PC qui ne démarre qu'en mode sans echec - Win NT/2K/XP - Windows & Software
MarshPosté le 12-08-2010 à 14:09:50
Bonjour, mon voisin me refile son pc a diagnostiquer, il ne démarre qu'en mode sans echec.
sans avoir rien installé ni ajouté de composants.
j'ai fait un scan hijackthis et voici ce qu'il en ressort. si vous avez une idée de ce qui pourrait faire planer xp ?
Citation :
Logfile of random's system information tool 1.08 (written by random/random) Run by Utilisateur at 2010-08-11 10:01:54 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 117 GB (77%) free of 153 GB Total RAM: 1406 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:01:56, on 11/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
Marsh Posté le 12-08-2010 à 14:09:50
Bonjour,
mon voisin me refile son pc a diagnostiquer, il ne démarre qu'en mode sans echec.
sans avoir rien installé ni ajouté de composants.
j'ai fait un scan hijackthis et voici ce qu'il en ressort.
si vous avez une idée de ce qui pourrait faire planer xp ?
Logfile of random's system information tool 1.08 (written by random/random)
Run by Utilisateur at 2010-08-11 10:01:54
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 117 GB (77%) free of 153 GB
Total RAM: 1406 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:56, on 11/08/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Utilisateur\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Utilisateur.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.muuler.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: (no name) - {0DA2B5D3-1473-4A25-83FF-C36493BBAD5a} - C:\WINDOWS\system32\duser32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: (no name) - {C3DA76DA-A0D9-4D81-8893-8724EFBEC1B6} - c:\windows\system32\doltixn.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] -
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKLM\..\Policies\Explorer\Run: [RTHDBPL] C:\Documents and Settings\Utilisateur\Application Data\SystemProc\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 0025828750
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 0028879015
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 8390 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0DA2B5D3-1473-4A25-83FF-C36493BBAD5a}]
C:\WINDOWS\system32\duser32.dll [2010-07-01 283648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL [2010-04-22 57344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-05 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3DA76DA-A0D9-4D81-8893-8724EFBEC1B6}]
c:\windows\system32\doltixn.dll [2008-04-14 101376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-03-28 1196936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-06 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-06 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2010-04-22 245760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-03-28 1196936]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2010-04-22 245760]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor"=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-17 339968]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-03-17 32768]
"VX1000"=C:\WINDOWS\vVX1000.exe [2009-06-26 757248]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-01-11 246504]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=- []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"RTHDBPL"=C:\Documents and Settings\Utilisateur\Application Data\SystemProc\lsass.exe [2010-05-10 107520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-25 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
ATI CATALYST System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-14 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
======List of files/folders created in the last 3 months======
2010-08-11 09:54:20 ----D---- C:\Program Files\trend micro
2010-08-11 09:54:19 ----D---- C:\rsit
2010-07-22 10:01:35 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-21 09:47:11 ----D---- C:\Documents and Settings\Utilisateur\Application Data\261461E56F4D0C053B9FFCA5C806FB54
2010-07-20 08:55:22 ----D---- C:\WINDOWS\Sun
2010-07-15 11:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-01 12:39:55 ----A---- C:\WINDOWS\system32\duser32.dll
2010-07-01 12:39:54 ----A---- C:\WINDOWS\system32\clbcatq32.dll
2010-06-23 22:41:53 ----SHD---- C:\Config.Msi
2010-06-21 10:50:37 ----AH---- C:\WINDOWS\fonts\zkjmjadmby.tmp
2010-06-20 18:47:25 ----D---- C:\WINDOWS\Minidump
2010-06-11 16:13:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-11 16:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-11 16:12:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-11 16:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-11 16:07:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-11 16:07:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-05-25 21:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-22 20:26:20 ----A---- C:\WINDOWS\system32\kbdkor.dll
2010-05-22 20:26:20 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2010-05-22 20:26:20 ----A---- C:\WINDOWS\system32\kbd103.dll
2010-05-22 20:26:20 ----A---- C:\WINDOWS\system32\kbd101c.dll
2010-05-22 20:26:15 ----A---- C:\WINDOWS\system32\kbd101b.dll
2010-05-22 20:26:13 ----A---- C:\WINDOWS\system32\kbd106.dll
2010-05-17 20:09:05 ----A---- C:\WINDOWS\system32\cdm3232.dll
2010-05-17 18:09:12 ----A---- C:\WINDOWS\system32\cmdial3232.dll
2010-05-17 16:08:41 ----A---- C:\WINDOWS\system32\dfrgui32.dll
2010-05-17 15:08:56 ----A---- C:\WINDOWS\system32\docprop32.dll
2010-05-17 14:08:58 ----A---- C:\WINDOWS\system32\dot3gpclnt32.dll
2010-05-16 21:00:34 ----A---- C:\WINDOWS\system32\cscdll32.dll
2010-05-14 17:45:15 ----A---- C:\WINDOWS\system32\dmserver32.dll
2010-05-14 16:45:14 ----A---- C:\WINDOWS\system32\dmocx32.dll
2010-05-14 15:45:13 ----A---- C:\WINDOWS\system32\dmintf32.dll
2010-05-14 14:45:17 ----A---- C:\WINDOWS\system32\dnsrslvr3232.dll
2010-05-14 13:45:10 ----A---- C:\WINDOWS\system32\diskcopy3232.dll
2010-05-14 12:45:06 ----A---- C:\WINDOWS\system32\dhcpqec32.dll
2010-05-14 11:45:17 ----A---- C:\WINDOWS\system32\docprop232.dll
2010-05-14 11:11:05 ----A---- C:\WINDOWS\system32\certcli3232.dll
2010-05-14 10:11:04 ----A---- C:\WINDOWS\system32\cdosys3232.dll
2010-05-13 20:24:57 ----A---- C:\WINDOWS\system32\dssenh32.dll
2010-05-13 19:24:55 ----A---- C:\WINDOWS\system32\dsprop32.dll
2010-05-13 18:25:13 ----A---- C:\WINDOWS\system32\d3dpmesh32.dll
2010-05-13 16:24:53 ----A---- C:\WINDOWS\system32\dskquoui3232.dll
2010-05-13 14:24:49 ----A---- C:\WINDOWS\system32\drmstor32.dll
2010-05-13 13:24:47 ----A---- C:\WINDOWS\system32\dpvvox32.dll
2010-05-13 12:24:46 ----A---- C:\WINDOWS\system32\dpvacm32.dll
2010-05-13 11:24:43 ----A---- C:\WINDOWS\system32\dpnet32.dll
2010-05-13 10:25:00 ----A---- C:\WINDOWS\system32\compatUI32.dll
2010-05-12 19:21:48 ----A---- C:\WINDOWS\system32\dpserial32.dll
2010-05-12 18:21:43 ----A---- C:\WINDOWS\system32\dot3ui32.dll
2010-05-12 17:21:42 ----A---- C:\WINDOWS\system32\dot3msm3232.dll
2010-05-12 16:21:37 ----A---- C:\WINDOWS\system32\dmsynth32.dll
2010-05-12 15:22:24 ----A---- C:\WINDOWS\system32\devenum3232.dll
2010-05-12 15:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-12 14:41:11 ----A---- C:\WINDOWS\system32\dinput32.dll
2010-05-12 14:15:51 ----A---- C:\WINDOWS\system32\dpnlobby32.dll
2010-05-12 12:35:08 ----A---- C:\WINDOWS\system32\ddraw32.dll
2010-05-12 11:35:05 ----A---- C:\WINDOWS\system32\davclnt32.dll
2010-05-12 10:35:04 ----A---- C:\WINDOWS\system32\danim32.dll
2010-05-12 09:35:01 ----A---- C:\WINDOWS\system32\d3d932.dll
2010-05-12 08:35:00 ----A---- C:\WINDOWS\system32\cVX100032.dll
======List of files/folders modified in the last 3 months======
2010-08-11 09:54:20 ----RD---- C:\Program Files
2010-08-10 11:47:20 ----D---- C:\WINDOWS
2010-07-24 20:35:43 ----D---- C:\Documents and Settings\Utilisateur\Application Data\LimeWire
2010-07-24 20:29:51 ----D---- C:\WINDOWS\system32
2010-07-24 10:03:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-24 09:48:27 ----D---- C:\WINDOWS\Network Diagnostic
2010-07-22 10:56:20 ----D---- C:\WINDOWS\Temp
2010-07-22 10:56:02 ----D---- C:\WINDOWS\system32\drivers
2010-07-22 10:20:45 ----SHD---- C:\System Volume Information
2010-07-22 10:20:45 ----D---- C:\WINDOWS\system32\Restore
2010-07-22 10:06:53 ----D---- C:\Documents and Settings
2010-07-21 21:59:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-21 15:12:46 ----D---- C:\WINDOWS\Prefetch
2010-07-21 09:27:06 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-15 11:11:54 ----HD---- C:\WINDOWS\inf
2010-07-15 11:11:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-15 11:11:34 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-14 21:48:22 ----SHD---- C:\WINDOWS\Installer
2010-07-06 14:14:08 ----SD---- C:\Documents and Settings\Utilisateur\Application Data\Microsoft
2010-07-06 11:12:04 ----SHD---- C:\Documents and Settings\Utilisateur\Application Data\SystemProc
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-24 15:25:26 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-24 15:25:23 ----RSD---- C:\WINDOWS\assembly
2010-06-23 22:45:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-23 22:44:33 ----D---- C:\WINDOWS\WinSxS
2010-06-21 10:50:37 ----RSD---- C:\WINDOWS\Fonts
2010-06-11 16:13:52 ----A---- C:\WINDOWS\imsins.BAK
2010-06-11 16:12:24 ----D---- C:\Program Files\Internet Explorer
2010-06-11 16:12:14 ----D---- C:\WINDOWS\ie8updates
2010-05-27 09:14:36 ----A---- C:\WINDOWS\GnuHashes.ini
2010-05-27 09:07:25 ----SHD---- C:\WINDOWS\system32\SysWoW32
2010-05-27 09:07:25 ----D---- C:\WINDOWS\system32\1649709497
2010-05-26 10:14:23 ----D---- C:\WINDOWS\system32\drivers\NAV
2010-05-12 15:08:17 ----D---- C:\Program Files\Outlook Express
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 kxewkzrh;kxewkzrh; C:\WINDOWS\system32\drivers\kxewkzrh.sys [2008-04-14 23424]
R0 ohci1394;Contrôleur hôte compatible IEE 1394 VIA OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS [2009-08-30 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS [2010-04-22 173104]
R3 rtl8029;Pilote NT de carte Realtek PCI Ethernet à base RTL8029(AS); C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-03-31 691696]
S1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys [2010-02-26 501888]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
S1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS [2010-04-22 325680]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS [2010-04-22 43696]
S1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS [2010-04-29 116784]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-25 1149888]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-29 3644928]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-14 1032192]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100720.001\IDSxpx86.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100721.002\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100721.002\NAVEX15.SYS []
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2009-06-26 1956096]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 SYMTDI;Symantec Network Dispatch Driver; - []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-14 352256]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-03-17 516096]
S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-25 135664]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-06 153376]
S2 kxsumazt;AGP Bus p821d Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-25 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------