salut cricri voici les rapports fait sur le pc vista
par contre pour hijackthis je ne sais pas comment le mettre a jour et aussi, je ne sais pas si il a pris en compte le DDext et mes cle usb (j’ai branché 3 cle et un DDext pour l’analyse)
rapport malware
Malwarebytes’ Anti-Malware 1.41
Version de la base de données: 3092
Windows 6.0.6001 Service Pack 1 (Safe Mode)
03/11/2009 19:25:00
mbam-log-2009-11-03 (19-25-00).txt
Type de recherche: Examen complet (C:|D:|E:|F:|G:|H:|J:|K:|)
Eléments examinés: 190044
Temps écoulé: 23 minute(s), 46 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
rapport genproc
Rapport GenProc 2.640 [1] - 03/11/2009 à 21:17:05
@ Windows Vista Service Pack 1 - Mode normal
@ Internet Explorer (7.0.6001.18000) [Navigateur par défaut]
GenProc n’a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Poste un rapport Nod32 www.eset-nod32.fr… (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c’est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:20:09, on 03/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\bruno\Desktop\GenProc\GenProc\outil\bruno_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.asus.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.asus.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM…\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM…\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM…\Run: [PowerForPhone] “C:\Program Files\P4P\P4P.exe”
O4 - HKLM…\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM…\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM…\Run: [Symantec PIF AlertEng] “C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe” /a /m “C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll”
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE RÉSEAU’)
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
–
End of file - 6367 bytes
~~ Fin à 21:20:14 ~~
rapport rsit
Logfile of random’s system information tool 1.06 (written by random/random)
Run by bruno at 2009-11-03 21:24:34
Microsoft® Windows Vista Édition Familiale Premium Service Pack 1
System drive C: has 31 GB (62%) free of 50 GB
Total RAM: 3071 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:24:46, on 03/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\bruno\Desktop\RSIT.exe
C:\Program Files\trend micro\bruno.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.asus.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.asus.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM…\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM…\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM…\Run: [PowerForPhone] “C:\Program Files\P4P\P4P.exe”
O4 - HKLM…\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM…\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM…\Run: [Symantec PIF AlertEng] “C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe” /a /m “C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll”
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘SERVICE RÉSEAU’)
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
–
End of file - 6347 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Norton Internet Security - Run Full System Scan - bruno.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-01-12 96936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-01-12 607888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
“StartCCC”=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
“ccApp”=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
“RtHDVCpl”=C:\Windows\RtHDVCpl.exe [2008-01-07 4853760]
“SMSERIAL”=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2007-09-03 630784]
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
“ATKMEDIA”=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
“ASUSTPE”=C:\Windows\system32\ASUSTPE.exe [2007-10-12 106496]
“PowerForPhone”=C:\Program Files\P4P\P4P.exe [2007-08-03 778240]
“ASUS Camera ScreenSaver”=C:\Windows\ASScrProlog.exe [2009-11-01 37232]
“ASUS Screen Saver Protector”=C:\Windows\ASScrPro.exe [2009-11-01 33136]
“Symantec PIF AlertEng”=C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“EnableLUA”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2009-11-03 21:24:34 ----D---- C:\rsit
2009-11-03 21:24:34 ----D---- C:\Program Files\trend micro
2009-11-03 18:58:53 ----A---- C:\Windows\ntbtlog.txt
2009-11-03 18:56:30 ----D---- C:\Users\bruno\AppData\Roaming\Malwarebytes
2009-11-03 18:56:22 ----D---- C:\ProgramData\Malwarebytes
2009-11-03 18:56:22 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-11-02 18:42:34 ----D---- C:\Program Files\CCleaner
2009-11-01 07:05:28 ----D---- C:\ProgramData\Adobe
2009-11-01 07:05:23 ----D---- C:\Program Files\Common Files\Adobe
2009-11-01 07:05:23 ----D---- C:\Program Files\Adobe
2009-11-01 07:02:20 ----A---- C:\Windows\system32\acovcnt.exe
2009-11-01 06:58:51 ----A---- C:\Windows\PGMONITOR.EXE
2009-11-01 06:58:46 ----A---- C:\Windows\system32\Oemdspif.dll
2009-11-01 06:58:46 ----A---- C:\Windows\system32\atiumdva.dll
2009-11-01 06:58:45 ----A---- C:\Windows\system32\atiumdag.dll
2009-11-01 06:58:45 ----A---- C:\Windows\system32\atitmmxx.dll
2009-11-01 06:58:45 ----A---- C:\Windows\system32\atipdlxx.dll
2009-11-01 06:58:44 ----A---- C:\Windows\system32\atioglxx.dll
2009-11-01 06:58:44 ----A---- C:\Windows\system32\atidxx32.dll
2009-11-01 06:58:44 ----A---- C:\Windows\system32\ATIDEMGX.dll
2009-11-01 06:58:44 ----A---- C:\Windows\system32\atibrtmon.exe
2009-11-01 06:58:44 ----A---- C:\Windows\system32\Ati2evxx.exe
2009-11-01 06:58:44 ----A---- C:\Windows\system32\Ati2evxx.dll
2009-11-01 06:58:44 ----A---- C:\Windows\system32\ati2edxx.dll
2009-11-01 06:58:44 ----A---- C:\Windows\system32\amdpcom32.dll
2009-11-01 06:57:13 ----A---- C:\Windows\system32\WdfCoInstaller01000.dll
2009-11-01 06:57:11 ----A---- C:\Windows\system32\SynTPCo4.dll
2009-11-01 06:57:11 ----A---- C:\Windows\system32\SynTPAPI.dll
2009-11-01 06:57:11 ----A---- C:\Windows\system32\SynCtrl.dll
2009-11-01 06:57:11 ----A---- C:\Windows\system32\SynCOM.dll
2009-11-01 06:56:34 ----A---- C:\Windows\ASScrPro.exe
2009-11-01 06:56:23 ----A---- C:\Windows\ASUS Camera ScreenSaver.exe
2009-11-01 06:56:23 ----A---- C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe
2009-11-01 06:56:23 ----A---- C:\Windows\ASScrProlog.exe
2009-11-01 06:56:21 ----D---- C:\Windows\system32\Macromed
2009-11-01 06:56:21 ----D---- C:\Windows\Asus_Camera_ScreenSaver dir
2009-11-01 06:56:21 ----A---- C:\Windows\impborl.dll
2009-11-01 06:56:21 ----A---- C:\Windows\flashax.exe
2009-11-01 06:56:03 ----A---- C:\Windows\system32\ACEngSvr.exe
2009-11-01 06:56:00 ----A---- C:\Windows\system32\sm56co6a.dll
2009-11-01 06:55:35 ----A---- C:\Windows\Uninstvga.bat
2009-11-01 06:55:35 ----A---- C:\Windows\Uninstsxga.bat
2009-11-01 06:55:35 ----A---- C:\Windows\DrvInst.exe
2009-11-01 06:55:21 ----D---- C:\Program Files\P4P
2009-11-01 06:54:43 ----D---- C:\ProgramData\P4G
2009-11-01 06:54:43 ----D---- C:\Program Files\Power4Gear eXtreme
2009-11-01 06:54:43 ----D---- C:\Program Files\P4G
2009-11-01 06:52:16 ----A---- C:\Windows\system32\TPESetting.dll
2009-11-01 06:52:16 ----A---- C:\Windows\system32\ASUSTPE.exe
2009-11-01 06:49:29 ----D---- C:\Program Files\ATKGFNEX
2009-11-01 06:48:18 ----D---- C:\Program Files\Synaptics
2009-11-01 06:42:10 ----D---- C:\Windows\Options
2009-11-01 06:42:10 ----D---- C:\Program Files\Atheros
2009-11-01 06:41:51 ----D---- C:\ProgramData\Atheros
2009-11-01 06:41:16 ----D---- C:\Program Files\Motorola
2009-11-01 06:37:14 ----D---- C:\Program Files\Wireless Console 2
2009-11-01 06:32:59 ----A---- C:\Windows\RTKAUDIOSERVICE.EXE
2009-11-01 06:32:26 ----D---- C:\Windows\system32\RTCOM
2009-11-01 06:31:47 ----A---- C:\Windows\DIFxAPI.dll
2009-11-01 06:31:45 ----A---- C:\Windows\system32\SRSWOW.dll
2009-11-01 06:31:45 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-11-01 06:31:45 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-11-01 06:31:45 ----A---- C:\Windows\system32\SRSHP360.dll
2009-11-01 06:31:45 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-11-01 06:31:45 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-11-01 06:31:45 ----A---- C:\Windows\SkyTel.exe
2009-11-01 06:31:45 ----A---- C:\Windows\RtlUpd.exe
2009-11-01 06:31:44 ----D---- C:\Program Files\Realtek
2009-11-01 06:31:44 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-11-01 06:31:44 ----A---- C:\Windows\system32\RtkAPO.dll
2009-11-01 06:31:44 ----A---- C:\Windows\system32\maxxaudioapo.dll
2009-11-01 06:31:44 ----A---- C:\Windows\RtlExUpd.dll
2009-11-01 06:31:44 ----A---- C:\Windows\RtHDVCpl.exe
2009-11-01 06:31:44 ----A---- C:\Windows\HideWin.exe
2009-11-01 06:31:41 ----D---- C:\Program Files\Common Files\InstallShield
2009-11-01 06:23:19 ----D---- C:\Program Files\Norton Internet Security
2009-11-01 06:21:26 ----A---- C:\Windows\system32\capicom.dll
2009-11-01 06:21:24 ----D---- C:\Program Files\Symantec
2009-11-01 06:21:21 ----D---- C:\ProgramData\Symantec
2009-11-01 06:21:07 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-11-01 06:20:37 ----D---- C:\Program Files\ATKOSD2
2009-11-01 06:20:03 ----D---- C:\Program Files\ATK Hotkey
2009-11-01 06:20:02 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-01 06:15:10 ----D---- C:\ProgramData\ATI
2009-11-01 06:13:59 ----D---- C:\Program Files\ASUS
2009-11-01 06:10:11 ----D---- C:\Program Files\ATI Technologies
2009-11-01 06:09:24 ----D---- C:\Program Files\ATI
2009-11-01 06:09:21 ----SHD---- C:\Windows\Installer
2009-11-01 06:04:14 ----D---- C:\Windows\SoftwareDistribution
2009-11-01 05:59:48 ----SHD---- C:\System Volume Information
2009-11-01 00:03:26 ----SHD---- C:\Config.Msi
2009-10-31 23:31:14 ----D---- C:\Users\bruno\AppData\Roaming\ATI
2009-10-31 23:30:59 ----D---- C:\Users\bruno\AppData\Roaming\Adobe
2009-10-31 23:30:51 ----D---- C:\Users\bruno\AppData\Roaming\Macromedia
2009-10-31 23:29:40 ----D---- C:\Users\bruno\AppData\Roaming\Identities
2009-10-31 23:27:59 ----SD---- C:\Users\bruno\AppData\Roaming\Microsoft
2009-10-31 23:27:59 ----D---- C:\Users\bruno\AppData\Roaming\Media Center Programs
======List of files/folders modified in the last 1 months======
2009-11-03 21:24:37 ----D---- C:\Windows\Temp
2009-11-03 21:24:36 ----D---- C:\Windows\Prefetch
2009-11-03 21:24:34 ----RD---- C:\Program Files
2009-11-03 19:36:59 ----D---- C:\Windows\System32
2009-11-03 19:36:59 ----D---- C:\Windows\inf
2009-11-03 19:36:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-03 18:58:53 ----D---- C:\Windows
2009-11-03 18:56:24 ----D---- C:\Windows\system32\drivers
2009-11-03 18:56:22 ----HD---- C:\ProgramData
2009-11-03 01:33:09 ----D---- C:\Windows\system32\WDI
2009-11-02 18:43:39 ----D---- C:\Windows\system32\LogFiles
2009-11-02 18:43:39 ----D---- C:\Windows\Debug
2009-11-02 13:53:07 ----D---- C:\Windows\winsxs
2009-11-02 04:04:24 ----D---- C:\Windows\rescache
2009-11-02 01:58:56 ----D---- C:\Windows\system32\catroot
2009-11-02 01:58:55 ----D---- C:\Windows\system32\catroot2
2009-11-02 01:53:14 ----D---- C:\Windows\system32\nl-NL
2009-11-02 01:52:33 ----D---- C:\Windows\system32\it-IT
2009-11-02 01:52:03 ----D---- C:\Windows\system32\en-US
2009-11-02 01:32:42 ----D---- C:\Windows\system32\de-DE
2009-11-01 23:48:44 ----SD---- C:\Windows\Downloaded Program Files
2009-11-01 07:10:55 ----D---- C:\Windows\system32\sysprep
2009-11-01 07:10:55 ----D---- C:\Windows\Panther
2009-11-01 06:55:24 ----D---- C:\Windows\ModemLogs
2009-11-01 06:35:20 ----D---- C:\Windows\system
2009-11-01 06:24:01 ----RSD---- C:\Windows\assembly
2009-11-01 06:09:30 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-01 06:06:16 ----D---- C:\Windows\system32\restore
2009-11-01 02:34:37 ----D---- C:\Windows\Logs
2009-11-01 00:02:41 ----D---- C:\Program Files\Common Files
2009-10-31 23:56:28 ----SD---- C:\ProgramData\Microsoft
2009-10-31 23:55:15 ----D---- C:\Windows\Tasks
2009-10-31 23:55:15 ----D---- C:\Windows\system32\Tasks
2009-10-31 23:30:49 ----SHD---- C:$Recycle.Bin
2009-10-31 23:27:59 ----RD---- C:\Users
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 eeCtrl;Symantec Eraser Control driver; ??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-10-19 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; ??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20091103.001\IDSvix86.sys [2009-10-20 272432]
R1 SPBBCDrv;SPBBCDrv; ??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2007-04-14 418104]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-08-03 188080]
R2 ASMMAP;ASMMAP; ??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-07-31 743424]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-10-19 102448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-08 2044896]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 NAVENG;NAVENG; ??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091103.007\NAVENG.SYS [2009-10-19 84912]
R3 NAVEX15;NAVEX15; ??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091103.007\NAVEX15.SYS [2009-10-19 1323568]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-11-10 57856]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2007-06-20 47616]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-08-03 12720]
R3 SymEvent;SymEvent; ??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-11-01 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-08-03 145968]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2009-08-03 39856]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-08-03 38448]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-08-03 26416]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mbr;mbr; ??\C:\Users\bruno\AppData\Local\Temp\mbr.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-09 655360]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-05 47712]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-11-01 1251720]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-13 49248]
S3 ISPwdSvc;Symantec IS Password Validation; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2007-01-14 80504]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
-----------------EOF-----------------
d’avance merci