Sujet Précédent Sujet Suivant

ANTIVIRUS PRO

melt66 Messages postés 3 Statut Membre -
verni29 Messages postés 6805 Statut Contributeur sécurité - 9 avr. 2009 à 20:53

Bonjour à tous, gros problème!!!!!!!
J'ai contracté un virus qui s'appel "antivirus pro" besoins d'aide.
J'ai lu sur le forum qu'il fallait effectuer une analyse sur RSIT et de retourner le résultat sur le forum.
Merci d'avance pour la réponse.

Logfile of random's system information tool 1.06 (written by random/random)
Run by declick at 2009-04-09 20:02:19
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 40 GB (-9223372036854775807%) free of 78 GB
Total RAM: 1279 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:02:49, on 09/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\frmwrk32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SFR\Media Center\MediaCenter.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\system32\ntdll64.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\Program Files\SFR\Media Center\httpd\httpd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spider.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\declick\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\declick.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.files-ftp.com/~unicorni/phpBB2/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\twext.exe,C:\WINDOWS\system32\twex.exe,
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {37F31EE0-BD2A-4059-9BCB-2C3FFD2008D5} - C:\WINDOWS\system32\khfGXqro.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {9451ca31-ec50-3ae9-9584-fb21113c3c45} - {54c3c311-12bf-4859-9ea3-05ce13ac1549} - C:\WINDOWS\system32\ujxmdn.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\xxyaywTN.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
O4 - HKLM\..\Run: [5c07de27] rundll32.exe "C:\WINDOWS\system32\qaogyevd.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\docume~1\declick\locals~1\temp\ntdll64.dll
O10 - Unknown file in Winsock LSP: c:\docume~1\declick\locals~1\temp\ntdll64.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.6.0_02) -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O20 - Winlogon Notify: xxyaywTN - C:\WINDOWS\SYSTEM32\xxyaywTN.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 11075 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AEDF72F99184E315.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\yrogqhah.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-12-22 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37F31EE0-BD2A-4059-9BCB-2C3FFD2008D5}]
C:\WINDOWS\system32\khfGXqro.dll [2009-04-04 237568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54c3c311-12bf-4859-9ea3-05ce13ac1549}]
C:\WINDOWS\system32\ujxmdn.dll [2009-04-09 98816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
C:\WINDOWS\system32\xxyaywTN.dll [2009-04-04 39936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-03-03 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-04 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-03 522224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2007-12-21 579072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe [2005-06-23 57344]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-12-22 185872]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Framework Windows"=C:\WINDOWS\system32\frmwrk32.exe [2009-04-06 29696]
"5c07de27"=C:\WINDOWS\system32\qaogyevd.dll [2009-04-09 74240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-08-26 860160]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-02-10 1937408]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"Uniblue RegistryBooster 2009"=C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-14 68856]
"Neuf Media Center"=C:\Program Files\SFR\Media Center\MediaCenter.exe [2008-10-10 726336]
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Norton Ghost"=2

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe

C:\Documents and Settings\declick\Menu Démarrer\Programmes\Démarrage
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 312112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyaywTN]
C:\WINDOWS\system32\xxyaywTN.dll [2009-04-04 39936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=C:\WINDOWS\system32\xxyaywTN.dll [2009-04-04 39936]
"{3df55fa3-8f5e-47c9-990f-01bde5346f5b}"=C:\WINDOWS\system32\ujxmdn.dll [2009-04-09 98816]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\khfGXqro

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Program Files\MSN Messenger\msnmsgr.exe"="D:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\eMule\Incoming\[PC.GAME].Star.Wars.Jedi.Knight.2.-.Jedi.Outcast\GameData\GameData\jk2mp.exe"="C:\Program Files\eMule\Incoming\[PC.GAME].Star.Wars.Jedi.Knight.2.-.Jedi.Outcast\GameData\GameData\jk2mp.exe:*:Disabled:jk2mp"
"C:\Program Files\Lemoncast\lemoncast.exe"="C:\Program Files\Lemoncast\lemoncast.exe:*:Enabled:OneClick"
"C:\Program Files\LucasArts\SWKotOR2\swupdate.exe"="C:\Program Files\LucasArts\SWKotOR2\swupdate.exe:*:Enabled:Star Wars: Knights of the Old Republic II: The Sith Lords Update Program"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\jeux\Warcraft III\Warcraft III.exe"="D:\jeux\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\jeux\Warcraft III\War3.exe"="D:\jeux\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\TrackMania United\TmUnited.exe"="C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\NETGEAR\WG111v2\WG111v2.exe"="C:\Program Files\NETGEAR\WG111v2\WG111v2.exe:*:Enabled:NETGEAR WG111v2 Smart Wizard"
"C:\Program Files\SFR\Media Center\httpd\httpd.exe"="C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\Install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f99f8bc2-7023-11da-8d45-806d6172696f}]
shell\AutoRun\command - D:\NCDStart.EXE

======File associations======

.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*

======List of files/folders created in the last 1 months======

2009-04-09 20:02:21 ----D---- C:\Program Files\trend micro
2009-04-09 19:56:29 ----SH---- C:\WINDOWS\system32\dveygoaq.ini
2009-04-09 19:56:28 ----A---- C:\WINDOWS\system32\qaogyevd.dll
2009-04-09 19:54:39 ----A---- C:\WINDOWS\system32\jmqxavwk.exe
2009-04-09 19:54:35 ----A---- C:\WINDOWS\system32\yjtxthxi.dll
2009-04-09 19:54:35 ----A---- C:\WINDOWS\system32\ujxmdn.dll
2009-04-07 21:21:03 ----HD---- C:\WINDOWS\PIF
2009-04-07 20:30:09 ----A---- C:\WINDOWS\ntbtlog.txt
2009-04-07 19:51:33 ----SH---- C:\WINDOWS\system32\oddorepr.ini
2009-04-07 19:51:32 ----N---- C:\WINDOWS\system32\rperoddo.dll
2009-04-07 19:51:30 ----A---- C:\WINDOWS\system32\njdmns.dll
2009-04-07 19:51:29 ----A---- C:\WINDOWS\system32\jputvshj.dll
2009-04-06 23:21:32 ----D---- C:\rsit
2009-04-06 22:28:47 ----A---- C:\TB.txt
2009-04-06 22:27:29 ----D---- C:\ToolBar SD
2009-04-06 22:07:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-06 20:17:59 ----A---- C:\WINDOWS\system32\crmoea.dll
2009-04-06 20:17:58 ----A---- C:\WINDOWS\system32\dgmpemot.dll
2009-04-06 20:17:53 ----SH---- C:\WINDOWS\system32\pudxkixp.ini
2009-04-06 02:24:03 ----A---- C:\WINDOWS\system32\ntdll64.exe
2009-04-06 01:53:29 ----A---- C:\WINDOWS\system32\frmwrk32.exe
2009-04-06 01:50:11 ----SH---- C:\WINDOWS\system32\wisjjami.ini
2009-04-06 01:47:11 ----A---- C:\WINDOWS\system32\ufoyxs.dll
2009-04-06 01:47:11 ----A---- C:\WINDOWS\system32\cumqukfl.dll
2009-04-05 13:50:11 ----A---- C:\WINDOWS\system32\mstxxcvd.dll
2009-04-05 13:50:11 ----A---- C:\WINDOWS\system32\gauelp.dll
2009-04-05 13:47:11 ----SH---- C:\WINDOWS\system32\gimvdfji.ini
2009-04-04 13:47:03 ----A---- C:\WINDOWS\system32\vdswcl.dll
2009-04-04 13:47:02 ----A---- C:\WINDOWS\system32\hjdargim.dll
2009-04-04 13:44:39 ----SH---- C:\WINDOWS\system32\ainklluq.ini
2009-04-04 13:44:23 ----A---- C:\WINDOWS\system32\57241a59-.txt
2009-04-04 13:44:02 ----ASH---- C:\WINDOWS\system32\orqXGfhk.ini2
2009-04-04 13:44:02 ----ASH---- C:\WINDOWS\system32\orqXGfhk.ini
2009-04-04 13:43:58 ----A---- C:\WINDOWS\system32\khfGXqro.dll
2009-04-04 13:39:40 ----A---- C:\WINDOWS\system32\pmnljKee.dll
2009-04-04 13:38:54 ----A---- C:\WINDOWS\system32\ddcBQJAp.dll
2009-04-04 13:38:52 ----A---- C:\WINDOWS\system32\xxyaywTN.dll
2009-04-02 22:14:17 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-03-31 13:42:48 ----RHD---- C:\Documents and Settings\declick\Application Data\SecuROM
2009-03-31 13:41:35 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-03-31 13:41:35 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-03-31 13:41:35 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-03-31 13:41:35 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-03-31 13:41:34 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-03-31 13:41:34 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-03-31 13:41:33 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-03-31 13:41:32 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-03-31 13:41:32 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-03-31 13:41:31 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-03-31 13:41:29 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-03-31 13:41:28 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-03-31 13:41:28 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-03-31 13:41:27 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-03-31 13:41:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-03-31 13:41:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-03-31 13:41:25 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-03-31 13:41:25 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-03-31 13:41:24 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-03-31 13:41:24 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-03-31 13:41:23 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-03-31 13:41:23 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-03-31 13:41:22 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-03-31 13:41:21 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-03-31 13:41:20 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-03-31 13:41:20 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-03-31 13:41:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-03-31 13:41:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-03-31 13:41:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-03-31 13:41:16 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-03-31 13:41:16 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-03-31 13:41:16 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-03-31 13:41:16 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-03-31 13:41:15 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-03-31 13:41:15 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-03-31 13:40:47 ----D---- C:\WINDOWS\Logs
2009-03-31 13:40:41 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-03-31 13:40:05 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-31 13:39:18 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-03-31 13:39:18 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-03-31 13:39:16 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-03-31 13:39:13 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-03-31 13:39:10 ----D---- C:\WINDOWS\system32\xlive
2009-03-31 13:39:09 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2009-03-31 12:56:15 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-03-31 12:55:59 ----D---- C:\WINDOWS\system32\fr-FR
2009-03-31 12:54:15 ----D---- C:\Program Files\MSBuild
2009-03-31 12:50:19 ----D---- C:\WINDOWS\system32\XPSViewer
2009-03-31 12:50:17 ----D---- C:\WINDOWS\system32\en-us
2009-03-31 12:49:33 ----D---- C:\Program Files\Reference Assemblies
2009-03-31 12:48:54 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-03-30 22:23:42 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-03-30 21:48:59 ----D---- C:\Program Files\7-Zip
2009-03-30 21:39:18 ----A---- C:\Documents and Settings\declick\Application Data\QuickZip45.ini
2009-03-30 21:38:38 ----D---- C:\Program Files\QuickZip4
2009-03-24 22:41:07 ----D---- C:\Documents and Settings\declick\Application Data\SEGA
2009-03-17 23:10:27 ----A---- C:\WINDOWS\Multimedia manager.INI

======List of files/folders modified in the last 1 months======

2009-04-09 20:02:21 ----RD---- C:\Program Files
2009-04-09 20:00:13 ----D---- C:\WINDOWS\Temp
2009-04-09 20:00:04 ----D---- C:\WINDOWS\system32
2009-04-09 19:53:02 ----D---- C:\Documents and Settings\declick\Application Data\AVG7
2009-04-09 19:52:34 ----A---- C:\WINDOWS\RTacDbg.txt
2009-04-09 19:52:16 ----D---- C:\WINDOWS
2009-04-07 21:41:53 ----A---- C:\WINDOWS\NeroDigital.ini
2009-04-07 21:21:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-06 22:47:36 ----D---- C:\WINDOWS\Prefetch
2009-04-06 12:39:45 ----D---- C:\Program Files\AVPersonal
2009-04-06 01:53:39 ----A---- C:\WINDOWS\system32\userinit.exe
2009-04-06 01:53:21 ----D---- C:\WINDOWS\system32\drivers
2009-04-06 00:52:23 ----D---- C:\Program Files\eMule
2009-04-05 16:11:29 ----D---- C:\Program Files\Rockstar Games
2009-04-05 16:09:39 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-04 13:38:56 ----SD---- C:\WINDOWS\Tasks
2009-04-02 22:15:47 ----SHD---- C:\WINDOWS\Installer
2009-04-02 22:15:26 ----HD---- C:\Config.Msi
2009-04-02 22:15:22 ----D---- C:\WINDOWS\system32\DirectX
2009-04-02 22:15:19 ----HD---- C:\WINDOWS\inf
2009-04-02 22:15:04 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-02 22:14:48 ----RSD---- C:\WINDOWS\assembly
2009-04-02 19:45:49 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-02 19:40:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-02 19:40:56 ----D---- C:\WINDOWS\AppPatch
2009-03-31 13:41:55 ----D---- C:\WINDOWS\WinSxS
2009-03-31 13:41:55 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-03-31 13:40:15 ----D---- C:\Program Files\Windows Media Player
2009-03-31 13:19:56 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-31 12:50:14 ----RSD---- C:\WINDOWS\Fonts
2009-03-31 12:49:01 ----D---- C:\WINDOWS\system32\spool
2009-03-15 20:26:26 ----D---- C:\Documents and Settings\declick\Application Data\BSplayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38912]
R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2007-10-26 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-08-30 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-08-30 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2007-12-21 10760]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-16 21035]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-05-21 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-05-21 18048]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-04-08 116176]
R3 avgntdw;avgntdw; \??\C:\Program Files\AVPersonal\AVGNTDW.SYS []
R3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 fhlppppoe;PPPOE/ADSL miniport; C:\WINDOWS\system32\DRIVERS\fhlpppoe.sys [2004-06-04 49200]
R3 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2005-02-02 14408]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-24 5888]
R3 SaiH5F0D;SaiH5F0D; C:\WINDOWS\system32\DRIVERS\SaiH5F0D.sys [2005-11-14 176640]
R3 SaiU5F0D;SaiU5F0D; C:\WINDOWS\system32\DRIVERS\SaiU5F0D.sys [2005-11-14 27264]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-27 381056]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-06-07 266880]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys []
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-04 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-07-23 42496]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-14 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-12-14 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-14 21744]
S3 jbridgep;jbridgep; \??\C:\DOCUME~1\declick\LOCALS~1\Temp\jbridgep.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-21 235100]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2005-08-09 7278]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2005-08-09 10991]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2005-08-09 128797]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2005-08-09 10991]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 167808]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-04 587096]
R2 AntiVirService;AntiVir Service; C:\Program Files\AVPersonal\AVGUARD.EXE [2005-11-03 208424]
R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2007-10-26 418816]
R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-08-30 49664]
R2 AVWUpSrv;AntiVir Update; C:\Program Files\AVPersonal\AVWUPSRV.EXE [2005-10-13 45096]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 Boonty Games;Boonty Games; C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2007-04-28 69120]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-04 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2005-10-18 323584]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Configuration: Windows XP
Internet Explorer 6.0

Afficher la suite

A voir également:

ANTIVIRUS PRO
Clé windows 10 pro - Guide
Realme 14 pro vs realme 14 pro plus - Guide
Cool edit pro - Télécharger - Édition & Montage
Apple iphone 17 pro max - Guide
Comodo antivirus - Télécharger - Sécurité

3 réponses

Réponse 1 / 3

verni29 Messages postés 6805 Statut Contributeur sécurité 180

Bonjour,

Tu télécharges MalwareBytes.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l'installes. Choisis les options par défaut.
A la fin de l’installation, il te sera demandé de mettre à jour MalwareBytes et de l’éxecuter .
Accepte. Après la, mise à jour, le logiciel va s’ouvrir.

Dans l’onglet Recherche, sélectionne Exécuter un examen complet.
Clique sur recherche. Tu ne sélectionnes que les disques durs de l’ordinateur.
Clique sur lancer l’examen.

A la fin de la recherche, comme il est demandé, clique sur afficher les résultats.
Si des infections sont trouvées, clique sur Supprimer la sélection.
Tu postes le rapport dans ton prochain message.

Si tu ne retrouves pas le rapport, ouvre MalwareBytes et regarde dans l’onglet Rapport/logs. Il y est. Clique dessus et choisir ouvrir.

A+

melt66 Messages postés 3 Statut Membre

Merci d 'avoir répondu, mais impossible d'ouvrir MALWAREBYTES. Comment puis-je faire autrement?

Réponse 2 / 3

melt66 Messages postés 3 Statut Membre

Merci d'avoir répondu, mais impossible d ouvrir MALWAREBYTES. Comment puis-je faire autrement?

Réponse 3 / 3

verni29 Messages postés 6805 Statut Contributeur sécurité 180

Tu vas télécharger ComBoFix et enregistre le sur ton bureau ( important pour la suite )
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Désactive les protections résidentes de ton ordinateur ( antivirus, antispyware et parefeu )
Branche tes différents supports amovibles ( clés USB, disque dur externe ) sans les ouvrir.

Lance Combofix.exe et suis les invites.
Il te sera demandé d’installer la console de récupération.
Important. Fais le absolument.

Il est possible que ComBoFix redémarre l’ordinateur pour supprimer certains fichiers.

Une fois le scan fini, un rapport va apparaitre.
Copie/colle ce rapport dans ta prochaine réponse.
Si tu ne le trouves pas, il est à C:\ComboFix.txt.

A+

Discussions similaires

Google Chrome " Échec de l'analyse antivirus "

Discussions similaires

Newsletters