Wscript.exe pas de disque
paizo
-
Malekal_morte- Messages postés 178136 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 178136 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour, voici mon rapport
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrateur at 2014-10-22 21:10:10
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (9%) free of 40 GB
Total RAM: 1014 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:18, on 22/10/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe
C:\WINDOWS\system32\wscript.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\netupdsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT(1).exe
C:\Program Files\trend micro\Administrateur.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_kms&affID=128493&tt=&mntrid=50E700123F3E0429&tsp=5349
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bintin] C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\bin.doc
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Viber] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\WINDOWS\system32\nethtsrv.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\WINDOWS\system32\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 6657 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AmiUpdXp.job - C:\Documents and Settings\Administrateur\Application Data\30709\a5110.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-2049760794-1801674531-500Core.job - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-2049760794-1801674531-500UA.job - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-2049760794-1801674531-500.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-2049760794-1801674531-500.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\abyzs4dm.default-1407825806890
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.google.fr/"
prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=210&systemid=488&v=n13614-484&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=2582763762554533&o=APN11459&q="
"{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"***@***"=C:\Documents and Settings\Administrateur\Application Data\BaseFlash\Firefox\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Module iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java(TM) Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java(TM) Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\abyzs4dm.default-1407825806890\searchplugins\
Ask.xml
buenosearchkms.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-07-08 152392]
"bintin"=C:\WINDOWS\system32\wscript.exe [2008-05-08 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Facebook Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2014-08-23 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22065760]
"Viber"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe StartMinimized []
"uTorrent"=C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe [2014-10-15 1690704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-06-02 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-24 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMHelp"=1
"ForceClassicControlPanel"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDesktopCleanupWizard"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe:*:Enabled:Viber"
"C:\Program Files\ma-config.com\MaConfigAgent.exe"="C:\Program Files\ma-config.com\MaConfigAgent.exe:LocalSubNet:Enabled:maconfigagent"
"C:\Documents and Settings\Administrateur\Bureau\CodecPerformerSetup.exe"="C:\Documents and Settings\Administrateur\Bureau\CodecPerformerSetup.exe:*:Enabled:CodecPerformerSetup.exe (in)"
"C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe"="C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Sony Mobile\Update Service\Update Service.exe"="C:\Program Files\Sony Mobile\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Tango\Tango.exe"="C:\Program Files\Tango\Tango.exe:*:Enabled:Tango"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe:*:Enabled:?Torrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe:*:Enabled:Viber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======List of files/folders created in the last 1 month======
2014-10-22 19:21:37 ----A---- C:\awhAC.tmp
2014-10-22 15:33:35 ----A---- C:\awhAB.tmp
2014-10-22 09:44:13 ----A---- C:\awhAA.tmp
2014-10-22 07:33:47 ----A---- C:\awhA7.tmp
2014-10-21 19:50:27 ----A---- C:\awhD6.tmp
2014-10-21 12:43:11 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2014-10-21 10:20:48 ----A---- C:\awhA5.tmp
2014-10-19 19:58:22 ----A---- C:\awhFF.tmp
2014-10-19 00:08:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\Nero
2014-10-18 20:36:07 ----A---- C:\awh117.tmp
2014-10-17 21:58:26 ----A---- C:\awhA4.tmp
2014-10-17 17:32:31 ----A---- C:\awh153.tmp
2014-10-17 10:36:53 ----A---- C:\awhA2.tmp
2014-10-16 21:40:00 ----A---- C:\awhA1.tmp
2014-10-16 20:00:12 ----D---- C:\Program Files\MSXML 4.0
2014-10-16 19:18:56 ----A---- C:\awh9D.tmp
2014-10-16 14:58:51 ----D---- C:\Documents and Settings\Administrateur\Application Data\DivX
2014-10-16 14:55:16 ----D---- C:\Program Files\Pinnacle
2014-10-16 14:55:16 ----D---- C:\Program Files\Fichiers communs\Yahoo!
2014-10-16 14:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
2014-10-16 14:53:10 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle
2014-10-16 13:30:51 ----A---- C:\WINDOWS\system32\msonpmon.dll
2014-10-16 13:27:36 ----D---- C:\Program Files\Microsoft Works
2014-10-16 13:26:06 ----D---- C:\Program Files\Microsoft Visual Studio
2014-10-16 13:24:25 ----D---- C:\Program Files\Microsoft.NET
2014-10-16 13:20:53 ----D---- C:\Program Files\Microsoft Visual Studio 8
2014-10-16 13:19:37 ----D---- C:\WINDOWS\SHELLNEW
2014-10-16 13:18:52 ----A---- C:\awh9C.tmp
2014-10-16 13:15:31 ----RHD---- C:\MSOCache
2014-10-15 21:39:37 ----A---- C:\awh9B.tmp
2014-10-15 10:52:52 ----D---- C:\Program Files\Mozilla Firefox
2014-10-15 09:42:36 ----A---- C:\awh93.tmp
2014-10-14 19:30:39 ----A---- C:\awhA0.tmp
2014-10-14 10:01:59 ----A---- C:\awh125.tmp
2014-10-13 22:34:05 ----A---- C:\awhB6.tmp
2014-10-13 10:08:49 ----A---- C:\awh92.tmp
2014-10-12 18:43:34 ----A---- C:\awh90.tmp
2014-10-11 18:39:26 ----A---- C:\awh1EC.tmp
2014-10-11 14:13:57 ----A---- C:\awh12C.tmp
2014-10-10 20:24:56 ----A---- C:\awh2DA.tmp
2014-10-10 19:35:20 ----A---- C:\awhB4.tmp
2014-10-09 21:10:39 ----A---- C:\awhBD.tmp
2014-10-07 16:46:33 ----A---- C:\awh128.tmp
2014-10-06 17:51:55 ----A---- C:\awh8B.tmp
2014-10-04 21:20:08 ----A---- C:\awhF1.tmp
2014-10-04 12:12:08 ----A---- C:\awhE0.tmp
2014-10-03 17:52:30 ----A---- C:\awhB5.tmp
2014-10-02 21:19:43 ----A---- C:\awh8A.tmp
2014-10-01 19:50:55 ----A---- C:\awhCF.tmp
2014-10-01 08:12:20 ----A---- C:\WINDOWS\system32\netupdsrv.exe
2014-10-01 08:12:08 ----A---- C:\WINDOWS\system32\installd.exe
2014-10-01 08:11:56 ----A---- C:\WINDOWS\system32\nethtsrv.exe
2014-09-30 17:17:50 ----A---- C:\awhDC.tmp
2014-09-30 16:08:05 ----A---- C:\awh9F.tmp
2014-09-30 10:15:12 ----A---- C:\awh8D.tmp
2014-09-29 22:44:07 ----A---- C:\awhD5.tmp
2014-09-28 22:06:03 ----A---- C:\awhE8.tmp
2014-09-28 18:55:16 ----A---- C:\awhD8.tmp
2014-09-28 18:15:32 ----A---- C:\awh16D.tmp
2014-09-28 18:10:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\30709
2014-09-28 16:07:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\FirefoxToolbar
2014-09-28 16:05:32 ----D---- C:\Documents and Settings\All Users\Application Data\SafetyNut
2014-09-28 15:25:55 ----A---- C:\awhEA.tmp
2014-09-28 11:11:31 ----A---- C:\awh86.tmp
2014-09-27 15:14:35 ----A---- C:\awh9A.tmp
2014-09-27 00:30:58 ----A---- C:\awh1B3.tmp
2014-09-26 13:42:24 ----A---- C:\awh8.tmp
2014-09-26 12:46:34 ----A---- C:\awhCC.tmp
2014-09-25 13:50:15 ----A---- C:\awh85.tmp
2014-09-24 16:22:36 ----A---- C:\awh83.tmp
2014-09-23 21:20:30 ----A---- C:\awh81.tmp
2014-09-23 18:59:20 ----A---- C:\awh80.tmp
2014-09-23 16:08:47 ----A---- C:\awh8E.tmp
2014-09-23 09:23:37 ----A---- C:\awh7F.tmp
2014-09-23 07:37:50 ----A---- C:\awh107.tmp
======List of files/folders modified in the last 1 month======
2014-10-22 21:10:13 ----D---- C:\Program Files\trend micro
2014-10-22 21:06:47 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2014-10-22 20:53:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2014-10-22 20:01:35 ----D---- C:\WINDOWS\Temp
2014-10-22 19:18:31 ----D---- C:\WINDOWS\system32\inetsrv
2014-10-22 18:34:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-10-22 09:59:43 ----D---- C:\WINDOWS\Prefetch
2014-10-21 23:11:29 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-10-21 23:11:20 ----SHD---- C:\WINDOWS\Installer
2014-10-21 23:10:32 ----A---- C:\WINDOWS\win.ini
2014-10-21 23:10:30 ----D---- C:\Program Files\Fichiers communs\System
2014-10-21 20:41:52 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2014-10-21 12:43:11 ----D---- C:\Program Files\Fichiers communs
2014-10-21 00:30:51 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2014-10-18 21:17:33 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-16 21:57:20 ----HD---- C:\WINDOWS\inf
2014-10-16 20:01:28 ----D---- C:\WINDOWS\WinSxS
2014-10-16 20:01:26 ----D---- C:\WINDOWS
2014-10-16 20:00:12 ----D---- C:\WINDOWS\system32
2014-10-16 20:00:12 ----D---- C:\Program Files
2014-10-16 14:56:20 ----RSD---- C:\WINDOWS\Fonts
2014-10-16 13:31:59 ----RSD---- C:\WINDOWS\assembly
2014-10-16 13:27:12 ----D---- C:\Program Files\MSBuild
2014-10-16 13:26:39 ----D---- C:\Program Files\Microsoft Office
2014-10-16 13:24:25 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2014-10-16 13:13:34 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-15 00:20:32 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-15 00:15:18 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-02 21:14:54 ----SD---- C:\WINDOWS\Tasks
2014-10-01 19:45:22 ----D---- C:\WINDOWS\system32\drivers
2014-09-28 17:08:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2014-09-28 16:03:46 ----D---- C:\Program Files\uTorrent
2014-09-26 12:44:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 Si3531;Si3531; C:\WINDOWS\system32\drivers\Si3531.sys [2008-05-24 210224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-24 77568]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-02-20 29704]
R1 ElRawDisk;ElRawDisk; \??\C:\WINDOWS\system32\drivers\rsdrv.sys []
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-02-20 39944]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2009-03-27 156160]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2008-06-02 1302812]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2009-03-27 203648]
S3 bnsdusb;Panasonic USB Reader Writer Filter Driver; C:\WINDOWS\system32\DRIVERS\bnsdusb.sys [2011-05-10 23832]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2014-06-10 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2014-06-10 25200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2014-06-10 45056]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-24 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-24 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15872]
R2 ServiceUpdater;Network Support Service Updater; C:\WINDOWS\system32\netupdsrv.exe [2014-10-01 162816]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2014-07-08 553288]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 NetHttpService;Network HTTP Support Service; C:\WINDOWS\system32\nethtsrv.exe [2014-10-01 180224]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-08-28 3584]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-26 267440]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-02-20 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-15 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrateur at 2014-10-22 21:10:10
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 4 GB (9%) free of 40 GB
Total RAM: 1014 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:18, on 22/10/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe
C:\WINDOWS\system32\wscript.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\netupdsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT(1).exe
C:\Program Files\trend micro\Administrateur.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com/?babsrc=HP_kms&affID=128493&tt=&mntrid=50E700123F3E0429&tsp=5349
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bintin] C:\WINDOWS\system32\wscript.exe /e:VBScript.Encode D:\bin.doc
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Viber] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Administration IIS (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\WINDOWS\system32\nethtsrv.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\WINDOWS\system32\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Publication World Wide Web (W3SVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
--
End of file - 6657 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AmiUpdXp.job - C:\Documents and Settings\Administrateur\Application Data\30709\a5110.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-2049760794-1801674531-500Core.job - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-2049760794-1801674531-500UA.job - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-2049760794-1801674531-500.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-2049760794-1801674531-500.job - C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\abyzs4dm.default-1407825806890
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.google.fr/"
prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=210&systemid=488&v=n13614-484&apn_dtid=TCH001&apn_ptnrs=AG1&apn_uid=2582763762554533&o=APN11459&q="
"{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"***@***"=C:\Documents and Settings\Administrateur\Application Data\BaseFlash\Firefox\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Module iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java(TM) Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java(TM) Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\abyzs4dm.default-1407825806890\searchplugins\
Ask.xml
buenosearchkms.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-07-08 152392]
"bintin"=C:\WINDOWS\system32\wscript.exe [2008-05-08 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Facebook Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2014-08-23 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-10-01 22065760]
"Viber"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe StartMinimized []
"uTorrent"=C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe [2014-10-15 1690704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-06-02 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-24 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSMHelp"=1
"ForceClassicControlPanel"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDesktopCleanupWizard"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe:*:Enabled:Viber"
"C:\Program Files\ma-config.com\MaConfigAgent.exe"="C:\Program Files\ma-config.com\MaConfigAgent.exe:LocalSubNet:Enabled:maconfigagent"
"C:\Documents and Settings\Administrateur\Bureau\CodecPerformerSetup.exe"="C:\Documents and Settings\Administrateur\Bureau\CodecPerformerSetup.exe:*:Enabled:CodecPerformerSetup.exe (in)"
"C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe"="C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe:*:Enabled:Update Engine"
"C:\Program Files\Sony Mobile\Update Service\Update Service.exe"="C:\Program Files\Sony Mobile\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Tango\Tango.exe"="C:\Program Files\Tango\Tango.exe:*:Enabled:Tango"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Administrateur\Application Data\uTorrent\uTorrent.exe:*:Enabled:?Torrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe"="C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe:*:Enabled:Viber"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=pvmjpg30.dll
======List of files/folders created in the last 1 month======
2014-10-22 19:21:37 ----A---- C:\awhAC.tmp
2014-10-22 15:33:35 ----A---- C:\awhAB.tmp
2014-10-22 09:44:13 ----A---- C:\awhAA.tmp
2014-10-22 07:33:47 ----A---- C:\awhA7.tmp
2014-10-21 19:50:27 ----A---- C:\awhD6.tmp
2014-10-21 12:43:11 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2014-10-21 10:20:48 ----A---- C:\awhA5.tmp
2014-10-19 19:58:22 ----A---- C:\awhFF.tmp
2014-10-19 00:08:59 ----D---- C:\Documents and Settings\Administrateur\Application Data\Nero
2014-10-18 20:36:07 ----A---- C:\awh117.tmp
2014-10-17 21:58:26 ----A---- C:\awhA4.tmp
2014-10-17 17:32:31 ----A---- C:\awh153.tmp
2014-10-17 10:36:53 ----A---- C:\awhA2.tmp
2014-10-16 21:40:00 ----A---- C:\awhA1.tmp
2014-10-16 20:00:12 ----D---- C:\Program Files\MSXML 4.0
2014-10-16 19:18:56 ----A---- C:\awh9D.tmp
2014-10-16 14:58:51 ----D---- C:\Documents and Settings\Administrateur\Application Data\DivX
2014-10-16 14:55:16 ----D---- C:\Program Files\Pinnacle
2014-10-16 14:55:16 ----D---- C:\Program Files\Fichiers communs\Yahoo!
2014-10-16 14:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
2014-10-16 14:53:10 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle
2014-10-16 13:30:51 ----A---- C:\WINDOWS\system32\msonpmon.dll
2014-10-16 13:27:36 ----D---- C:\Program Files\Microsoft Works
2014-10-16 13:26:06 ----D---- C:\Program Files\Microsoft Visual Studio
2014-10-16 13:24:25 ----D---- C:\Program Files\Microsoft.NET
2014-10-16 13:20:53 ----D---- C:\Program Files\Microsoft Visual Studio 8
2014-10-16 13:19:37 ----D---- C:\WINDOWS\SHELLNEW
2014-10-16 13:18:52 ----A---- C:\awh9C.tmp
2014-10-16 13:15:31 ----RHD---- C:\MSOCache
2014-10-15 21:39:37 ----A---- C:\awh9B.tmp
2014-10-15 10:52:52 ----D---- C:\Program Files\Mozilla Firefox
2014-10-15 09:42:36 ----A---- C:\awh93.tmp
2014-10-14 19:30:39 ----A---- C:\awhA0.tmp
2014-10-14 10:01:59 ----A---- C:\awh125.tmp
2014-10-13 22:34:05 ----A---- C:\awhB6.tmp
2014-10-13 10:08:49 ----A---- C:\awh92.tmp
2014-10-12 18:43:34 ----A---- C:\awh90.tmp
2014-10-11 18:39:26 ----A---- C:\awh1EC.tmp
2014-10-11 14:13:57 ----A---- C:\awh12C.tmp
2014-10-10 20:24:56 ----A---- C:\awh2DA.tmp
2014-10-10 19:35:20 ----A---- C:\awhB4.tmp
2014-10-09 21:10:39 ----A---- C:\awhBD.tmp
2014-10-07 16:46:33 ----A---- C:\awh128.tmp
2014-10-06 17:51:55 ----A---- C:\awh8B.tmp
2014-10-04 21:20:08 ----A---- C:\awhF1.tmp
2014-10-04 12:12:08 ----A---- C:\awhE0.tmp
2014-10-03 17:52:30 ----A---- C:\awhB5.tmp
2014-10-02 21:19:43 ----A---- C:\awh8A.tmp
2014-10-01 19:50:55 ----A---- C:\awhCF.tmp
2014-10-01 08:12:20 ----A---- C:\WINDOWS\system32\netupdsrv.exe
2014-10-01 08:12:08 ----A---- C:\WINDOWS\system32\installd.exe
2014-10-01 08:11:56 ----A---- C:\WINDOWS\system32\nethtsrv.exe
2014-09-30 17:17:50 ----A---- C:\awhDC.tmp
2014-09-30 16:08:05 ----A---- C:\awh9F.tmp
2014-09-30 10:15:12 ----A---- C:\awh8D.tmp
2014-09-29 22:44:07 ----A---- C:\awhD5.tmp
2014-09-28 22:06:03 ----A---- C:\awhE8.tmp
2014-09-28 18:55:16 ----A---- C:\awhD8.tmp
2014-09-28 18:15:32 ----A---- C:\awh16D.tmp
2014-09-28 18:10:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\30709
2014-09-28 16:07:06 ----D---- C:\Documents and Settings\Administrateur\Application Data\FirefoxToolbar
2014-09-28 16:05:32 ----D---- C:\Documents and Settings\All Users\Application Data\SafetyNut
2014-09-28 15:25:55 ----A---- C:\awhEA.tmp
2014-09-28 11:11:31 ----A---- C:\awh86.tmp
2014-09-27 15:14:35 ----A---- C:\awh9A.tmp
2014-09-27 00:30:58 ----A---- C:\awh1B3.tmp
2014-09-26 13:42:24 ----A---- C:\awh8.tmp
2014-09-26 12:46:34 ----A---- C:\awhCC.tmp
2014-09-25 13:50:15 ----A---- C:\awh85.tmp
2014-09-24 16:22:36 ----A---- C:\awh83.tmp
2014-09-23 21:20:30 ----A---- C:\awh81.tmp
2014-09-23 18:59:20 ----A---- C:\awh80.tmp
2014-09-23 16:08:47 ----A---- C:\awh8E.tmp
2014-09-23 09:23:37 ----A---- C:\awh7F.tmp
2014-09-23 07:37:50 ----A---- C:\awh107.tmp
======List of files/folders modified in the last 1 month======
2014-10-22 21:10:13 ----D---- C:\Program Files\trend micro
2014-10-22 21:06:47 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2014-10-22 20:53:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Skype
2014-10-22 20:01:35 ----D---- C:\WINDOWS\Temp
2014-10-22 19:18:31 ----D---- C:\WINDOWS\system32\inetsrv
2014-10-22 18:34:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-10-22 09:59:43 ----D---- C:\WINDOWS\Prefetch
2014-10-21 23:11:29 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-10-21 23:11:20 ----SHD---- C:\WINDOWS\Installer
2014-10-21 23:10:32 ----A---- C:\WINDOWS\win.ini
2014-10-21 23:10:30 ----D---- C:\Program Files\Fichiers communs\System
2014-10-21 20:41:52 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2014-10-21 12:43:11 ----D---- C:\Program Files\Fichiers communs
2014-10-21 00:30:51 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2014-10-18 21:17:33 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-16 21:57:20 ----HD---- C:\WINDOWS\inf
2014-10-16 20:01:28 ----D---- C:\WINDOWS\WinSxS
2014-10-16 20:01:26 ----D---- C:\WINDOWS
2014-10-16 20:00:12 ----D---- C:\WINDOWS\system32
2014-10-16 20:00:12 ----D---- C:\Program Files
2014-10-16 14:56:20 ----RSD---- C:\WINDOWS\Fonts
2014-10-16 13:31:59 ----RSD---- C:\WINDOWS\assembly
2014-10-16 13:27:12 ----D---- C:\Program Files\MSBuild
2014-10-16 13:26:39 ----D---- C:\Program Files\Microsoft Office
2014-10-16 13:24:25 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2014-10-16 13:13:34 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-15 00:20:32 ----D---- C:\WINDOWS\system32\CatRoot
2014-10-15 00:15:18 ----A---- C:\WINDOWS\system32\MRT.exe
2014-10-02 21:14:54 ----SD---- C:\WINDOWS\Tasks
2014-10-01 19:45:22 ----D---- C:\WINDOWS\system32\drivers
2014-09-28 17:08:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\vlc
2014-09-28 16:03:46 ----D---- C:\Program Files\uTorrent
2014-09-26 12:44:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 Si3531;Si3531; C:\WINDOWS\system32\drivers\Si3531.sys [2008-05-24 210224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-24 77568]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-02-20 29704]
R1 ElRawDisk;ElRawDisk; \??\C:\WINDOWS\system32\drivers\rsdrv.sys []
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-02-20 39944]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2009-03-27 156160]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2008-06-02 1302812]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-28 12288]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2009-03-27 203648]
S3 bnsdusb;Panasonic USB Reader Writer Filter Driver; C:\WINDOWS\system32\DRIVERS\bnsdusb.sys [2011-05-10 23832]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2014-06-10 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2014-06-10 25200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2014-06-10 45056]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-24 38528]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-24 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-20 472320]
R2 IISADMIN;Administration IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15872]
R2 ServiceUpdater;Network Support Service Updater; C:\WINDOWS\system32\netupdsrv.exe [2014-10-01 162816]
R2 W3SVC;Publication World Wide Web; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2014-07-08 553288]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 NetHttpService;Network HTTP Support Service; C:\WINDOWS\system32\nethtsrv.exe [2014-10-01 180224]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-08-28 3584]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-26 267440]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-02-20 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-15 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
-----------------EOF-----------------
A voir également:
- Wscript.exe pas de disque
- Defragmenter disque dur - Guide
- Cloner disque dur - Guide
- Nettoyage de disque - Guide
- Chkdsk disque dur externe - Guide
- Flash disque non reconnu - Guide
1 réponse
Salut,
Ton infection est donc une infection qui se propage par disques amovibles (clefs USB, disque dur externe, carte flash etc..).
Les disques amovibles que tu as insérés dans l'ordinateur quand celui-ci était infecté ont été infectés à leur tour.
Le simple faite d'ouvrir le poste de travail et de double-cliquer sur ta clef USB/disque dur externe va réinfecter ton système.
Tu trouveras un lien explicatif sur la propagation de ces infections, comment s'en protéger etc.... à partir de ces liens :
Comprendre les infections par disques amovibles : https://forum.malekal.com/viewtopic.php?t=3350&start=
Il te faut maintenant nettoyer tes clefs USB/disques dur externes, pour cela suis le tutorial USBFix.
Suis bien le tutorial dans l'ordre : Désactive bien Autorun/Autoplay, insère tes clefs USB et disque dur externe que tu as pour les nettoyer.
Poste les rapports sur http://pjjoint.malekal.com et donne les adresses.
L'adresse du tutorial : https://www.malekal.com/usbfix-supprimer-virus-usb/
Ton infection est donc une infection qui se propage par disques amovibles (clefs USB, disque dur externe, carte flash etc..).
Les disques amovibles que tu as insérés dans l'ordinateur quand celui-ci était infecté ont été infectés à leur tour.
Le simple faite d'ouvrir le poste de travail et de double-cliquer sur ta clef USB/disque dur externe va réinfecter ton système.
Tu trouveras un lien explicatif sur la propagation de ces infections, comment s'en protéger etc.... à partir de ces liens :
Comprendre les infections par disques amovibles : https://forum.malekal.com/viewtopic.php?t=3350&start=
Il te faut maintenant nettoyer tes clefs USB/disques dur externes, pour cela suis le tutorial USBFix.
Suis bien le tutorial dans l'ordre : Désactive bien Autorun/Autoplay, insère tes clefs USB et disque dur externe que tu as pour les nettoyer.
Poste les rapports sur http://pjjoint.malekal.com et donne les adresses.
L'adresse du tutorial : https://www.malekal.com/usbfix-supprimer-virus-usb/
