12 20:42:24 ----D---- C:\Documents and Settings\wanesh\Application Data\Leadertech
2009-08-12 20:42:03 ----RA---- C:\WINDOWS\system32\LVUI2RC.dll
2009-08-12 20:42:03 ----RA---- C:\WINDOWS\system32\LVUI2.dll
2009-08-12 20:42:03 ----RA---- C:\WINDOWS\system32\lvcodec2.dll
2009-08-12 20:41:42 ----RA---- C:\WINDOWS\system32\lvcoinst.ini
2009-08-12 20:41:41 ----RA---- C:\WINDOWS\system32\lvci1201278.dll
2009-08-12 20:40:13 ----D---- C:\Program Files\Fichiers communs\LogiShrd
2009-08-12 20:40:13 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2009-08-12 20:39:58 ----D---- C:\Program Files\Logitech
2009-08-12 20:37:47 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-08-11 22:58:58 ----D---- C:\Documents and Settings\wanesh\Application Data\Google
2009-08-11 22:53:39 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-08-11 22:53:38 ----D---- C:\Program Files\Google
2009-08-11 19:12:16 ----D---- C:\Program Files\Microsoft
2009-08-11 19:12:01 ----D---- C:\Program Files\Windows Live SkyDrive
2009-08-11 19:11:40 ----D---- C:\Program Files\Windows Live
2009-08-11 19:09:28 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-08-11 17:07:30 ----D---- C:\Documents and Settings\wanesh\Application Data\Macromedia
2009-08-11 13:49:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-08-11 13:46:42 ----D---- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP
2009-08-11 13:43:08 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-08-11 13:43:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-08-11 13:43:06 ----D---- C:\Program Files\Alwil Software
2009-08-11 13:40:37 ----D---- C:\Program Files\Mozilla Firefox
======List of files/folders modified in the last 1 months======
2009-09-08 19:51:33 ----D---- C:\WINDOWS\Prefetch
2009-09-08 19:51:10 ----RD---- C:\Program Files
2009-09-08 19:40:29 ----D---- C:\Program Files\Free Easy Burner
2009-09-08 18:04:45 ----D---- C:\WINDOWS\Temp
2009-09-08 17:36:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-08 14:50:10 ----SD---- C:\WINDOWS\Tasks
2009-09-08 14:00:53 ----D---- C:\WINDOWS\system32
2009-09-08 13:59:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-08 13:56:52 ----SHD---- C:\WINDOWS\Installer
2009-09-08 13:56:51 ----D---- C:\WINDOWS\WinSxS
2009-09-08 13:56:49 ----D---- C:\WINDOWS
2009-09-08 12:57:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-05 17:44:52 ----HD---- C:\WINDOWS\inf
2009-09-05 14:35:28 ----D---- C:\Documents and Settings\wanesh\Application Data\U3
2009-09-02 13:05:55 ----A---- C:\WINDOWS\cdPlayer.ini
2009-09-01 23:56:10 ----D---- C:\Documents and Settings\wanesh\Application Data\dvdcss
2009-08-25 10:01:43 ----D---- C:\Program Files\WinZip
2009-08-12 20:42:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-12 20:42:07 ----D---- C:\WINDOWS\system32\drivers
2009-08-12 20:42:03 ----D---- C:\WINDOWS\twain_32
2009-08-12 20:41:54 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-08-12 20:41:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-12 20:40:13 ----D---- C:\Program Files\Fichiers communs
2009-08-11 19:12:06 ----SD---- C:\Documents and Settings\wanesh\Application Data\Microsoft
2009-08-11 19:12:05 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-11 19:11:45 ----RSD---- C:\WINDOWS\Fonts
2009-08-11 19:11:28 ----D---- C:\WINDOWS\PCHealth
2009-08-11 17:07:30 ----D---- C:\Documents and Settings\wanesh\Application Data\Adobe
2009-08-11 16:57:30 ----D---- C:\WINDOWS\system32\config
2009-08-11 13:49:57 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-11 13:49:56 ----D---- C:\WINDOWS\Help
2009-08-11 13:47:58 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-08-11 13:46:42 ----D---- C:\Program Files\Symantec
2009-08-11 13:46:38 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-08-11 13:43:38 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-11 13:40:59 ----D---- C:\Documents and Settings\wanesh\Application Data\Mozilla
2009-08-11 12:56:00 ----D---- C:\Documents and Settings\wanesh\Application Data\Symantec
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-16 353672]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-08-14 17005]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 ET5Drv;ET5Drv; \??\C:\WINDOWS\System32\Drivers\ET5Drv.sys []
R3 GVTDrv;GVTDrv; \??\C:\WINDOWS\system32\Drivers\GVTDrv.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [2007-08-24 5776928]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
R3 LVUVC;Logitech Webcam 200(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2009-05-01 6754712]
R3 MarkFun_NT;MarkFun_NT; \??\C:\Program Files\Gigabyte\ET5Pro\markfun.w32 []
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2009-05-23 28352]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2009-05-01 23832]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2009-05-01 114712]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SaiHFF0D;SaiHFF0D; C:\WINDOWS\system32\DRIVERS\SaiHFF0D.sys [2005-07-22 176000]
S3 SaiUFF0D;SaiUFF0D; C:\WINDOWS\system32\DRIVERS\SaiUFF0D.sys [2005-07-22 27136]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\wanesh\LOCALS~1\Temp\mc24.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 Automatic LiveUpdate Scheduler;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-23 243064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R3 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-09-08 980512]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S2 gupdate1ca1ac625168e84;Service Google Update (gupdate1ca1ac625168e84); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-11 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-11 190448]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
-----------------EOF-----------------
puis jai sacnné avec a-squared:
Version - a-squared Free 4.5
Dernière mise à jour : 08/09/2009 17:31:14
Paramètres des balayages :
Type de balayage : Scan en Détail
Objets : Mémoire, Traces, Cookies, C:\, D:\
Balayage dans les archives : Marche
Analyse heuristique : Arrêt
Balayage dans les ADS : Marche
Début du balayage : 08/09/2009 17:34:32
c:\documents and settings\wanesh\application data\bsplayer Objets détectés : Trace.Directory.BSplayer!A2
c:\documents and settings\wanesh\application data\bsplayer pro Objets détectés : Trace.Directory.BSplayer!A2
c:\documents and settings\wanesh\application data\bsplayer\bslib Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\webteh\bsplayer Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\webteh\bsplayer\bslib Objets détectés : Trace.Directory.BSplayer!A2
c:\program files\bittorrent Objets détectés : Trace.Directory.Bittorrent 5.0!A2
c:\documents and settings\all users\menu démarrer\programmes\bittorrent Objets détectés : Trace.Directory.Bittorrent 5.0!A2
Value: HKEY_USERS\S-1-5-21-299502267-796845957-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bittorrent --> Order Objets détectés : Trace.Registry.Bittorrent 5.0!A2
Value: HKEY_USERS\S-1-5-21-299502267-796845957-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order Objets détectés : Trace.Registry.Emule 5.0!A2
c:\documents and settings\wanesh\application data\bsplayer pro\eq.xml Objets détectés : Trace.File.BSplayer!A2
c:\documents and settings\wanesh\application data\bsplayer\bslib\bspmlib.dat Objets détectés : Trace.File.BSplayer!A2
c:\program files\bittorrent\bittorrent.exe Objets détectés : Trace.File.Bittorrent 5.0!A2
c:\documents and settings\all users\menu démarrer\programmes\bittorrent\bittorrent.lnk Objets détectés : Trace.File.Bittorrent 5.0!A2
C:\Documents and Settings\wanesh\Cookies\wanesh@atdmt[2].txt Objets détectés : Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\wanesh\Cookies\wanesh@bs.serving-sys[1].txt Objets détectés : Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\wanesh\Cookies\wanesh@serving-sys[2].txt Objets détectés : Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\wanesh\Cookies\wanesh@smartadserver[2].txt Objets détectés : Trace.TrackingCookie.smartadserver!A2
C:\Documents and Settings\wanesh\Cookies\wanesh@weborama[1].txt Objets détectés : Trace.TrackingCookie.weborama!A2
C:\Documents and Settings\wanesh\Application Data\Mozilla\Firefox\Profiles\8vckhz8f.default\cookies.sqlite:1252422947296000 Objets détectés : Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\wanesh\Application Data\Mozilla\Firefox\Profiles\8vckhz8f.default\cookies.sqlite:1252422990250000 Objets détectés : Trace.TrackingCookie.www.com!A2
C:\Program Files\Free Easy Burner\StdVcl40.dll Objets détectés : Trojan-Banker.Win32.Banker!IK
C:\Program Files\Musicmatch\Musicmatch Jukebox\Keymaker.exe Objets détectés : Riskware.Patch.MMJuke!IK
C:\Program Files\Propellerhead\Reason\Reason.exe Objets détectés : Trojan.Crypt!IK
D:\logiciels\Mixvibes Professional v5.11 Full\MixVibes.PRO.EX.v5.20.Incl.Keygen-ROR-Pleasuredome101.rar/keygen.exe Objets détectés : Trojan-Downloader.Win32.Horst.a!IK
D:\logiciels\Mixvibes Professional v5.11 Full\MixVibes.PRO.EX.v5.20.Incl.Keygen-ROR-Pleasuredome101.rar/SCRIPT05.vsc Objets détectés : Trojan-Downloader.Win32.Horst.a!IK
D:\logiciels\MusicMatch Jukebox v9.0 Plus + Crack + DFX v6.4\Keymaker.exe Objets détectés : Riskware.Patch.MMJuke!IK
D:\logiciels\MusicMatch Jukebox v9.0 Plus + Crack + DFX v6.4\Patch_Keymaker\Patch_Keymaker.rar/Keymaker.exe Objets détectés : Riskware.Patch.MMJuke!IK
D:\logiciels\MusicMatch Jukebox v9.0 Plus + Crack + DFX v6.4\Patch_Keymaker.rar/Keymaker.exe Objets détectés : Riskware.Patch.MMJuke!IK
D:\logiciels\NativeInstrumentsTraktor\Native Instruments Traktor Dj Studio v2.6.1 Update & Crack\Native.Instruments.Traktor.DJ.Studio.v2.6.1.update.&.crack\Traktor Dj Studio v2.6.1 Registration Fix.exe Objets détectés : Trojan-PWS.Win32.OnLineGames!IK
D:\logiciels\SoundForge\sonykg\sonykg\keygen.exe Objets détectés : Generic.Win32.Malware!IK
Analysé
Fichiers : 156038
Traces : 634411
Cookies : 140
Processus : 45
Objets trouvés
Fichiers : 10
Traces : 13
Cookies : 7
Processus : 0
Clés de Registre : 0
Fin du balayage : 08/09/2009 19:38:26
Temps du balayage : 2:03:54
Donc, jai mis les fichiers en quarantaine. au passage j'ai installé Ccleaner en suivant les conseils sur le forum.jai juste fait l'analyse pour le moment, 255Mo que je peux liberer.
je voulais savoir ce que je pouvais faire maintenant? et surtout ssi tout va bien?
Merci d'avance de vos reponses
![[trojan] ai je tout bien fais? Empty](https://2img.net/i/fa/empty.gif)
![[trojan] ai je tout bien fais? Empty](https://2img.net/i/empty.gif)
![[trojan] ai je tout bien fais? Achat_11](https://i.servimg.com/u/f40/09/00/97/72/achat_11.gif)
