Virus, plus de son ni de malware et spybot
Fermé
richard
-
24 avril 2011 à 01:30
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 - 24 avril 2011 à 04:51
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 - 24 avril 2011 à 04:51
A voir également:
- Virus, plus de son ni de malware et spybot
- Spybot search & destroy - Télécharger - Antivirus & Antimalwares
- Malware byte - Télécharger - Antivirus & Antimalwares
- Mcafee alerte de virus critique - Accueil - Piratage
- Youtu.be virus - Accueil - Guide virus
- Win32:malware-gen ✓ - Forum Virus
5 réponses
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
24 avril 2011 à 01:41
24 avril 2011 à 01:41
Salut richard
On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe
- Double clique sur RSIT.exe qui est sur le bureau
Vista - Clique droit sur RSIT.exe qui est sur le bureau et choisir exécuter en tant qu'administrateur
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l'analyse
Utilise cjoint.com pour poster en lien tes rapports :
https://www.cjoint.com/
- Clique sur Parcourir pour aller chercher le rapport C:\rsit\log.txt
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint
- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.
Et fais la même chose avec l'autre rapport C:\rsit\info.txt
@++ :)
On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe
- Double clique sur RSIT.exe qui est sur le bureau
Vista - Clique droit sur RSIT.exe qui est sur le bureau et choisir exécuter en tant qu'administrateur
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n'est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l'analyse
Utilise cjoint.com pour poster en lien tes rapports :
https://www.cjoint.com/
- Clique sur Parcourir pour aller chercher le rapport C:\rsit\log.txt
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint
- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.
Et fais la même chose avec l'autre rapport C:\rsit\info.txt
@++ :)
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrateur at 2011-04-23 19:50:23
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 166 GB (87%) free of 191 GB
Total RAM: 1278 MB (40% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\suberiw.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4B8F0962-CDB7-4F33-9465-E9BEDD8B175E}.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\IPS\IPSBHO.DLL [2010-12-01 210360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-01 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-01 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2011-03-24 135000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
XBTBPos00 Class - C:\Program Files\Adobe Audition 1.0\mybarnsc12E.tmp\tbcore3.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} -
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-01 148888]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-08-15 1404928]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Unazuhuhone"=C:\WINDOWS\onelebodu.dll [2008-04-14 278528]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Fsexehokofata"= C:\WINDOWS\bdifti.dll,Startup []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PowerReg Scheduler V3.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TPSvc]
TPSvc.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\gamigogames\LevelR\LevelR.bin"="C:\Program Files\gamigogames\LevelR\LevelR.bin:*:Enabled:Game"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Free Torrent Player\FreeTorrentPlayer.exe"="C:\Program Files\Free Torrent Player\FreeTorrentPlayer.exe:*:Enabled:FreeTorrentPlayer_Project Module"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TAGMonitor.exe"="C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TAGMonitor.exe:*:Enabled:TAGMonitor.exe"
"C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\LeapFrogConnectTag.exe"="C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\LeapFrogConnectTag.exe:*:Enabled:LeapFrogConnectTag.exe"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="svchost.exe
======List of files/folders created in the last 1 months======
2011-04-23 19:45:18 ----D---- C:\rsit
2011-04-23 19:38:46 ----D---- C:\Program Files\ZHPDiag
2011-04-23 18:19:16 ----A---- C:\ZHPExportRegistry-2011-04-23-18-19-15.txt
2011-04-23 17:18:22 ----A---- C:\Program Files\rapporthighjack.txt
2011-04-23 16:53:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-04-23 16:52:58 ----D---- C:\Program Files\Realtek Sound Manager
2011-04-23 16:52:58 ----D---- C:\Program Files\AvRack
2011-04-23 16:52:54 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sammsoft
2011-04-23 16:52:38 ----D---- C:\Documents and Settings\All Users\Application Data\ParetoLogic
2011-04-23 16:46:41 ----RD---- C:\32788R22FWJFW
2011-04-23 16:22:53 ----A---- C:\WINDOWS\system32\roboot.exe
2011-04-23 16:17:40 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-04-23 16:17:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-23 16:17:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-04-23 15:54:44 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-04-23 15:54:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-04-20 20:08:06 ----D---- C:\WINDOWS\pss
2011-04-20 19:45:56 ----A---- C:\WINDOWS\system32\Run32.dll
2011-04-17 21:34:53 ----D---- C:\Program Files\ma-config.com
2011-04-17 21:34:53 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2011-04-17 21:32:44 ----A---- C:\WINDOWS\avrack.ini
2011-04-17 20:27:10 ----A---- C:\WINDOWS\RtlRack.ini
2011-04-17 16:06:12 ----A---- C:\WINDOWS\ntbtlog.txt
2011-04-17 11:01:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\DriverCure
2011-04-17 11:01:30 ----D---- C:\Documents and Settings\Administrateur\Application Data\ParetoLogic
2011-04-13 17:19:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-04-12 21:16:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-12 19:50:44 ----RASH---- C:\WINDOWS\system32\cabviewx.dll
2011-04-10 19:44:14 ----D---- C:\Documents and Settings\Administrateur\Application Data\Tific
2011-04-10 19:20:22 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2011-04-10 19:20:22 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2011-04-10 19:20:21 ----D---- C:\Program Files\Symantec
2011-04-10 19:18:44 ----D---- C:\WINDOWS\system32\drivers\NAV
2011-04-10 19:18:32 ----D---- C:\Program Files\Windows Sidebar
2011-04-10 19:18:32 ----D---- C:\Program Files\Norton AntiVirus
2011-04-10 19:18:29 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2011-04-10 19:17:54 ----D---- C:\Program Files\NortonInstaller
2011-04-10 19:17:54 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2011-04-10 18:36:18 ----D---- C:\Program Files\Avira
2011-04-10 18:36:18 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2011-04-03 18:59:17 ----D---- C:\Program Files\Fichiers communs\Adobe
2011-03-31 23:54:41 ----D---- C:\WINDOWS\system32\NtmsData
2011-03-31 22:48:03 ----D---- C:\Program Files\Trend Micro
2011-03-31 21:50:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\OfferBox
2011-03-31 21:50:03 ----D---- C:\Program Files\OfferBox
2011-03-31 19:15:52 ----A---- C:\mbam-error.txt
2011-03-31 19:02:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\PriceGong
2011-03-30 17:22:02 ----D---- C:\Documents and Settings\All Users\Application Data\TorrentEasy
2011-03-30 15:32:42 ----D---- C:\Documents and Settings\All Users\Application Data\bKp01826cBaNd01826
2011-03-28 09:13:53 ----A---- C:\WINDOWS\yesmessenger.ini
2011-03-24 17:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
======List of files/folders modified in the last 1 months======
2011-04-23 19:48:16 ----D---- C:\WINDOWS\Temp
2011-04-23 19:38:46 ----RD---- C:\Program Files
2011-04-23 19:33:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\HPAppData
2011-04-23 19:25:04 ----SHD---- C:\System Volume Information
2011-04-23 16:58:25 ----D---- C:\WINDOWS\Prefetch
2011-04-23 16:53:05 ----D---- C:\Program Files\Analog Devices
2011-04-23 16:53:02 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-23 16:53:00 ----SHD---- C:\WINDOWS\Installer
2011-04-23 16:52:57 ----SHD---- C:\Config.Msi
2011-04-23 16:52:57 ----D---- C:\WINDOWS\twain_32
2011-04-23 16:52:56 ----D---- C:\Program Files\Kids Cam Show And Share Creativity Center
2011-04-23 16:52:36 ----D---- C:\WINDOWS\system32\drivers
2011-04-23 16:52:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2011-04-23 16:51:49 ----D---- C:\WINDOWS
2011-04-23 16:51:45 ----D---- C:\WINDOWS\system32
2011-04-23 16:14:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-22 21:37:13 ----SH---- C:\boot.ini
2011-04-22 21:37:13 ----A---- C:\WINDOWS\win.ini
2011-04-22 21:37:13 ----A---- C:\WINDOWS\system.ini
2011-04-19 20:16:12 ----D---- C:\Program Files\Mozilla Firefox
2011-04-19 19:58:11 ----D---- C:\swsetup
2011-04-19 19:24:48 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-17 20:06:09 ----HD---- C:\WINDOWS\inf
2011-04-17 20:05:38 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2011-04-17 20:02:02 ----D---- C:\Program Files\Fichiers communs
2011-04-17 18:45:13 ----D---- C:\Documents and Settings\Administrateur\Application Data\FrostWire
2011-04-17 18:34:09 ----SD---- C:\WINDOWS\Tasks
2011-04-17 10:44:33 ----D---- C:\WINDOWS\WinSxS
2011-04-13 21:08:18 ----D---- C:\Program Files\Fichiers communs\PC Tools
2011-04-13 21:05:34 ----D---- C:\Program Files\WinRAR
2011-04-13 21:04:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-04-13 21:04:31 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2011-04-13 17:21:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-13 17:18:35 ----D---- C:\Program Files\Realtek AC97
2011-04-12 21:35:10 ----D---- C:\WINDOWS\Registration
2011-04-12 21:11:49 ----D---- C:\Program Files\Google
2011-04-12 21:02:56 ----D---- C:\WINDOWS\Minidump
2011-04-12 21:02:56 ----D---- C:\WINDOWS\Debug
2011-04-10 19:27:56 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2011-04-03 19:36:01 ----D---- C:\WINDOWS\Network Diagnostic
2011-04-03 18:59:30 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-31 23:54:40 ----D---- C:\WINDOWS\repair
2011-03-31 23:13:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-31 22:48:05 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2011-03-31 22:39:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-03-31 18:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2011-03-31 17:43:07 ----D---- C:\WINDOWS\system32\Macromed
2011-03-31 17:12:50 ----D---- C:\Program Files\uTorrent
2011-03-30 19:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-03-27 14:41:10 ----D---- C:\Program Files\Norton Security Scan
2011-03-24 17:01:52 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1205000.07D\SYMDS.SYS [2010-10-20 340016]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1205000.07D\SYMEFA.SYS [2010-11-17 652336]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110419.001\BHDrvx86.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1205000.07D\SRTSP.SYS [2010-11-23 509560]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1205000.07D\SRTSPX.SYS [2010-11-23 50168]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1205000.07D\Ironx86.SYS [2010-11-15 136312]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1205000.07D\SYMTDI.SYS [2010-12-01 368248]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2007-03-25 171416]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110421.001\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110423.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110423.002\NAVEX15.SYS []
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-01-09 47360]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 BLKWGU(Belkin);Belkin Wireless G USB Network Adapter(Belkin); C:\WINDOWS\system32\DRIVERS\BLKWGU.sys [2005-11-10 402944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 FlyUsb;FLY Fusion; C:\WINDOWS\system32\DRIVERS\FlyUsb.sys [2008-07-14 18560]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 JL2005C;Dual Mode Camera; C:\WINDOWS\System32\Drivers\jl2005c.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2006-08-15 732928]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-08-15 260352]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-01 152984]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe [2010-11-23 130000]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008]
S2 MouseDriver;MouseDriver; C:\WINDOWS\TEMP\MouseDriver.bat []
S2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2011-04-12 311744]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Administrateur at 2011-04-23 19:50:23
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 166 GB (87%) free of 191 GB
Total RAM: 1278 MB (40% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\suberiw.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4B8F0962-CDB7-4F33-9465-E9BEDD8B175E}.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\IPS\IPSBHO.DLL [2010-12-01 210360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-01 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-01 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2011-03-24 135000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
XBTBPos00 Class - C:\Program Files\Adobe Audition 1.0\mybarnsc12E.tmp\tbcore3.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} -
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-01 148888]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-08-15 1404928]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Unazuhuhone"=C:\WINDOWS\onelebodu.dll [2008-04-14 278528]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Fsexehokofata"= C:\WINDOWS\bdifti.dll,Startup []
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PowerReg Scheduler V3.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TPSvc]
TPSvc.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoActiveDesktopChanges"=0
"NoSetActiveDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\gamigogames\LevelR\LevelR.bin"="C:\Program Files\gamigogames\LevelR\LevelR.bin:*:Enabled:Game"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres"
"C:\Program Files\Free Torrent Player\FreeTorrentPlayer.exe"="C:\Program Files\Free Torrent Player\FreeTorrentPlayer.exe:*:Enabled:FreeTorrentPlayer_Project Module"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TAGMonitor.exe"="C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TAGMonitor.exe:*:Enabled:TAGMonitor.exe"
"C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\LeapFrogConnectTag.exe"="C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\LeapFrogConnectTag.exe:*:Enabled:LeapFrogConnectTag.exe"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="svchost.exe
======List of files/folders created in the last 1 months======
2011-04-23 19:45:18 ----D---- C:\rsit
2011-04-23 19:38:46 ----D---- C:\Program Files\ZHPDiag
2011-04-23 18:19:16 ----A---- C:\ZHPExportRegistry-2011-04-23-18-19-15.txt
2011-04-23 17:18:22 ----A---- C:\Program Files\rapporthighjack.txt
2011-04-23 16:53:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-04-23 16:52:58 ----D---- C:\Program Files\Realtek Sound Manager
2011-04-23 16:52:58 ----D---- C:\Program Files\AvRack
2011-04-23 16:52:54 ----D---- C:\Documents and Settings\Administrateur\Application Data\Sammsoft
2011-04-23 16:52:38 ----D---- C:\Documents and Settings\All Users\Application Data\ParetoLogic
2011-04-23 16:46:41 ----RD---- C:\32788R22FWJFW
2011-04-23 16:22:53 ----A---- C:\WINDOWS\system32\roboot.exe
2011-04-23 16:17:40 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-04-23 16:17:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-04-23 16:17:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-04-23 15:54:44 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-04-23 15:54:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-04-20 20:08:06 ----D---- C:\WINDOWS\pss
2011-04-20 19:45:56 ----A---- C:\WINDOWS\system32\Run32.dll
2011-04-17 21:34:53 ----D---- C:\Program Files\ma-config.com
2011-04-17 21:34:53 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2011-04-17 21:32:44 ----A---- C:\WINDOWS\avrack.ini
2011-04-17 20:27:10 ----A---- C:\WINDOWS\RtlRack.ini
2011-04-17 16:06:12 ----A---- C:\WINDOWS\ntbtlog.txt
2011-04-17 11:01:33 ----D---- C:\Documents and Settings\Administrateur\Application Data\DriverCure
2011-04-17 11:01:30 ----D---- C:\Documents and Settings\Administrateur\Application Data\ParetoLogic
2011-04-13 17:19:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-04-12 21:16:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-12 19:50:44 ----RASH---- C:\WINDOWS\system32\cabviewx.dll
2011-04-10 19:44:14 ----D---- C:\Documents and Settings\Administrateur\Application Data\Tific
2011-04-10 19:20:22 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2011-04-10 19:20:22 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2011-04-10 19:20:21 ----D---- C:\Program Files\Symantec
2011-04-10 19:18:44 ----D---- C:\WINDOWS\system32\drivers\NAV
2011-04-10 19:18:32 ----D---- C:\Program Files\Windows Sidebar
2011-04-10 19:18:32 ----D---- C:\Program Files\Norton AntiVirus
2011-04-10 19:18:29 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2011-04-10 19:17:54 ----D---- C:\Program Files\NortonInstaller
2011-04-10 19:17:54 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2011-04-10 18:36:18 ----D---- C:\Program Files\Avira
2011-04-10 18:36:18 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2011-04-03 18:59:17 ----D---- C:\Program Files\Fichiers communs\Adobe
2011-03-31 23:54:41 ----D---- C:\WINDOWS\system32\NtmsData
2011-03-31 22:48:03 ----D---- C:\Program Files\Trend Micro
2011-03-31 21:50:08 ----D---- C:\Documents and Settings\Administrateur\Application Data\OfferBox
2011-03-31 21:50:03 ----D---- C:\Program Files\OfferBox
2011-03-31 19:15:52 ----A---- C:\mbam-error.txt
2011-03-31 19:02:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\PriceGong
2011-03-30 17:22:02 ----D---- C:\Documents and Settings\All Users\Application Data\TorrentEasy
2011-03-30 15:32:42 ----D---- C:\Documents and Settings\All Users\Application Data\bKp01826cBaNd01826
2011-03-28 09:13:53 ----A---- C:\WINDOWS\yesmessenger.ini
2011-03-24 17:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
======List of files/folders modified in the last 1 months======
2011-04-23 19:48:16 ----D---- C:\WINDOWS\Temp
2011-04-23 19:38:46 ----RD---- C:\Program Files
2011-04-23 19:33:27 ----D---- C:\Documents and Settings\Administrateur\Application Data\HPAppData
2011-04-23 19:25:04 ----SHD---- C:\System Volume Information
2011-04-23 16:58:25 ----D---- C:\WINDOWS\Prefetch
2011-04-23 16:53:05 ----D---- C:\Program Files\Analog Devices
2011-04-23 16:53:02 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-23 16:53:00 ----SHD---- C:\WINDOWS\Installer
2011-04-23 16:52:57 ----SHD---- C:\Config.Msi
2011-04-23 16:52:57 ----D---- C:\WINDOWS\twain_32
2011-04-23 16:52:56 ----D---- C:\Program Files\Kids Cam Show And Share Creativity Center
2011-04-23 16:52:36 ----D---- C:\WINDOWS\system32\drivers
2011-04-23 16:52:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\uTorrent
2011-04-23 16:51:49 ----D---- C:\WINDOWS
2011-04-23 16:51:45 ----D---- C:\WINDOWS\system32
2011-04-23 16:14:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-22 21:37:13 ----SH---- C:\boot.ini
2011-04-22 21:37:13 ----A---- C:\WINDOWS\win.ini
2011-04-22 21:37:13 ----A---- C:\WINDOWS\system.ini
2011-04-19 20:16:12 ----D---- C:\Program Files\Mozilla Firefox
2011-04-19 19:58:11 ----D---- C:\swsetup
2011-04-19 19:24:48 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-17 20:06:09 ----HD---- C:\WINDOWS\inf
2011-04-17 20:05:38 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2011-04-17 20:02:02 ----D---- C:\Program Files\Fichiers communs
2011-04-17 18:45:13 ----D---- C:\Documents and Settings\Administrateur\Application Data\FrostWire
2011-04-17 18:34:09 ----SD---- C:\WINDOWS\Tasks
2011-04-17 10:44:33 ----D---- C:\WINDOWS\WinSxS
2011-04-13 21:08:18 ----D---- C:\Program Files\Fichiers communs\PC Tools
2011-04-13 21:05:34 ----D---- C:\Program Files\WinRAR
2011-04-13 21:04:38 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-04-13 21:04:31 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2011-04-13 17:21:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-13 17:18:35 ----D---- C:\Program Files\Realtek AC97
2011-04-12 21:35:10 ----D---- C:\WINDOWS\Registration
2011-04-12 21:11:49 ----D---- C:\Program Files\Google
2011-04-12 21:02:56 ----D---- C:\WINDOWS\Minidump
2011-04-12 21:02:56 ----D---- C:\WINDOWS\Debug
2011-04-10 19:27:56 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2011-04-03 19:36:01 ----D---- C:\WINDOWS\Network Diagnostic
2011-04-03 18:59:30 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-31 23:54:40 ----D---- C:\WINDOWS\repair
2011-03-31 23:13:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-31 22:48:05 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft
2011-03-31 22:39:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-03-31 18:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2011-03-31 17:43:07 ----D---- C:\WINDOWS\system32\Macromed
2011-03-31 17:12:50 ----D---- C:\Program Files\uTorrent
2011-03-30 19:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-03-27 14:41:10 ----D---- C:\Program Files\Norton Security Scan
2011-03-24 17:01:52 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1205000.07D\SYMDS.SYS [2010-10-20 340016]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1205000.07D\SYMEFA.SYS [2010-11-17 652336]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110419.001\BHDrvx86.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576]
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1205000.07D\SRTSP.SYS [2010-11-23 509560]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1205000.07D\SRTSPX.SYS [2010-11-23 50168]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1205000.07D\Ironx86.SYS [2010-11-15 136312]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1205000.07D\SYMTDI.SYS [2010-12-01 368248]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2007-03-25 171416]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110421.001\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110423.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110423.002\NAVEX15.SYS []
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-01-09 47360]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
S3 BLKWGU(Belkin);Belkin Wireless G USB Network Adapter(Belkin); C:\WINDOWS\system32\DRIVERS\BLKWGU.sys [2005-11-10 402944]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 FlyUsb;FLY Fusion; C:\WINDOWS\system32\DRIVERS\FlyUsb.sys [2008-07-14 18560]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 JL2005C;Dual Mode Camera; C:\WINDOWS\System32\Drivers\jl2005c.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2006-08-15 732928]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2006-08-15 260352]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-01 152984]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe [2010-11-23 130000]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008]
S2 MouseDriver;MouseDriver; C:\WINDOWS\TEMP\MouseDriver.bat []
S2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2011-04-12 311744]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Service de partage de ports Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
24 avril 2011 à 02:50
24 avril 2011 à 02:50
Salut richard
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/
Important Désactive ton Antivirus, antispyware et Pare feu avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp
https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/
==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n'est pas fini. <==
Double clique sur combofix.exe, clique sur OUI et valide par Entrée
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++ :)
Télécharge combofix.exe (de sUBs) sur le bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/
Important Désactive ton Antivirus, antispyware et Pare feu avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp
https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/
==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n'est pas fini. <==
Double clique sur combofix.exe, clique sur OUI et valide par Entrée
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure
@++ :)
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
24 avril 2011 à 02:52
24 avril 2011 à 02:52
Triplette :D
https://forums.commentcamarche.net/forum/affich-21913333-plus-de-son-et-plus-de-malwarebyte-et-spybot
http://www.commentcamarche.net/forum/affich-21914142-impossible-d-ouvrir-malware-ou-spybot
https://forums.commentcamarche.net/forum/affich-21913333-plus-de-son-et-plus-de-malwarebyte-et-spybot
http://www.commentcamarche.net/forum/affich-21914142-impossible-d-ouvrir-malware-ou-spybot
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
dédétraqué
Messages postés
4384
Date d'inscription
vendredi 5 septembre 2008
Statut
Contributeur sécurité
Dernière intervention
4 février 2013
286
24 avril 2011 à 04:51
24 avril 2011 à 04:51
Salut richard
Pas besoin d'ouvrir plusieurs postes...
Explique les problèmes que tu rencontre ici....
@++ :)
Pas besoin d'ouvrir plusieurs postes...
Explique les problèmes que tu rencontre ici....
@++ :)
