Virus ???
tarduff
-
olivier114 Messages postés 1674 Statut Membre -
olivier114 Messages postés 1674 Statut Membre -
Bonjour,
ça fait un moment que mon pc rame, et c'est rien de le dire
analyse AV, defrag, ad aware, malwyrebite.... rien n'y fait
de plus, un probleme majeur: le petit bouclier des mise a jour WINDOWS apparait mais reste sur 0%, je ne peut pas installer WINDOWS live (derniere version), ni skype car il semble y avoir un souci avec la connection au serveur. l'accès aux sites antivirus est des plus difficile avec l'affichage de pages vides. de meme, le site windows update ne parvient pas a analyser mon pc et peut tenter de le faire pendant une nuit sans resultat ni message d'erreur
ma config: P4, xp pack 3, kaspersky 8
je viens de faire un scan avec RSIT comme conseillé sur ce site et voici les 2 rapports reçus:
j'espere vraiment que vous pourrez m'aider car j'en ai vraiment plein les c....... de ce probleme de pc
merci d'avance
info.txt logfile of random's system information tool 1.06 2009-07-06 00:43:00
======Uninstall list======
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
802.11b USB Wireless LAN Adapter-->C:\WINDOWS\system32\unwlsdrv.exe SiS162u
Ad-Aware SE Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Asus ChkMail-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"
ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
ASUS Hotkey-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\ASUS Hotkey\DeIsL1.isu" -c"C:\Program Files\ASUS\ASUS Hotkey\_ISREG32.DLL"
ASUS Live Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Program Files\ASUS\ASUS Live Update\Uninst.dll"
ASUS Probe V2.11-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Probe\Uninst.isu"
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
CanoScan Toolbox 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\setup.exe" -l0x40c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CoreAVC Pro 1.5.0.0-->"C:\Program Files\CoreAVC Pro\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ffdshow [beta 1] [2006-12-11]-->"C:\Program Files\ffdshow\unins000.exe"
FileZilla Client 3.2.4-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Premium-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PerfectDisk-->MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
Power4 Gear V1.10-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\Power4 Gear\Uninst.isu"
PowerDVD Ultra-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x00040c /z-uninstall
ProtectDisc Helper Driver-->C:\Program Files\ProtectDisc Driver Installer\uninstall.exe
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_18161043\HXFSETUP.EXE -U -IVEN_1039&DEV_7013&SUBSYS_18161043
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB2.0 PC Camera (SN9C201&202)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\Setup.exe" -l0x9
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.5-freehd-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WINFLASH V2.15-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\WINFLASH\Uninst.isu"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Wireless LAN Utility-->"C:\Program Files\Wireless LAN Utility\unWuty.exe" Wireless LAN Utility
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Kaspersky Anti-Virus
======System event log======
Computer Name: MERDE
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.
Record Number: 33197
Source Name: Service Control Manager
Time Written: 20090608201116.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 35
Message: Le service de temps synchronise maintenant l'heure système avec la
source de temps time.windows.com (ntp.m|0x1|82.241.55.79:123->207.46.197.32:123).
Record Number: 33196
Source Name: W32Time
Time Written: 20090608201055.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 33195
Source Name: Service Control Manager
Time Written: 20090608201049.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.
Record Number: 33194
Source Name: Service Control Manager
Time Written: 20090608201048.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.
Record Number: 33193
Source Name: Service Control Manager
Time Written: 20090608201048.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: MERDE
Event Code: 0
Message: PerfectDisk Scheduler started.
Record Number: 5
Source Name: PDAgent
Time Written: 20090620211150.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 0
Message: Service started
Record Number: 4
Source Name: PDEngine
Time Written: 20090620211145.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 3
Source Name: SecurityCenter
Time Written: 20090620211136.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 0
Message:
Record Number: 2
Source Name: RichVideo
Time Written: 20090620211134.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 0
Message: Service started
Record Number: 1
Source Name: PDAgent
Time Written: 20090620211134.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;%PIXIEHOME%\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0209
"SHADERS"=%PIXIEHOME%\shaders
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------
_________________________
Logfile of random's system information tool 1.06 (written by random/random)
Run by sophie & vincent at 2009-07-06 00:42:06
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 17 GB (52%) free of 33 GB
Total RAM: 511 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:42:55, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\MX8HCBYJ\RSIT[1].exe
C:\Program Files\trend micro\sophie & vincent.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.ripp-it.com/down/acces.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\eossukbh.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\eossukbh.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: urqpqom - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe
--
End of file - 7439 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-06-14 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2004-08-26 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-08-26 67584]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-01-19 81920]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-08-05 102400]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-08-05 684032]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-06-24 339968]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-17 91432]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2005-09-09 102400]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2005-08-16 339968]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-06-02 206088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-06-14 198160]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AWMON"=C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe [2005-05-25 517632]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqpqom]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 3 months======
2009-07-06 00:42:05 ----D---- C:\rsit
2009-07-05 21:22:31 ----D---- C:\Program Files\MSN Messenger
2009-07-05 15:59:57 ----A---- C:\WINDOWS\system32\lfgif13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltimg13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltfil13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltefx13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltdis13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
2009-07-02 15:24:15 ----A---- C:\WINDOWS\system32\itngoijf.dll
2009-07-02 15:24:15 ----A---- C:\WINDOWS\system32\eossukbh.dll
2009-07-02 15:24:15 ----A---- C:\WINDOWS\system32\drijeu.dll
2009-06-21 17:31:14 ----D---- C:\Documents and Settings\TEMP\Application Data\Lavasoft
2009-06-21 17:31:00 ----D---- C:\Program Files\Lavasoft
2009-06-20 23:03:11 ----D---- C:\WINDOWS\RegisteredPackages
2009-06-20 01:15:25 ----D---- C:\Program Files\QUAD Utilities
2009-06-20 00:58:51 ----A---- C:\WINDOWS\wininit.ini
2009-06-20 00:07:27 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-06-20 00:07:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-14 22:34:45 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-06-14 22:34:33 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-06-14 22:34:12 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-06-14 22:34:12 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-06-14 22:34:05 ----D---- C:\Program Files\Real
2009-06-14 22:34:04 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-06-14 22:33:58 ----D---- C:\Program Files\Fichiers communs\Real
2009-06-14 22:33:50 ----D---- C:\Documents and Settings\TEMP\Application Data\Real
2009-06-03 12:48:22 ----D---- C:\Documents and Settings\TEMP\Application Data\Help
2009-06-02 19:37:24 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-02 19:37:24 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-02 19:37:24 ----A---- C:\WINDOWS\system32\java.exe
2009-05-22 17:27:49 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-05-22 17:27:28 ----D---- C:\Documents and Settings\TEMP\Application Data\TuneUp Software
2009-05-22 17:25:45 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-05-22 17:25:43 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-05-22 17:25:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-27 21:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-21 23:27:44 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-04-19 23:36:30 ----D---- C:\da23f0b891ab57b13a31f1
2009-04-16 00:05:34 ----D---- C:\Documents and Settings\TEMP\Application Data\vlc
2009-04-15 23:58:15 ----D---- C:\Program Files\adslTV
2009-04-15 23:35:23 ----D---- C:\Program Files\Freeplayer
2009-04-15 22:41:35 ----D---- C:\Program Files\FileZilla FTP Client
======List of files/folders modified in the last 3 months======
2009-07-06 00:42:55 ----D---- C:\Program Files\Trend Micro
2009-07-06 00:42:02 ----D---- C:\WINDOWS\Prefetch
2009-07-06 00:31:11 ----D---- C:\WINDOWS\Temp
2009-07-06 00:29:51 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-07-06 00:13:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-06 00:09:19 ----D---- C:\WINDOWS\system32\drivers
2009-07-05 23:02:08 ----D---- C:\WINDOWS
2009-07-05 21:23:38 ----SHD---- C:\WINDOWS\Installer
2009-07-05 21:23:26 ----D---- C:\WINDOWS\inf
2009-07-05 21:22:35 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-05 21:22:35 ----D---- C:\WINDOWS\WinSxS
2009-07-05 21:22:34 ----D---- C:\WINDOWS\system32
2009-07-05 21:22:31 ----RD---- C:\Program Files
2009-07-05 15:59:51 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-05 15:59:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-05 13:54:10 ----SD---- C:\WINDOWS\Tasks
2009-07-03 10:00:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-24 23:03:02 ----A---- C:\WINDOWS\CSTBox.INI
2009-06-24 23:01:49 ----D---- C:\Documents and Settings\TEMP\Application Data\Canon
2009-06-21 23:31:58 ----D---- C:\WINDOWS\Minidump
2009-06-21 00:10:48 ----A---- C:\WINDOWS\NeroDigital.ini
2009-06-20 23:09:27 ----D---- C:\WINDOWS\security
2009-06-20 23:03:26 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-20 23:03:21 ----D---- C:\Temp
2009-06-20 23:03:20 ----D---- C:\Program Files\Movie Maker
2009-06-14 22:34:45 ----D---- C:\Program Files\Fichiers communs
2009-06-14 22:34:05 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-06-13 14:42:45 ----D---- C:\Documents and Settings\TEMP\Application Data\Microsoft
2009-06-12 23:05:06 ----D---- C:\Documents and Settings\TEMP\Application Data\FileZilla
2009-06-12 20:48:19 ----D---- C:\WINDOWS\system32\Restore
2009-06-11 06:55:23 ----D---- C:\Program Files\eMule
2009-06-02 22:08:22 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-06-02 19:36:51 ----D---- C:\Program Files\Java
2009-06-02 19:34:19 ----D---- C:\Program Files\Mozilla Firefox
2009-06-01 22:38:15 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-01 00:24:31 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-01 00:20:56 ----D---- C:\Program Files\Kaspersky Lab
2009-05-22 19:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-05-22 19:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-05-22 19:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-05-22 19:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-05-22 19:58:12 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-05-22 19:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-05-22 19:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-05-22 19:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-05-22 19:57:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2009-05-22 19:57:37 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2009-05-22 19:57:33 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-05-22 19:57:16 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-05-22 19:39:57 ----D---- C:\WINDOWS\system32\config
2009-05-17 21:49:01 ----D---- C:\WINDOWS\Debug
2009-05-15 22:46:17 ----D---- C:\Program Files\MAGIX
2009-05-15 22:46:15 ----D---- C:\WINDOWS\system32\MAGIX
2009-04-27 21:16:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-19 22:36:41 ----SHD---- C:\System Volume Information
2009-04-17 22:58:04 ----SHD---- C:\RECYCLER
2009-04-14 00:04:24 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-06-02 226832]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 acedrv09;acedrv09; \??\C:\WINDOWS\system32\drivers\acedrv09.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-26 11043]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-08-26 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-26 626977]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-07 747008]
R3 ATKXPDisplayName;ATKXPDisplayName; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2004-08-26 5786]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-08-26 1041536]
R3 HSFHWSIS;HSFHWSIS; C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2004-08-26 192768]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-26 32256]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-08-05 185824]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-08-26 681856]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S2 acehlp09;acehlp09; \??\C:\WINDOWS\system32\drivers\acehlp09.sys []
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 SIS162u;SiS 162 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis162u.sys [2004-08-26 155648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-09-21 8816128]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 SISNPF;SIS Netgroup Packet Filter; C:\WINDOWS\system32\drivers\SISNPF.sys [2004-08-26 74112]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-09-07 385024]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-06-02 206088]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2007-11-06 414984]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-06-27 244904]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [2007-11-06 734472]
S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
ça fait un moment que mon pc rame, et c'est rien de le dire
analyse AV, defrag, ad aware, malwyrebite.... rien n'y fait
de plus, un probleme majeur: le petit bouclier des mise a jour WINDOWS apparait mais reste sur 0%, je ne peut pas installer WINDOWS live (derniere version), ni skype car il semble y avoir un souci avec la connection au serveur. l'accès aux sites antivirus est des plus difficile avec l'affichage de pages vides. de meme, le site windows update ne parvient pas a analyser mon pc et peut tenter de le faire pendant une nuit sans resultat ni message d'erreur
ma config: P4, xp pack 3, kaspersky 8
je viens de faire un scan avec RSIT comme conseillé sur ce site et voici les 2 rapports reçus:
j'espere vraiment que vous pourrez m'aider car j'en ai vraiment plein les c....... de ce probleme de pc
merci d'avance
info.txt logfile of random's system information tool 1.06 2009-07-06 00:43:00
======Uninstall list======
-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
802.11b USB Wireless LAN Adapter-->C:\WINDOWS\system32\unwlsdrv.exe SiS162u
Ad-Aware SE Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Asus ChkMail-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"
ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
ASUS Hotkey-->C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\ASUS Hotkey\DeIsL1.isu" -c"C:\Program Files\ASUS\ASUS Hotkey\_ISREG32.DLL"
ASUS Live Update-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Live Update\Uninst.isu" -c"C:\Program Files\ASUS\ASUS Live Update\Uninst.dll"
ASUS Probe V2.11-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\ASUS Probe\Uninst.isu"
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
CanoScan Toolbox 4.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\setup.exe" -l0x40c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CoreAVC Pro 1.5.0.0-->"C:\Program Files\CoreAVC Pro\unins000.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
ffdshow [beta 1] [2006-12-11]-->"C:\Program Files\ffdshow\unins000.exe"
FileZilla Client 3.2.4-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Lame ACM MP3 Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf
Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Premium-->MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PerfectDisk-->MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
Power4 Gear V1.10-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\Power4 Gear\Uninst.isu"
PowerDVD Ultra-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x00040c /z-uninstall
ProtectDisc Helper Driver-->C:\Program Files\ProtectDisc Driver Installer\uninstall.exe
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_18161043\HXFSETUP.EXE -U -IVEN_1039&DEV_7013&SUBSYS_18161043
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB2.0 PC Camera (SN9C201&202)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\Setup.exe" -l0x9
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.5-freehd-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WINFLASH V2.15-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\WINFLASH\Uninst.isu"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Wireless LAN Utility-->"C:\Program Files\Wireless LAN Utility\unWuty.exe" Wireless LAN Utility
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Kaspersky Anti-Virus
======System event log======
Computer Name: MERDE
Event Code: 7036
Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution.
Record Number: 33197
Source Name: Service Control Manager
Time Written: 20090608201116.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 35
Message: Le service de temps synchronise maintenant l'heure système avec la
source de temps time.windows.com (ntp.m|0x1|82.241.55.79:123->207.46.197.32:123).
Record Number: 33196
Source Name: W32Time
Time Written: 20090608201055.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 33195
Source Name: Service Control Manager
Time Written: 20090608201049.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l'état : en cours d'exécution.
Record Number: 33194
Source Name: Service Control Manager
Time Written: 20090608201048.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.
Record Number: 33193
Source Name: Service Control Manager
Time Written: 20090608201048.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: MERDE
Event Code: 0
Message: PerfectDisk Scheduler started.
Record Number: 5
Source Name: PDAgent
Time Written: 20090620211150.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 0
Message: Service started
Record Number: 4
Source Name: PDEngine
Time Written: 20090620211145.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 3
Source Name: SecurityCenter
Time Written: 20090620211136.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 0
Message:
Record Number: 2
Source Name: RichVideo
Time Written: 20090620211134.000000+120
Event Type: Informations
User:
Computer Name: MERDE
Event Code: 0
Message: Service started
Record Number: 1
Source Name: PDAgent
Time Written: 20090620211134.000000+120
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;%PIXIEHOME%\bin
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0209
"SHADERS"=%PIXIEHOME%\shaders
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------
_________________________
Logfile of random's system information tool 1.06 (written by random/random)
Run by sophie & vincent at 2009-07-06 00:42:06
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 17 GB (52%) free of 33 GB
Total RAM: 511 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:42:55, on 06/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\TEMP\Local Settings\Temporary Internet Files\Content.IE5\MX8HCBYJ\RSIT[1].exe
C:\Program Files\trend micro\sophie & vincent.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.ripp-it.com/down/acces.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\eossukbh.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\eossukbh.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O20 - Winlogon Notify: urqpqom - C:\WINDOWS\
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe
--
End of file - 7439 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-06-14 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-11-11 62728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2004-08-26 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-08-26 67584]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2004-01-19 81920]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-08-05 102400]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-08-05 684032]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-06-24 339968]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-17 91432]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2005-09-09 102400]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2005-08-16 339968]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-06-02 206088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2009-06-14 198160]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AWMON"=C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe [2005-05-25 517632]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
SiWake.lnk - C:\Program Files\Wireless LAN Utility\SiWake.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-11-11 218376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqpqom]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\adslTV\adsltv.exe"="C:\Program Files\adslTV\adsltv.exe:*:Enabled:adsltv"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
======List of files/folders created in the last 3 months======
2009-07-06 00:42:05 ----D---- C:\rsit
2009-07-05 21:22:31 ----D---- C:\Program Files\MSN Messenger
2009-07-05 15:59:57 ----A---- C:\WINDOWS\system32\lfgif13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltimg13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltfil13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltefx13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\ltdis13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
2009-07-05 15:59:55 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
2009-07-02 15:24:15 ----A---- C:\WINDOWS\system32\itngoijf.dll
2009-07-02 15:24:15 ----A---- C:\WINDOWS\system32\eossukbh.dll
2009-07-02 15:24:15 ----A---- C:\WINDOWS\system32\drijeu.dll
2009-06-21 17:31:14 ----D---- C:\Documents and Settings\TEMP\Application Data\Lavasoft
2009-06-21 17:31:00 ----D---- C:\Program Files\Lavasoft
2009-06-20 23:03:11 ----D---- C:\WINDOWS\RegisteredPackages
2009-06-20 01:15:25 ----D---- C:\Program Files\QUAD Utilities
2009-06-20 00:58:51 ----A---- C:\WINDOWS\wininit.ini
2009-06-20 00:07:27 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-06-20 00:07:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-14 22:34:45 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-06-14 22:34:33 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-06-14 22:34:12 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-06-14 22:34:12 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-06-14 22:34:05 ----D---- C:\Program Files\Real
2009-06-14 22:34:04 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-06-14 22:33:58 ----D---- C:\Program Files\Fichiers communs\Real
2009-06-14 22:33:50 ----D---- C:\Documents and Settings\TEMP\Application Data\Real
2009-06-03 12:48:22 ----D---- C:\Documents and Settings\TEMP\Application Data\Help
2009-06-02 19:37:24 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-02 19:37:24 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-02 19:37:24 ----A---- C:\WINDOWS\system32\java.exe
2009-05-22 17:27:49 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-05-22 17:27:28 ----D---- C:\Documents and Settings\TEMP\Application Data\TuneUp Software
2009-05-22 17:25:45 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-05-22 17:25:43 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-05-22 17:25:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-27 21:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-21 23:27:44 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-04-19 23:36:30 ----D---- C:\da23f0b891ab57b13a31f1
2009-04-16 00:05:34 ----D---- C:\Documents and Settings\TEMP\Application Data\vlc
2009-04-15 23:58:15 ----D---- C:\Program Files\adslTV
2009-04-15 23:35:23 ----D---- C:\Program Files\Freeplayer
2009-04-15 22:41:35 ----D---- C:\Program Files\FileZilla FTP Client
======List of files/folders modified in the last 3 months======
2009-07-06 00:42:55 ----D---- C:\Program Files\Trend Micro
2009-07-06 00:42:02 ----D---- C:\WINDOWS\Prefetch
2009-07-06 00:31:11 ----D---- C:\WINDOWS\Temp
2009-07-06 00:29:51 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-07-06 00:13:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-06 00:09:19 ----D---- C:\WINDOWS\system32\drivers
2009-07-05 23:02:08 ----D---- C:\WINDOWS
2009-07-05 21:23:38 ----SHD---- C:\WINDOWS\Installer
2009-07-05 21:23:26 ----D---- C:\WINDOWS\inf
2009-07-05 21:22:35 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-07-05 21:22:35 ----D---- C:\WINDOWS\WinSxS
2009-07-05 21:22:34 ----D---- C:\WINDOWS\system32
2009-07-05 21:22:31 ----RD---- C:\Program Files
2009-07-05 15:59:51 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-05 15:59:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-05 13:54:10 ----SD---- C:\WINDOWS\Tasks
2009-07-03 10:00:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-06-24 23:03:02 ----A---- C:\WINDOWS\CSTBox.INI
2009-06-24 23:01:49 ----D---- C:\Documents and Settings\TEMP\Application Data\Canon
2009-06-21 23:31:58 ----D---- C:\WINDOWS\Minidump
2009-06-21 00:10:48 ----A---- C:\WINDOWS\NeroDigital.ini
2009-06-20 23:09:27 ----D---- C:\WINDOWS\security
2009-06-20 23:03:26 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-06-20 23:03:21 ----D---- C:\Temp
2009-06-20 23:03:20 ----D---- C:\Program Files\Movie Maker
2009-06-14 22:34:45 ----D---- C:\Program Files\Fichiers communs
2009-06-14 22:34:05 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-06-13 14:42:45 ----D---- C:\Documents and Settings\TEMP\Application Data\Microsoft
2009-06-12 23:05:06 ----D---- C:\Documents and Settings\TEMP\Application Data\FileZilla
2009-06-12 20:48:19 ----D---- C:\WINDOWS\system32\Restore
2009-06-11 06:55:23 ----D---- C:\Program Files\eMule
2009-06-02 22:08:22 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-06-02 19:36:51 ----D---- C:\Program Files\Java
2009-06-02 19:34:19 ----D---- C:\Program Files\Mozilla Firefox
2009-06-01 22:38:15 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-01 00:24:31 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-01 00:20:56 ----D---- C:\Program Files\Kaspersky Lab
2009-05-22 19:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-05-22 19:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-05-22 19:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-05-22 19:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-05-22 19:58:12 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-05-22 19:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-05-22 19:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2009-05-22 19:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-05-22 19:57:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2009-05-22 19:57:37 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2009-05-22 19:57:33 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-05-22 19:57:16 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-05-22 19:39:57 ----D---- C:\WINDOWS\system32\config
2009-05-17 21:49:01 ----D---- C:\WINDOWS\Debug
2009-05-15 22:46:17 ----D---- C:\Program Files\MAGIX
2009-05-15 22:46:15 ----D---- C:\WINDOWS\system32\MAGIX
2009-04-27 21:16:44 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-19 22:36:41 ----SHD---- C:\System Volume Information
2009-04-17 22:58:04 ----SHD---- C:\RECYCLER
2009-04-14 00:04:24 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-06-02 226832]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-05 12032]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 acedrv09;acedrv09; \??\C:\WINDOWS\system32\drivers\acedrv09.sys []
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-26 11043]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-08-26 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-26 626977]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-07 747008]
R3 ATKXPDisplayName;ATKXPDisplayName; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2004-08-26 5786]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-08-26 1041536]
R3 HSFHWSIS;HSFHWSIS; C:\WINDOWS\system32\DRIVERS\HSFHWSIS.sys [2004-08-26 192768]
R3 irsir;Pilote série infrarouge Microsoft; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-26 32256]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-08-05 185824]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-08-26 681856]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S2 acehlp09;acehlp09; \??\C:\WINDOWS\system32\drivers\acehlp09.sys []
S3 61883;Pilote d'unité 61883; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;Périphérique AVC; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 SIS162u;SiS 162 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis162u.sys [2004-08-26 155648]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-09-21 8816128]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-09-04 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-09-04 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-09-04 24832]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D.sys []
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 SISNPF;SIS Netgroup Packet Filter; C:\WINDOWS\system32\drivers\SISNPF.sys [2004-08-26 74112]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-09-07 385024]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2009-06-02 206088]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2007-11-06 414984]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-06-27 244904]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [2007-11-06 734472]
S3 UPnPService;UPnPService; C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
Configuration: Windows XP Internet Explorer 6.0
A voir également:
- Virus ???
- Virus mcafee - Accueil - Piratage
- Comment détruire un virus informatique - Guide
- Powershell.exe virus - Guide
- Undisclosed-recipients virus - Guide
- Impossible de terminer l'opération car le fichier contient un virus - Forum Virus
1 réponse
bonjour,
Avant de commencer desactiver votre antivirus le temps de la desinfection
1. Il est fortement recommandé d’installer que un seul antivirus
2. commencer par télécharger https://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html puis lancer une analyse complete du pc.
3. il est très important d’enregistrer le rapport
4. ensuite télécharger http://www.commentcamarche.net/telecharger/telecharger 34055026 panda anti rootkit (puis lancer une analyse)
5. il est très important d’enregistrer le rapport
6. maintenant veuillez poster chaque rapport dans un post different merci.
Avant de commencer desactiver votre antivirus le temps de la desinfection
1. Il est fortement recommandé d’installer que un seul antivirus
2. commencer par télécharger https://www.clubic.com/telecharger-fiche215092-malwarebytes-anti-malware.html puis lancer une analyse complete du pc.
3. il est très important d’enregistrer le rapport
4. ensuite télécharger http://www.commentcamarche.net/telecharger/telecharger 34055026 panda anti rootkit (puis lancer une analyse)
5. il est très important d’enregistrer le rapport
6. maintenant veuillez poster chaque rapport dans un post different merci.
