Se connecter / S'enregistrer
Votre question

Infostealer.daonol

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
31 Mai 2009 23:00:15

Bonjour,

J'ai apparement été contaminé par infostealer.daonol.
A chaque fois, j'ai ma page de démarrage qui est autre que celle que j'ai choisie. N'étant pas doué en info, j'y comprend vraiment rien.
Si qqn pouvait m'expliqer ce qu'il y a lieu de faire avec des mots "simples" ce serait super sympa.
D'avance merci à tout ceux qui pourront j espère résoudre mon problème.
Voici le rapport de hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16:32, on 31/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\advhost.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\advhost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bernard\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\adlaunch32.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe

--
End of file - 9493 bytes

Autres pages sur : infostealer daonol

a c 267 8 Sécurité
a b 9 Windows
1 Juin 2009 02:17:59

Bonjour,

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    m
    0
    l
    1 Juin 2009 16:55:52

    Bonjour Destrio,

    Voilà, j'ai fait ce que tu m'as demamdé et oh miracle, j'ai compris ;-)
    Voici le rapport. Merci d'avance
    Malwarebytes' Anti-Malware 1.37
    Version de la base de données: 2207
    Windows 5.1.2600 Service Pack 2

    1/06/2009 16:53:16
    mbam-log-2009-06-01 (16-53-16).txt

    Type de recherche: Examen rapide
    Eléments examinés: 92406
    Temps écoulé: 5 minute(s), 59 second(s)

    Processus mémoire infecté(s): 1
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    C:\WINDOWS\system32\advhost.exe (IM.Worm) -> Unloaded process successfully.

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\adlaunch32.dll (IM.Worm) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\VAV (Rogue.VistaAntivirus2008) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\aux (Trojan.JSRedir.H) -> Bad: (C:\DOCUME~1\Bernard\LOCALS~1\Temp\..\gis.wvc) Good: (wdmaud.drv) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (IM.Worm) -> Data: c:\windows\system32\adlaunch32.dll -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\adlaunch32.dll (IM.Worm) -> Delete on reboot.
    C:\WINDOWS\system32\advhost.exe (IM.Worm) -> Delete on reboot.
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Juin 2009 17:00:17

    Tu as redémarré comme demandé ?
    m
    0
    l
    1 Juin 2009 17:21:35

    Oui j'ai redémarré l'ordinateur. Le problème est tjs là malheureusement :-(
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Juin 2009 17:25:23

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    m
    0
    l
    1 Juin 2009 20:46:40

    Je crois que c ceci si j'ai bien suivi...

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Bernard at 2009-06-01 20:44:27
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 3 GB (4%) free of 74 GB
    Total RAM: 447 MB (25% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:44:42, on 1/06/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Creative\Shared Files\CamTray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Documents and Settings\Bernard\Bureau\RSIT.exe
    C:\Program Files\trend micro\Bernard.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
    O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=
    O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe

    --
    End of file - 9425 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"=Alaunch []
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824]
    "ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
    ""= []
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248]
    "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
    "AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592]
    "MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888]
    "SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 []
    "Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
    "Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]
    "Antivirus"=C:\Program Files\VAV\vav.exe []
    "EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
    "C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
    "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:D isabled:LimeWire"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:D isabled:Internet Explorer"
    "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
    "C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*:D isabled:Exécuter une DLL en tant qu'application"
    "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe


    ======List of files/folders created in the last 1 months======

    2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro
    2009-06-01 20:44:27 ----D---- C:\rsit
    2009-06-01 16:58:18 ----D---- C:\WINDOWS\LastGood
    2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes
    2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss
    2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump
    2009-05-31 17:45:32 ----SHD---- C:\FOUND.002
    2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
    2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec
    2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
    2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar
    2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security
    2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
    2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller
    2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller

    ======List of files/folders modified in the last 1 months======

    2009-06-01 16:58:18 ----N---- C:\WINDOWS\system32\eRLog.ini
    2009-06-01 16:57:04 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-05-31 22:33:58 ----A---- C:\WINDOWS\win.ini
    2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
    R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
    R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090528.001\IDSxpx86.sys []
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
    R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
    R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
    R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
    R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781]
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
    R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVENG.SYS []
    R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVEX15.SYS []
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144]
    R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841]
    R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
    R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
    R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
    R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]
    R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
    R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
    R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
    S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
    S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
    S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
    S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
    S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
    R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

    -----------------EOF-----------------
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    1 Juin 2009 23:07:00

    1/

  • Lance ce fichier : C:\Program Files\trend micro\Bernard.exe
  • Choisis Do a system scan only.
  • Coche les cases qui sont devant les lignes suivantes :

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe

    O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url=

    O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url=

  • Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.
  • Ferme HijackThis.


    2/

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\Program Files\VAV

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    m
    0
    l
    2 Juin 2009 18:40:58

    Je n'arrive pas à trouver OTM comme programme.
    Je suis allé voir sur telecharger.net et aucun programme à ce nom là.
    Est ce normal ???

    Encore mreci pour ton aide et tes réponses rapides Destrio
    m
    0
    l
    2 Juin 2009 22:45:12

    Sorry pour le décalage mais bcp de boulot...

    J espère que c le bon rapport car je pense avoir fait une fausse manoeuvre.



    ========= PROCESSES ==========

    Process explorer.exe killed successfully.
    ========== FILES ==========
    File/Folder C:\Program Files\VAV not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Bernard\LOCALS~1\Temp\JETA920.tmp scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Bernard\LOCALS~1\Temp\~DF6370.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Internet Explorer cache folder emptied.
    File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\01[2].htm scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\287642-11-infostealer-daonol[1] scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\InboxLight[1].aspx scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\287642-11-infostealer-daonol[1] scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    User's Temporary Internet Files folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Network Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Network Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\JETC4B8.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\JETA3CC.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_ef8.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\JET5C.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\RMS5D.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\RMS5E.tmp scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\JET46A.tmp scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    FireFox cache emptied.
    Temp folders emptied.
    Error: Unable to interpret <Logfile of random's system information tool 1.06 (written by random/random) > in the current context!
    Error: Unable to interpret <Run by Bernard at 2009-06-01 20:44:27 > in the current context!
    Error: Unable to interpret <Microsoft Windows XP Édition familiale Service Pack 2 > in the current context!
    Error: Unable to interpret <System drive C: has 3 GB (4%) free of 74 GB > in the current context!
    Error: Unable to interpret <Total RAM: 447 MB (25% free) > in the current context!
    Error: Unable to interpret <Logfile of Trend Micro HijackThis v2.0.2 > in the current context!
    Error: Unable to interpret <Scan saved at 20:44:42, on 1/06/2009 > in the current context!
    Error: Unable to interpret <Platform: Windows XP SP2 (WinNT 5.01.2600) > in the current context!
    Error: Unable to interpret <MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) > in the current context!
    Error: Unable to interpret <Boot mode: Normal > in the current context!
    Error: Unable to interpret <Running processes: > in the current context!
    Error: Unable to interpret <C:\WINDOWS\System32\smss.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\winlogon.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\services.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\lsass.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\System32\svchost.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\spoolsv.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\acer\Acer eConsole\MediaServerService.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\System32\svchost.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE > in the current context!
    Error: Unable to interpret <C:\WINDOWS\Explorer.EXE > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\wscntfy.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\SOUNDMAN.EXE > in the current context!
    Error: Unable to interpret <C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Acer\eRecovery\Monitor.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\VTTimer.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\VTtrayp.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Acer\Acer eMode Management\AspireService.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Acer\Acer eConsole\MediaSync.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\RunDLL32.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\ASUS\WLAN Card Utilities\Center.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\ctfmon.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Messenger\msmsgs.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Creative\Shared Files\CamTray.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Windows Media Player\WMPNSCFG.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\TomTom HOME 2\HOMERunner.exe > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\svchost.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\Internet Explorer\iexplore.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\MSN Messenger\msnmsgr.exe > in the current context!
    Error: Unable to interpret <C:\Documents and Settings\Bernard\Bureau\RSIT.exe > in the current context!
    Error: Unable to interpret <C:\Program Files\trend micro\Bernard.exe > in the current context!
    Error: Unable to interpret <R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php > in the current context!
    Error: Unable to interpret <R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php > in the current context!
    Error: Unable to interpret <R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens > in the current context!
    Error: Unable to interpret <O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL > in the current context!
    Error: Unable to interpret <O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) > in the current context!
    Error: Unable to interpret <O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll > in the current context!
    Error: Unable to interpret <O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll > in the current context!
    Error: Unable to interpret <O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll > in the current context!
    Error: Unable to interpret <O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll > in the current context!
    Error: Unable to interpret <O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll > in the current context!
    Error: Unable to interpret <O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll > in the current context!
    Error: Unable to interpret <O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [LaunchApp] Alaunch > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [VTTimer] VTTimer.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513 > in the current context!
    Error: Unable to interpret <O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe" > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe > in the current context!
    Error: Unable to interpret <O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU" > in the current context!
    Error: Unable to interpret <O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') > in the current context!
    Error: Unable to interpret <O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') > in the current context!
    Error: Unable to interpret <O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') > in the current context!
    Error: Unable to interpret <O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') > in the current context!
    Error: Unable to interpret <O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm > in the current context!
    Error: Unable to interpret <O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx > in the current context!
    Error: Unable to interpret <O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 > in the current context!
    Error: Unable to interpret <O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199 > in the current context!
    Error: Unable to interpret <O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199 > in the current context!
    Error: Unable to interpret <O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
    Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll > in the current context!
    Error: Unable to interpret <O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL > in the current context!
    Error: Unable to interpret <O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe > in the current context!
    Error: Unable to interpret <O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe > in the current context!
    Error: Unable to interpret <O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe > in the current context!
    Error: Unable to interpret <O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe > in the current context!
    Error: Unable to interpret <O13 - DefaultPrefix: http://www.myhottersearchbox.com/not_found_world/?url= > in the current context!
    Error: Unable to interpret <O13 - WWW Prefix: http://www.myhottersearchbox.com/not_found_world/?url= > in the current context!
    Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22 > in the current context!
    Error: Unable to interpret <O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll > in the current context!
    Error: Unable to interpret <O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll > in the current context!
    Error: Unable to interpret <O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe > in the current context!
    Error: Unable to interpret <O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe > in the current context!
    Error: Unable to interpret <O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe > in the current context!
    Error: Unable to interpret <-- > in the current context!
    Error: Unable to interpret <End of file - 9425 bytes > in the current context!
    Error: Unable to interpret <======Scheduled tasks folder====== > in the current context!
    Error: Unable to interpret <C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job > in the current context!
    Error: Unable to interpret <======Registry dump====== > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] > in the current context!
    Error: Unable to interpret <Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] > in the current context!
    Error: Unable to interpret <Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] > in the current context!
    Error: Unable to interpret <Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] > in the current context!
    Error: Unable to interpret <SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] > in the current context!
    Error: Unable to interpret <Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] > in the current context!
    Error: Unable to interpret <Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] > in the current context!
    Error: Unable to interpret <Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] > in the current context!
    Error: Unable to interpret <Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] > in the current context!
    Error: Unable to interpret <Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] > in the current context!
    Error: Unable to interpret <EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] > in the current context!
    Error: Unable to interpret <{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112] > in the current context!
    Error: Unable to interpret <{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] > in the current context!
    Error: Unable to interpret <{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] > in the current context!
    Error: Unable to interpret <{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696] > in the current context!
    Error: Unable to interpret <{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] > in the current context!
    Error: Unable to interpret <"LaunchApp"=Alaunch [] > in the current context!
    Error: Unable to interpret <"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824] > in the current context!
    Error: Unable to interpret <"ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056] > in the current context!
    Error: Unable to interpret <""= [] > in the current context!
    Error: Unable to interpret <"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768] > in the current context!
    Error: Unable to interpret <"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952] > in the current context!
    Error: Unable to interpret <"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392] > in the current context!
    Error: Unable to interpret <"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] > in the current context!
    Error: Unable to interpret <"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168] > in the current context!
    Error: Unable to interpret <"eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256] > in the current context!
    Error: Unable to interpret <"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248] > in the current context!
    Error: Unable to interpret <"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360] > in the current context!
    Error: Unable to interpret <"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263] > in the current context!
    Error: Unable to interpret <"AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592] > in the current context!
    Error: Unable to interpret <"MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888] > in the current context!
    Error: Unable to interpret <"SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816] > in the current context!
    Error: Unable to interpret <"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] > in the current context!
    Error: Unable to interpret <"PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 [] > in the current context!
    Error: Unable to interpret <"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280] > in the current context!
    Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] > in the current context!
    Error: Unable to interpret <"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360] > in the current context!
    Error: Unable to interpret <"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] > in the current context!
    Error: Unable to interpret <"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048] > in the current context!
    Error: Unable to interpret <"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856] > in the current context!
    Error: Unable to interpret <"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288] > in the current context!
    Error: Unable to interpret <"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184] > in the current context!
    Error: Unable to interpret <"Antivirus"=C:\Program Files\VAV\vav.exe [] > in the current context!
    Error: Unable to interpret <"EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] > in the current context!
    Error: Unable to interpret <C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] > in the current context!
    Error: Unable to interpret <WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys] > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] > in the current context!
    Error: Unable to interpret <"dontdisplaylastusername"=0 > in the current context!
    Error: Unable to interpret <"legalnoticecaption"= > in the current context!
    Error: Unable to interpret <"legalnoticetext"= > in the current context!
    Error: Unable to interpret <"shutdownwithoutlogon"=1 > in the current context!
    Error: Unable to interpret <"undockwithoutlogon"=1 > in the current context!
    Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] > in the current context!
    Error: Unable to interpret <"NoDriveTypeAutoRun"=145 > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] > in the current context!
    Error: Unable to interpret <"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" > in the current context!
    Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer" > in the current context!
    Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole" > in the current context!
    Error: Unable to interpret <"C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server" > in the current context!
    Error: Unable to interpret <"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*isabled:LimeWire" > in the current context!
    Error: Unable to interpret <"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*isabled:Internet Explorer" > in the current context!
    Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail" > in the current context!
    Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" > in the current context!
    Error: Unable to interpret <"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" > in the current context!
    Error: Unable to interpret <"C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed" > in the current context!
    Error: Unable to interpret <"C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*isabled:Exécuter une DLL en tant qu'application" > in the current context!
    Error: Unable to interpret <"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger" > in the current context!
    Error: Unable to interpret <"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" > in the current context!
    Error: Unable to interpret <"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" > in the current context!
    Error: Unable to interpret <"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" > in the current context!
    Error: Unable to interpret <"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" > in the current context!
    Error: Unable to interpret <[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] > in the current context!
    Error: Unable to interpret <"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" > in the current context!
    Error: Unable to interpret <"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" > in the current context!
    Error: Unable to interpret <"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" > in the current context!
    Error: Unable to interpret <"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" > in the current context!
    Error: Unable to interpret <"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" > in the current context!
    Error: Unable to interpret <[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}] > in the current context!
    Error: Unable to interpret <shell\AutoRun\command - F:\InstallTomTomHOME.exe > in the current context!
    Error: Unable to interpret <======List of files/folders created in the last 1 months====== > in the current context!
    Error: Unable to interpret <2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro > in the current context!
    Error: Unable to interpret <2009-06-01 20:44:27 ----D---- C:\rsit > in the current context!
    Error: Unable to interpret <2009-06-01 16:58:18 ----D---- C:\WINDOWS\LastGood > in the current context!
    Error: Unable to interpret <2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes > in the current context!
    Error: Unable to interpret <2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes > in the current context!
    Error: Unable to interpret <2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware > in the current context!
    Error: Unable to interpret <2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss > in the current context!
    Error: Unable to interpret <2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump > in the current context!
    Error: Unable to interpret <2009-05-31 17:45:32 ----SHD---- C:\FOUND.002 > in the current context!
    Error: Unable to interpret <2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL > in the current context!
    Error: Unable to interpret <2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec > in the current context!
    Error: Unable to interpret <2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared > in the current context!
    Error: Unable to interpret <2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar > in the current context!
    Error: Unable to interpret <2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security > in the current context!
    Error: Unable to interpret <2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton > in the current context!
    Error: Unable to interpret <2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller > in the current context!
    Error: Unable to interpret <2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller > in the current context!
    Error: Unable to interpret <======List of files/folders modified in the last 1 months====== > in the current context!
    Error: Unable to interpret <2009-06-01 16:58:18 ----N---- C:\WINDOWS\system32\eRLog.ini > in the current context!
    Error: Unable to interpret <2009-06-01 16:57:04 ----A---- C:\WINDOWS\SchedLgU.Txt > in the current context!
    Error: Unable to interpret <2009-05-31 22:33:58 ----A---- C:\WINDOWS\win.ini > in the current context!
    Error: Unable to interpret <2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini > in the current context!
    Error: Unable to interpret <======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== > in the current context!
    Error: Unable to interpret <R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608] > in the current context!
    Error: Unable to interpret <R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352] > in the current context!
    Error: Unable to interpret <R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] > in the current context!
    Error: Unable to interpret <R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090528.001\IDSxpx86.sys [] > in the current context!
    Error: Unable to interpret <R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS [] > in the current context!
    Error: Unable to interpret <R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392] > in the current context!
    Error: Unable to interpret <R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952] > in the current context!
    Error: Unable to interpret <R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys [] > in the current context!
    Error: Unable to interpret <R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781] > in the current context!
    Error: Unable to interpret <R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] > in the current context!
    Error: Unable to interpret <R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680] > in the current context!
    Error: Unable to interpret <R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS [] > in the current context!
    Error: Unable to interpret <R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] > in the current context!
    Error: Unable to interpret <R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600] > in the current context!
    Error: Unable to interpret <R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] > in the current context!
    Error: Unable to interpret <R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVENG.SYS [] > in the current context!
    Error: Unable to interpret <R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090601.003\NAVEX15.SYS [] > in the current context!
    Error: Unable to interpret <R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144] > in the current context!
    Error: Unable to interpret <R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841] > in the current context!
    Error: Unable to interpret <R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544] > in the current context!
    Error: Unable to interpret <R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496] > in the current context!
    Error: Unable to interpret <R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760] > in the current context!
    Error: Unable to interpret <R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] > in the current context!
    Error: Unable to interpret <R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776] > in the current context!
    Error: Unable to interpret <R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736] > in the current context!
    Error: Unable to interpret <R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400] > in the current context!
    Error: Unable to interpret <R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296] > in the current context!
    Error: Unable to interpret <R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616] > in the current context!
    Error: Unable to interpret <R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624] > in the current context!
    Error: Unable to interpret <R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600] > in the current context!
    Error: Unable to interpret <R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] > in the current context!
    Error: Unable to interpret <R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] > in the current context!
    Error: Unable to interpret <R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496] > in the current context!
    Error: Unable to interpret <R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480] > in the current context!
    Error: Unable to interpret <R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544] > in the current context!
    Error: Unable to interpret <S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848] > in the current context!
    Error: Unable to interpret <S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600] > in the current context!
    Error: Unable to interpret <S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688] > in the current context!
    Error: Unable to interpret <S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] > in the current context!
    Error: Unable to interpret <S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] > in the current context!
    Error: Unable to interpret <S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] > in the current context!
    Error: Unable to interpret <S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] > in the current context!
    Error: Unable to interpret <S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] > in the current context!
    Error: Unable to interpret <S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136] > in the current context!
    Error: Unable to interpret <S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] > in the current context!
    Error: Unable to interpret <S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360] > in the current context!
    Error: Unable to interpret <S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS [] > in the current context!
    Error: Unable to interpret <S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400] > in the current context!
    Error: Unable to interpret <S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS [] > in the current context!
    Error: Unable to interpret <S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] > in the current context!
    Error: Unable to interpret <S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] > in the current context!
    Error: Unable to interpret <S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] > in the current context!
    Error: Unable to interpret <S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] > in the current context!
    Error: Unable to interpret <======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== > in the current context!
    Error: Unable to interpret <R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368] > in the current context!
    Error: Unable to interpret <R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] > in the current context!
    Error: Unable to interpret <R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560] > in the current context!
    Error: Unable to interpret <R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] > in the current context!
    Error: Unable to interpret <R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336] > in the current context!
    Error: Unable to interpret <S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800] > in the current context!
    Error: Unable to interpret <S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800] > in the current context!
    Error: Unable to interpret <S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144] > in the current context!
    Error: Unable to interpret <S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768] > in the current context!
    Error: Unable to interpret <S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] > in the current context!
    Error: Unable to interpret <S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] > in the current context!
    Error: Unable to interpret <-----------------EOF----------------- > in the current context!

    OTM by OldTimer - Version 2.1.0.0 log created on 06022009_223305

    Files moved on Reboot...
    File C:\DOCUME~1\Bernard\LOCALS~1\Temp\JETA920.tmp not found!
    C:\DOCUME~1\Bernard\LOCALS~1\Temp\~DF6370.tmp moved successfully.
    C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\01[2].htm moved successfully.
    C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\89YFOXEV\287642-11-infostealer-daonol[1] moved successfully.
    C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\InboxLight[1].aspx moved successfully.
    C:\Documents and Settings\Bernard\Local Settings\Temporary Internet Files\Content.IE5\9A2CM5OY\287642-11-infostealer-daonol[1] moved successfully.
    C:\WINDOWS\temp\JETC4B8.tmp moved successfully.
    File C:\WINDOWS\temp\JETA3CC.tmp not found!
    C:\WINDOWS\temp\Perflib_Perfdata_ef8.dat moved successfully.
    C:\WINDOWS\temp\JET5C.tmp moved successfully.
    C:\WINDOWS\temp\RMS5D.tmp moved successfully.
    C:\WINDOWS\temp\RMS5E.tmp moved successfully.
    C:\WINDOWS\temp\JET46A.tmp moved successfully.

    Registry entries deleted on Reboot...
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    2 Juin 2009 22:54:10

    Pourquoi as-tu mis le rapport log de RSIT dans OTM ? :ouch: 
    m
    0
    l
    9 Juin 2009 14:40:31

    Ah il me semblait bien avoir fait une fausse manoeuvre.

    Je pense avoir justement posté les mauvais rapports mais je voyais plus la marge à suivre.

    Peux tu me dire ce que je devrais faire pour virer ce truc. J'ai même des problèmes de messagerie.
    Merci
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    9 Juin 2009 14:42:27

  • Installe Antivir et mets-le à jour.
  • Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.
  • Dans Antivir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.
  • Fais un scan complet et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    m
    0
    l
    16 Juin 2009 22:02:13

    Bonjour,

    Voilà, je viens à l'instant d effectuer ce rapport

    Avira AntiVir Personal
    Date de création du fichier de rapport : mardi 16 juin 2009 20:37

    La recherche porte sur 1284893 souches de virus.

    Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus
    Numéro de série : 0000149996-ADJIE-0000001
    Plateforme : Windows XP
    Version de Windows : (Service Pack 2) [5.1.2600]
    Mode Boot : Démarré normalement
    Identifiant : SYSTEM
    Nom de l'ordinateur : ACER-73356C3771

    Informations de version :
    BUILD.DAT : 9.0.0.65 17959 Bytes 22/04/2009 12:06:00
    AVSCAN.EXE : 9.0.3.6 466689 Bytes 21/04/2009 12:20:56
    AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:04
    LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:12
    LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:32
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:38
    ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 19:33:28
    ANTIVIR2.VDF : 7.1.2.105 513536 Bytes 03/03/2009 06:41:16
    ANTIVIR3.VDF : 7.1.2.127 110592 Bytes 05/03/2009 13:58:22
    Version du moteur : 8.2.0.100
    AEVDF.DLL : 8.1.1.0 106868 Bytes 27/01/2009 16:36:42
    AESCRIPT.DLL : 8.1.1.56 352634 Bytes 26/02/2009 19:01:58
    AESCN.DLL : 8.1.1.7 127347 Bytes 12/02/2009 10:44:26
    AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 17:24:42
    AEPACK.DLL : 8.1.3.10 397686 Bytes 04/03/2009 12:06:12
    AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 19:01:58
    AEHEUR.DLL : 8.1.0.100 1618295 Bytes 25/02/2009 14:49:16
    AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 19:01:58
    AEGEN.DLL : 8.1.1.24 336244 Bytes 04/03/2009 12:06:12
    AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40
    AECORE.DLL : 8.1.6.6 176501 Bytes 17/02/2009 13:22:44
    AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40
    AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:32
    AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:28
    AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:30
    AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:44
    AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:24
    AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:38
    SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:50
    SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:58
    NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:41:00
    RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 17/02/2009 12:49:34
    RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:06

    Configuration pour la recherche actuelle :
    Nom de la tâche...............................: Contrôle intégral du système
    Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
    Documentation.................................: bas
    Action principale.............................: interactif
    Action secondaire.............................: ignorer
    Recherche sur les secteurs d'amorçage maître..: marche
    Recherche sur les secteurs d'amorçage.........: marche
    Secteurs d'amorçage...........................: C:, D:,
    Recherche dans les programmes actifs..........: marche
    Recherche en cours sur l'enregistrement.......: marche
    Recherche de Rootkits.........................: marche
    Contrôle d'intégrité de fichiers système......: arrêt
    Fichier mode de recherche.....................: Tous les fichiers
    Recherche sur les archives....................: marche
    Limiter la profondeur de récursivité..........: 20
    Archive Smart Extensions......................: marche
    Heuristique de macrovirus.....................: marche
    Heuristique fichier...........................: moyen

    Début de la recherche : mardi 16 juin 2009 20:37

    La recherche d'objets cachés commence.
    '51308' objets ont été contrôlés, '0' objets cachés ont été trouvés.

    La recherche sur les processus démarrés commence :
    Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'iexplore.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'HOMERunner.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WMPNSCFG.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'CamTray.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'msmsgs.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Center.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'RunDLL32.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Dragdiag.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MediaSync.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'AspireService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'VTTrayp.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'VTTimer.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'Monitor.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'PDVDServ.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'SOUNDMAN.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'wscntfy.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'EXPLORER.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'ccSvcHst.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'WMPNETWK.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'ccSvcHst.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MDM.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'MediaServerService.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'LSASS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'services.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés
    Processus de recherche 'CSRSS.EXE' - '1' module(s) sont contrôlés
    Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés
    '46' processus ont été contrôlés avec '46' modules

    La recherche sur les secteurs d'amorçage maître commence :
    Secteur d'amorçage maître HD0
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD1
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD2
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD3
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage maître HD4
    [INFO] Aucun virus trouvé !

    La recherche sur les secteurs d'amorçage commence :
    Secteur d'amorçage 'C:\'
    [INFO] Aucun virus trouvé !
    Secteur d'amorçage 'D:\'
    [INFO] Aucun virus trouvé !

    La recherche sur les renvois aux fichiers exécutables (registre) commence :
    Le registre a été contrôlé ( '69' fichiers).


    La recherche sur les fichiers sélectionnés commence :

    Recherche débutant dans 'C:\' <ACER>
    C:\hiberfil.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
    C:\pagefile.sys
    [AVERTISSEMENT] Impossible d'ouvrir le fichier !
    [REMARQUE] Ce fichier est un fichier système Windows.
    [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
    Recherche débutant dans 'D:\' <ACERDATA>


    Fin de la recherche : mardi 16 juin 2009 21:20
    Temps nécessaire: 42:06 Minute(s)

    La recherche a été effectuée intégralement

    4729 Les répertoires ont été contrôlés
    276376 Des fichiers ont été contrôlés
    0 Des virus ou programmes indésirables ont été trouvés
    0 Des fichiers ont été classés comme suspects
    0 Des fichiers ont été supprimés
    0 Des virus ou programmes indésirables ont été réparés
    0 Les fichiers ont été déplacés dans la quarantaine
    0 Les fichiers ont été renommés
    2 Impossible de contrôler des fichiers
    276374 Fichiers non infectés
    7137 Les archives ont été contrôlées
    2 Avertissements
    2 Consignes
    51308 Des objets ont été contrôlés lors du Rootkitscan
    0 Des objets cachés ont été trouvés

    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    16 Juin 2009 22:06:16

    Ok.

  • Refais un scan RSIT et poste le rapport log.
    m
    0
    l
    23 Juin 2009 06:40:22

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Bernard at 2009-06-23 06:39:36
    Microsoft Windows XP Édition familiale Service Pack 2
    System drive C: has 1 GB (2%) free of 74 GB
    Total RAM: 447 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:39:38, on 23/06/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\system32\VTtrayp.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Creative\Shared Files\CamTray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Bernard\Bureau\RSIT.exe
    C:\Program Files\trend micro\Bernard.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.explorerstartpage.com/wspage.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [PD0630 STISvc] RunDLL32.exe P0630Pin.dll,RunDLL32EP 513
    O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\WINDOWS\TEMP\E_S540.tmp" /EF "HKCU"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/229?f6029a7f437a4b949bb80cec3f7e0199
    O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-be\msntabres.dll.mui/230?f6029a7f437a4b949bb80cec3f7e0199
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F7F54C7F-362B-4385-B8A8-FDE28EE884F8}: NameServer = 195.238.2.21,195.238.2.22
    O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe

    --
    End of file - 9202 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-03-12 107896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-27 668656]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
    EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-28 259696]
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-03-12 372592]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"=Alaunch []
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-08 77824]
    "ntiMUI"=c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
    ""= []
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-07-15 32768]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-05 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
    "eRecoveryService"=C:\Program Files\Acer\eRecovery\Monitor.exe [2005-06-20 352256]
    "VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-05-13 53248]
    "VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-05-13 143360]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]
    "AspireService"=C:\Program Files\Acer\Acer eMode Management\AspireService.exe [2005-06-04 110592]
    "MediaSync"=C:\Program Files\Acer\Acer eConsole\MediaSync.exe [2005-06-01 421888]
    "SpeedTouch USB Diagnostics"=C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [2004-01-26 866816]
    "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "PD0630 STISvc"=P0630Pin.dll,RunDLL32EP 513 []
    "Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2004-11-04 1569280]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
    "Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CamTray.exe [2005-03-29 258048]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-09 68856]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-03 204288]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-02-18 206184]
    "EPSON Stylus DX9400F Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2006-06-02 402736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Acer\Acer eConsole\MediaSync.exe"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe:LocalSubNet:Enabled:Media Synchoronizer"
    "C:\Program Files\Acer\Acer eConsole\eConsole.exe"="C:\Program Files\Acer\Acer eConsole\eConsole.exe:LocalSubNet:Enabled:eConsole"
    "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe"="C:\Program Files\Acer\Acer eConsole\MediaServerService.exe:LocalSubNet:Enabled:Acer Media Server"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:D isabled:LimeWire"
    "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:D isabled:Internet Explorer"
    "C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
    "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
    "C:\Program Files\SightSpeed\SightSpeed.exe"="C:\Program Files\SightSpeed\SightSpeed.exe:*:Enabled:SightSpeed"
    "C:\WINDOWS\System32\RunDLL32.exe"="C:\WINDOWS\System32\RunDLL32.exe:*:D isabled:Exécuter une DLL en tant qu'application"
    "C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19636330-66b1-11db-b229-0015f2854fc0}]
    shell\AutoRun\command - F:\InstallTomTomHOME.exe


    ======List of files/folders created in the last 1 months======

    2009-06-18 15:39:18 ----SHD---- C:\FOUND.003
    2009-06-15 00:23:22 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-06-02 22:33:05 ----D---- C:\_OTM
    2009-06-01 20:44:32 ----D---- C:\Program Files\trend micro
    2009-06-01 20:44:27 ----D---- C:\rsit
    2009-06-01 16:44:09 ----D---- C:\Documents and Settings\Bernard\Application Data\Malwarebytes
    2009-06-01 16:43:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-06-01 16:43:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-05-31 22:33:41 ----D---- C:\WINDOWS\pss
    2009-05-31 17:46:12 ----D---- C:\WINDOWS\Minidump
    2009-05-31 17:45:32 ----SHD---- C:\FOUND.002
    2009-05-31 11:15:04 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
    2009-05-31 11:15:03 ----D---- C:\Program Files\Symantec
    2009-05-31 11:15:03 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
    2009-05-31 11:14:34 ----D---- C:\Program Files\Windows Sidebar
    2009-05-31 11:14:34 ----D---- C:\Program Files\Norton Internet Security
    2009-05-31 11:14:33 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
    2009-05-31 11:14:20 ----D---- C:\Program Files\NortonInstaller
    2009-05-31 11:14:20 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller

    ======List of files/folders modified in the last 1 months======

    2009-06-22 16:09:22 ----A---- C:\WINDOWS\win.ini
    2009-06-22 16:03:14 ----N---- C:\WINDOWS\system32\eRLog.ini
    2009-06-22 16:01:18 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-06-09 19:37:42 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-05-31 22:33:58 ----A---- C:\WINDOWS\system.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
    R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-06-01 482352]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
    R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090618.002\IDSxpx86.sys []
    R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SRTSP.SYS [2009-03-12 307760]
    R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
    R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMTDI.SYS [2009-03-12 217392]
    R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
    R2 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
    R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2006-03-22 15781]
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
    R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-05 9600]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
    R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090622.002\NAVENG.SYS []
    R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090622.002\NAVEX15.SYS []
    R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-17 6144]
    R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 91841]
    R3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544]
    R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
    R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
    R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMFW.SYS [2009-03-12 89776]
    R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMIDS.SYS [2009-03-12 34736]
    R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
    R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1005000.087\SYMNDIS.SYS [2009-03-12 37296]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
    R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
    R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-13 172544]
    S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-05 14848]
    S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
    S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]
    S3 SONYPVU1;Pilote de filtrage Sony USB (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]
    S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
    S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-03-12 36400]
    S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Acer Media Server;Acer Media Server; C:\Program Files\acer\Acer eConsole\MediaServerService.exe [2005-06-01 442368]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
    R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
    R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-19 268800]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
    S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

    -----------------EOF-----------------
    m
    0
    l
    a c 267 8 Sécurité
    a b 9 Windows
    23 Juin 2009 06:45:54

    Bien.

    Peux-tu me poster le rapport info situé dans C:\rsit ?
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS