Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Supprimer trojan downloader win32/Renos DZ

Dernière réponse le 1 jui 2009 à 20:35:47 Katarina, le 28 jun 2009 à 20:01:32

Signaler ce message aux modérateurs

Bonjour,

Mon Windows Defender m'averti fréquemment qu'un virus portant le nom de Trojan Downloader win32/Renos Dz infecte mon ordinateur. J'ai tenté de le supprimer (à plusieurs reprises), mais en vain. J'ai téléchargé Multi Virus Cleaner 2009 et je le fais fonctionner en mode sans échec, mais les tentatives s'avèrent, pour l'instant, infructueuses (j'ai l'impression que le programme n'est pas suffisamment compétent pour repérer le problème).

Je suis découragée, car je ne sais pas comment me débarasser de ce virus...

Merci pour votre aide!!

Configuration: Windows Vista Internet Explorer 8.0

Meilleures réponses pour « Supprimer trojan downloader win32/Renos DZ » dans :

Infection trojan download win 32 renos dz Voir

Supprimer TROJANDOWNLOADER WIN 32 RENOS DZ Voir

Trojan-Downloader.Win32.CWS Voir

Cheval de Troie Trojan-Downloader.Win32.Bagle Voir

Trojan-downloader.win32.agent variant et WoW Voir

Trojan downloader:win32/renos.AU Voir

Posez votre question Répondre

Nic00, le 28 jun 2009 à 20:15:01

Salut,

▶ Télécharge random's system information tool (RSIT)
http://images.malwareremoval.com/random/RSIT.exe
▶Enregistre le sur ton Bureau
▶ Double clique sur RSIT.exe pour l’exécuter.

▶ Clique sur "continue" à l'écran Disclaimer.

▶ Si l'outil HIjackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu n’auras qu’à accepter la licence.

▶ Une fois le scan terminé , 2 rapports vont apparaitre.
▶ Poste les dans ton prochain message
▶ Note : les rapports se trouvent aussi ici : ( log.txt & info.txt )
0°¤~>>Plus un ordinateur possède de RAM, plus vite il peut générer un message d'erreur.<<~¤°0

Répondre à Nic00

Katarina, le 28 jun 2009 à 20:20:02

Salut!

Voici donc ce qui apparaît après avoir effectué le scan avec RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Miss Cath at 2009-06-28 14:16:09
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 18 GB (23%) free of 76 GB
Total RAM: 893 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:10, on 2009-06-28
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\NetDownload\Multi Virus Cleaner 2009\MVC.exe
C:\Users\Miss Cath\Desktop\RSIT.exe
C:\Program Files\trend micro\Miss Cath.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [NoteBurner] C:\Program Files\NoteBurner\VTBurnerGUI.exe /silence
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [WinBlueSoft] C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe -min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [setup2.exe] C:\Windows\system32\setup2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSNPUpldfr-ca.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C500D053-B865-4328-BAA8-F8454E185121}: NameServer = 85.255.112.132,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8EEF5FB-D394-44A4-9130-E7DB41EE6600}: NameServer = 85.255.112.132,85.255.112.188
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.132,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.132,85.255.112.188
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Unknown owner - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
End of file - 10049 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Norton Security Scan.job
C:\Windows\tasks\User_Feed_Synchronization-{171813DE-FC5B-4192-A9B1-E2CBDFD0D95D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-06 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-11 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-20 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-28 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-03-30 1091584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-11 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NapsterShell"=C:\Program Files\Napster\napster.exe /systray []
"NoteBurner"=C:\Program Files\NoteBurner\VTBurnerGUI.exe /silence []
"SigmatelSysTrayApp"=C:\Windows\sttray.exe [2007-01-12 303104]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-03-30 970240]
"WinBlueSoft"=C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe -min []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-06 21898024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-03 39408]
"setup2.exe"=C:\Windows\system32\setup2.exe [2009-06-28 830976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Users\Miss Cath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d3551ed-0405-11de-915d-0019b95107a6}]
shell\AutoRun\command - F:\LaunchU3.exe -a

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 months======

2009-12-22 13:40:22 ----A---- C:\Windows\system32\z2485troj5e9.exe
2009-12-22 08:46:44 ----A---- C:\Windows\system32\5885z9y670.dll
2009-12-20 07:13:56 ----A---- C:\Windows\system32\98z5stea51350.exe
2009-12-20 06:27:03 ----A---- C:\Windows\system32\5177v9rus1caz.dll
2009-12-19 04:18:30 ----A---- C:\Windows\830z9ac5tool648.exe
2009-12-15 02:37:50 ----A---- C:\Windows\9z38spy3a35.exe
2009-12-14 20:05:48 ----A---- C:\Windows\system32\5d89d9wnlozder2214.exe
2009-12-14 17:17:34 ----A---- C:\Windows\system32\5979virus559z.dll
2009-12-12 00:20:09 ----A---- C:\Windows\293bzhreat55109.dll
2009-12-09 06:08:14 ----A---- C:\Windows\5503th9ez2339.exe
2009-12-08 09:50:08 ----A---- C:\Windows\system32\488zsp5mbot1a9.exe
2009-12-08 01:07:53 ----A---- C:\Windows\system32\5529stea52z989.dll
2009-12-03 14:08:03 ----A---- C:\Windows\system32\8890not-a-59zus4a3.exe
2009-11-28 02:46:15 ----A---- C:\Windows\9214zhief65.dll
2009-11-25 21:12:21 ----A---- C:\Windows\system32\15512tro97bz.exe
2009-11-25 16:53:05 ----A---- C:\Windows\system32\364fthreat293z5.exe
2009-11-24 03:48:10 ----A---- C:\Windows\system32\11997zp5223.dll
2009-11-21 20:28:37 ----A---- C:\Windows\2d45backdzor9619.exe
2009-11-14 16:07:04 ----A---- C:\Windows\system32\13789not-azvi5us219.exe
2009-11-07 23:03:53 ----A---- C:\Windows\system32\z5346hack9ool4ef.dll
2009-11-05 02:38:12 ----A---- C:\Windows\system32\588cspywar91184z.dll
2009-11-02 19:09:30 ----A---- C:\Windows\system32\1959hazktool7c7.exe
2009-11-02 08:36:48 ----A---- C:\Windows\9zc0vir554.dll
2009-10-19 08:30:04 ----A---- C:\Windows\system32\6a529ownlzader5583.exe
2009-10-17 21:06:50 ----A---- C:\Windows\6zc1back9o5r635.dll
2009-10-16 12:15:00 ----A---- C:\Windows\96230zpy505.dll
2009-10-08 21:09:01 ----A---- C:\Windows\228az59471.dll
2009-10-03 01:03:25 ----A---- C:\Windows\system32\4839addwzre16255.dll
2009-10-02 10:24:42 ----A---- C:\Windows\b48zhreat15398.exe
2009-10-02 03:39:00 ----A---- C:\Windows\25e0spzr9e653.dll
2009-10-01 02:08:50 ----A---- C:\Windows\system32\2802t9reat55175z.exe
2009-09-28 03:24:56 ----A---- C:\Windows\system32\525spa9ze1532.dll
2009-09-24 22:29:19 ----A---- C:\Windows\system32\46za9dware5307.dll
2009-09-24 11:36:24 ----A---- C:\Windows\system32\26195spy34z9.exe
2009-09-22 04:40:29 ----A---- C:\Windows\5191w5z9eb.dll
2009-09-18 01:06:16 ----A---- C:\Windows\system32\38z5th9ef923.exe
2009-09-17 11:26:39 ----A---- C:\Windows\system32\45c3threat195z8.dll
2009-09-15 21:08:44 ----A---- C:\Windows\system32\7a4asz9rse5565.dll
2009-09-14 19:22:59 ----A---- C:\Windows\system32\3175sp9wa5z1710.exe
2009-09-12 14:07:17 ----A---- C:\Windows\system32\z2769troj675.exe
2009-09-11 20:21:44 ----A---- C:\Windows\system32\253c5zr1709.dll
2009-09-05 17:27:02 ----A---- C:\Windows\298bszarse25959.dll
2009-09-05 06:06:30 ----A---- C:\Windows\723fs9yw5re2162z.dll
2009-09-03 05:52:06 ----A---- C:\Windows\system32\9564spy5zd9.exe
2009-09-02 18:47:57 ----A---- C:\Windows\system32\1693695oja8z.dll
2009-08-25 16:10:37 ----A---- C:\Windows\system32\77479ownz5ader2371.dll
2009-08-25 12:56:59 ----A---- C:\Windows\system32\18240v9rus4zd5.exe
2009-08-20 23:10:51 ----A---- C:\Windows\system32\27z79s5y5f9.dll
2009-08-15 16:56:39 ----A---- C:\Windows\1442threaz28995.dll
2009-08-14 09:18:22 ----A---- C:\Windows\system32\52502spa9bot39z.exe
2009-08-06 06:37:41 ----A---- C:\Windows\system32\49c5steal159z.exe
2009-08-01 18:11:27 ----A---- C:\Windows\495esteaz24439.exe
2009-07-28 17:10:43 ----A---- C:\Windows\system32\1389notza-5irus3ac.dll
2009-07-28 09:34:40 ----A---- C:\Windows\1134z9py2d5.dll
2009-07-27 01:24:15 ----A---- C:\Windows\1fb7z5r9155.exe
2009-07-26 12:54:08 ----A---- C:\Windows\system32\9956thie53z26.exe
2009-07-26 08:24:37 ----A---- C:\Windows\54695hacktooz2fb.exe
2009-07-18 15:11:17 ----A---- C:\Windows\256515p9182z.exe
2009-07-16 18:10:55 ----A---- C:\Windows\95995roj721z.exe
2009-07-15 23:02:54 ----A---- C:\Windows\a63ad5w9re299z.dll
2009-07-13 09:11:09 ----A---- C:\Windows\746zdownlo9der5918.exe
2009-07-07 07:24:37 ----A---- C:\Windows\system32\5c6d9ownloader75z.dll
2009-06-28 17:53:43 ----A---- C:\Windows\13659spambotzc5.dll
2009-06-28 13:24:55 ----A---- C:\Windows\system32\12361not9a-vi5us5ez.exe
2009-06-28 13:24:55 ----A---- C:\Windows\5b95sparse269z.exe
2009-06-28 13:24:55 ----A---- C:\Windows\5929hacktoolzf8.exe
2009-06-28 13:24:54 ----A---- C:\Windows\z491wo95456.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\z9995pyware1959.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\z893vi5us2c8.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\z035spambot9f05.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\99fdvzr3057.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\7ce9thi9f569z.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\75a2add9arez4.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\5f98stzal97365.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\585zspar9e1735.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\529dthreat5376z.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\405eaddza9e2706.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\3z9975py980.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\3fcathzeat175299.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\3ef05za9se1942.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\3215295zmbot46a.dll
2009-06-28 13:24:54 ----A---- C:\Windows\system32\29e8a9dwa5ez208.exe
2009-06-28 13:24:54 ----A---- C:\Windows\system32\20091n5t-azvirus794.exe
2009-06-28 13:24:54 ----A---- C:\Windows\758fvir3z579.exe
2009-06-28 13:24:54 ----A---- C:\Windows\58d3sp9rse1z53.dll
2009-06-28 13:24:54 ----A---- C:\Windows\512zspyware59009.dll
2009-06-28 13:24:54 ----A---- C:\Windows\498zv5r775.exe
2009-06-28 13:24:54 ----A---- C:\Windows\16868trojz59.exe
2009-06-28 13:24:53 ----A---- C:\Windows\z3dthr5at159009.exe
2009-06-28 13:24:53 ----A---- C:\Windows\z23dsteal9925.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\z1398worm51.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\a29ad95are1z11.exe
2009-06-28 13:24:53 ----A---- C:\Windows\system32\9f57spywaze3095.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\993105orz46a.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\73759hzeat7223.exe
2009-06-28 13:24:53 ----A---- C:\Windows\system32\5a01b9ckdozr659.exe
2009-06-28 13:24:53 ----A---- C:\Windows\system32\4c9f5zarse569.exe
2009-06-28 13:24:53 ----A---- C:\Windows\system32\31cfsz9ware2185.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\2b7fzpar952529.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\2495downloazer833.exe
2009-06-28 13:24:53 ----A---- C:\Windows\system32\239z2worm98e5.dll
2009-06-28 13:24:53 ----A---- C:\Windows\system32\100z9s5y4d2.exe
2009-06-28 13:24:53 ----A---- C:\Windows\9939th5ef26z7.exe
2009-06-28 13:24:53 ----A---- C:\Windows\97z2spambot355.dll
2009-06-28 13:24:53 ----A---- C:\Windows\9105zvirus749.exe
2009-06-28 13:24:53 ----A---- C:\Windows\8857szy59f.dll
2009-06-28 13:24:53 ----A---- C:\Windows\7z35h9eat17380.exe
2009-06-28 13:24:53 ----A---- C:\Windows\6d0dthr5at290z8.exe
2009-06-28 13:24:53 ----A---- C:\Windows\5d9zspars52179.exe
2009-06-28 13:24:53 ----A---- C:\Windows\5917szyware1159.dll
2009-06-28 13:24:53 ----A---- C:\Windows\535ebackdzor1191.exe
2009-06-28 13:24:53 ----A---- C:\Windows\3cc2down9oader520z.dll
2009-06-28 13:24:53 ----A---- C:\Windows\39741spyz0a5.dll
2009-06-28 13:24:53 ----A---- C:\Windows\2103ad9warz17805.exe
2009-06-28 13:24:53 ----A---- C:\Windows\1ze9spyware7995.dll
2009-06-28 13:24:52 ----A---- C:\Windows\system32\setup2.exe
2009-06-28 13:17:19 ----A---- C:\Windows\ntbtlog.txt
2009-06-28 12:22:23 ----D---- C:\Program Files\trend micro
2009-06-28 12:22:18 ----DC---- C:\rsit
2009-06-27 14:10:40 ----A---- C:\Windows\system32\NCTVideoFile.dll
2009-06-27 14:10:40 ----A---- C:\Windows\system32\NCTVideoDxPlayer.dll
2009-06-27 14:10:40 ----A---- C:\Windows\system32\NCTAudioFormatSettings3.dll
2009-06-27 14:10:39 ----A---- C:\Windows\system32\NCTWMVFile.dll
2009-06-27 14:10:39 ----A---- C:\Windows\system32\NCTVideoCoreM.dll
2009-06-27 14:10:39 ----A---- C:\Windows\system32\NCTQuickTimeFile.dll
2009-06-27 14:10:39 ----A---- C:\Windows\system32\NCTAVIFile.dll
2009-06-27 14:10:39 ----A---- C:\Windows\system32\NCTAudioCompress3.dll
2009-06-27 14:10:39 ----A---- C:\Windows\system32\NCTAudioCompress2.dll
2009-06-27 14:10:38 ----A---- C:\Windows\system32\wmpcdcs8.exe
2009-06-27 14:10:38 ----A---- C:\Windows\system32\NCTVideoCompress.dll
2009-06-27 14:10:38 ----A---- C:\Windows\system32\lame_enc.dll
2009-06-26 17:36:06 ----A---- C:\Windows\system32\596zspyware2505.exe
2009-06-25 22:31:05 ----A---- C:\Windows\z62925pambot902.dll
2009-06-21 10:21:10 ----D---- C:\Users\Miss Cath\AppData\Roaming\uTorrent
2009-06-20 06:33:04 ----A---- C:\Windows\system32\58dfzh9ef1256.exe
2009-06-19 14:10:10 ----A---- C:\Windows\system32\17z36tr5j9a4.exe
2009-06-18 23:19:06 ----D---- C:\Users\Miss Cath\AppData\Roaming\Trusteer
2009-06-18 23:19:06 ----D---- C:\ProgramData\Trusteer
2009-06-18 23:18:51 ----D---- C:\Program Files\Trusteer
2009-06-18 15:09:49 ----A---- C:\Windows\system32\3d5vi51z97.exe
2009-06-14 20:33:57 ----A---- C:\Windows\system32\EncDec.dll
2009-06-14 20:33:55 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-12 22:24:23 ----A---- C:\Windows\system32\7aa9threatz5996.dll
2009-06-11 18:32:36 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-11 18:32:14 ----A---- C:\Windows\system32\mshtml.dll
2009-06-11 18:32:11 ----A---- C:\Windows\system32\ieframe.dll
2009-06-11 18:32:09 ----A---- C:\Windows\system32\urlmon.dll
2009-06-11 18:32:09 ----A---- C:\Windows\system32\iertutil.dll
2009-06-11 18:32:08 ----A---- C:\Windows\system32\wininet.dll
2009-06-11 18:32:08 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-11 18:32:07 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-11 18:32:07 ----A---- C:\Windows\system32\ieui.dll
2009-06-11 18:32:07 ----A---- C:\Windows\system32\iesetup.dll
2009-06-11 18:32:07 ----A---- C:\Windows\system32\iernonce.dll
2009-06-11 18:32:07 ----A---- C:\Windows\system32\ie4uinit.exe
2009-06-11 18:32:03 ----A---- C:\Windows\system32\localspl.dll
2009-06-09 18:03:11 ----D---- C:\Program Files\Capturino V2
2009-06-06 19:34:11 ----A---- C:\Windows\system32\mshtmled.dll
2009-06-06 19:34:10 ----A---- C:\Windows\system32\icardie.dll
2009-06-06 19:34:09 ----A---- C:\Windows\system32\mshtmler.dll
2009-06-06 19:34:09 ----A---- C:\Windows\system32\admparse.dll
2009-06-06 19:34:08 ----A---- C:\Windows\system32\msls31.dll
2009-06-06 19:34:07 ----A---- C:\Windows\system32\ieakeng.dll
2009-06-06 19:34:07 ----A---- C:\Windows\system32\corpol.dll
2009-06-06 19:34:06 ----A---- C:\Windows\system32\imgutil.dll
2009-06-06 19:34:06 ----A---- C:\Windows\system32\iepeers.dll
2009-06-06 19:34:06 ----A---- C:\Windows\system32\dxtrans.dll
2009-06-06 19:34:06 ----A---- C:\Windows\system32\dxtmsft.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\webcheck.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\occache.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\msrating.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\licmgr10.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\inseng.dll
2009-06-06 19:34:05 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-06 19:34:04 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-06-06 19:34:04 ----A---- C:\Windows\system32\wextract.exe
2009-06-06 19:34:04 ----A---- C:\Windows\system32\mstime.dll
2009-06-06 19:34:04 ----A---- C:\Windows\system32\msfeedssync.exe
2009-06-06 19:34:04 ----A---- C:\Windows\system32\ieakui.dll
2009-06-06 19:34:03 ----A---- C:\Windows\system32\pngfilt.dll
2009-06-06 19:34:03 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-06 19:34:03 ----A---- C:\Windows\system32\advpack.dll
2009-06-06 19:34:02 ----A---- C:\Windows\system32\vbscript.dll
2009-06-06 19:34:02 ----A---- C:\Windows\system32\url.dll
2009-06-06 19:34:02 ----A---- C:\Windows\system32\jscript.dll
2009-06-06 19:34:02 ----A---- C:\Windows\system32\ieapfltr.dll
2009-06-06 19:34:00 ----A---- C:\Windows\system32\mshta.exe
2009-06-06 19:34:00 ----A---- C:\Windows\system32\iexpress.exe
2009-06-06 19:33:59 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-06-06 19:33:59 ----A---- C:\Windows\system32\SetDepNx.exe
2009-06-06 19:33:59 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-06-06 19:33:59 ----A---- C:\Windows\system32\iesysprep.dll
2009-06-06 19:33:58 ----A---- C:\Windows\system32\PDMSetup.exe
2009-06-06 19:33:58 ----A---- C:\Windows\system32\ieUnatt.exe
2009-06-06 17:34:02 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-06 17:33:58 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-06 17:33:55 ----A---- C:\Windows\system32\icardres.dll
2009-06-06 17:33:55 ----A---- C:\Windows\system32\icardagt.exe
2009-06-06 17:33:54 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-06 17:33:39 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-06 17:33:26 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-06 16:30:46 ----D---- C:\Users\Miss Cath\AppData\Roaming\vlc
2009-06-05 19:59:01 ----A---- C:\Windows\system32\583ethre9t12310z.exe
2009-06-03 04:56:28 ----A---- C:\Windows\system32\137daddw9re56z.exe
2009-06-02 22:51:05 ----D---- C:\Program Files\pdfforge Toolbar
2009-06-02 20:02:42 ----D---- C:\ProgramData\Avira
2009-06-02 20:02:42 ----D---- C:\Program Files\Avira

======List of files/folders modified in the last 1 months======

2009-06-28 13:27:51 ----RD---- C:\Program Files
2009-06-28 13:24:55 ----D---- C:\Windows\System32
2009-06-28 13:24:55 ----D---- C:\Windows
2009-06-28 13:14:56 ----D---- C:\Windows\Temp
2009-06-28 12:57:27 ----D---- C:\Windows\Minidump
2009-06-28 12:05:59 ----D---- C:\Windows\Tasks
2009-06-28 11:56:15 ----D---- C:\NetDownload
2009-06-28 11:10:30 ----D---- C:\Users\Miss Cath\AppData\Roaming\skypePM
2009-06-28 11:08:25 ----D---- C:\Windows\system32\Tasks
2009-06-28 01:05:15 ----D---- C:\Program Files\Common Files
2009-06-28 01:03:11 ----D---- C:\Windows\Prefetch
2009-06-27 20:50:21 ----D---- C:\Users\Miss Cath\AppData\Roaming\dvdcss
2009-06-27 14:38:57 ----D---- C:\Program Files\Common Files\AVSMedia
2009-06-27 14:01:49 ----D---- C:\Windows\system32\drivers
2009-06-27 12:53:24 ----SHD---- C:\System Volume Information
2009-06-24 13:58:08 ----D---- C:\Users\Miss Cath\AppData\Roaming\Skype
2009-06-24 12:02:18 ----SHD---- C:\Windows\Installer
2009-06-24 12:00:14 ----D---- C:\Users\Miss Cath\AppData\Roaming\Adobe
2009-06-24 11:51:38 ----D---- C:\ProgramData\Adobe
2009-06-24 03:01:01 ----D---- C:\Windows\winsxs
2009-06-24 03:01:01 ----D---- C:\Program Files\Internet Explorer
2009-06-24 01:07:47 ----HD---- C:\ProgramData
2009-06-24 00:55:43 ----D---- C:\Program Files\Common Files\Adobe
2009-06-23 19:13:35 ----D---- C:\Windows\system32\catroot2
2009-06-23 17:09:26 ----D---- C:\Windows\system32\catroot
2009-06-21 09:58:47 ----D---- C:\Windows\inf
2009-06-21 09:58:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-15 18:48:02 ----D---- C:\Windows\Microsoft.NET
2009-06-15 18:33:35 ----RSD---- C:\Windows\assembly
2009-06-15 18:29:01 ----D---- C:\Windows\ehome
2009-06-15 18:27:47 ----D---- C:\ProgramData\Microsoft Help
2009-06-12 16:33:29 ----D---- C:\Windows\system32\migration
2009-06-06 20:44:55 ----D---- C:\Windows\rescache
2009-06-06 20:24:37 ----D---- C:\Windows\system32\fr-FR
2009-06-06 20:24:35 ----D---- C:\Windows\system32\en-US
2009-06-06 20:24:35 ----D---- C:\Windows\PolicyDefinitions
2009-06-06 20:15:13 ----RSD---- C:\Windows\Fonts
2009-06-06 20:14:29 ----D---- C:\Program Files\Common Files\microsoft shared
2009-06-06 20:13:35 ----D---- C:\Program Files\Microsoft Works
2009-06-06 20:04:41 ----A---- C:\Windows\win.ini
2009-06-06 18:11:00 ----D---- C:\Windows\system32\XPSViewer
2009-06-06 18:10:59 ----D---- C:\Windows\system32\wbem
2009-06-01 12:51:12 ----A---- C:\Windows\system32\mrt.exe
2009-05-29 23:31:02 ----D---- C:\temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
R3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-25 14604]
R3 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
S1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
S1 RapportKELL;RapportKELL; \??\C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys [2009-06-10 57320]
S1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2009-06-10 239080]
S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
S2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 DsAudioDevice_282;DsAudioDevice_282; C:\Windows\system32\drivers\DsAudioDevice_282.sys [2009-01-08 16640]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-19 2314752]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-01-12 647680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-09 185089]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
S2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2009-06-10 664808]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe []
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-05-05 72704]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-09-13 654848]
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Répondre à Katarina

Katarina, le 28 jun 2009 à 20:59:30

J'ai oublié de spécifier:

Je suis présentement en mode sans échec car en mode normal, un écran bleu est apparu à deux reprises et mon ordi redémarre (contre mon gré, bien sûr...)

Répondre à Katarina

Nic00, le 29 jun 2009 à 10:11:07

Ok, on continue en mode sans échec la désinfection alors (de toute façon tu n'as pas le choix ^^)

▶Télécharge GenProc :
http://www.genproc.com/GenProc.exe

▶Enregistre le sur ton Bureau.
▶Double-clique sur GenProc.exe pour l'exécuter, et poste le contenu du rapport qui s'ouvre. 0°¤~>>Plus un ordinateur possède de RAM, plus vite il peut générer un message d'erreur.<<~¤°0

Répondre à Nic00

Katarina, le 1 jui 2009 à 16:46:35

Salut!

J'ai finalement réinstallé mon système d'exploitation: mon ordi était trop infecté!

Merci quand même pour ton aide!

Répondre à Katarina

haha, le 1 jui 2009 à 16:49:59

Ca ne va peut etre pas résoudre ton probleme, certain virus resiste au formatage

Répondre à haha

Nic00, le 1 jui 2009 à 20:35:47

Ok, si tout est réglé alors mets le sujet en résolu.

A+
0°¤~>>Plus un ordinateur possède de RAM, plus vite il peut générer un message d'erreur.<<~¤°0

Répondre à Nic00

Posez votre question Répondre