Problème avec un portable

Résolu
jodamours Messages postés 66 Statut Membre -  
jodamours Messages postés 66 Statut Membre -
Bonjour, j'ai un gros problème avec mon portable !

Il envoie des courriels quand je ne lui demande pas. Il envoie des messages instantanées sur sur msn. Il est de plus en plus lent. Pouvez-vous m'aider s.v.p

Voici le rapport Hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:47:58, on 2008-10-27
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\V0500Mon.exe
C:\WINDOWS\system32\zuttihepit.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://qc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [V0500Mon.exe] C:\WINDOWS\V0500Mon.exe
O4 - HKLM\..\Run: [tyby] C:\WINDOWS\system32\zuttihepit.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://toshibatec.ca/
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Winferno Subscription Service (ikirzysgy) - Unknown owner - C:\WINDOWS\system32\baquoopov.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
A voir également:

29 réponses

Précédent
  • 1
  • 2
Réponse 21 / 29
jodamours Messages postés 66 Statut Membre
 
Bonjour, j'ai essayé à plusieurs reprise d'enlever ce que tu m'as demandé mais à ca me marque erreur à toutes les fois ca marque :

Error: Unable to interpret <C:\WINDOWS\system32\zuttihepit.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\baquoopov.exe> in the current context!

OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 11112008_194122
0
Réponse 22 / 29
totobetourne Messages postés 5677 Statut Membre 65
 
fais cela mainteant

/!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

Ouvre le Bloc-Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)

Copie ce texte ( en gras )d'une traite ( CTRL+C pour copier ) puis colle-le ( CTRL+V dans le bloc-note )


Files::

C:\WINDOWS\system32\zuttihepit.exe
C:\WINDOWS\system32\baquoopov.exe


Sauvegarde ce fichier sur ton bureau sous le nom de CFScript.txt.



Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
0
Réponse 23 / 29
jodamours Messages postés 66 Statut Membre
 
ComboFix 08-11-05.02 - Stephane 2008-11-17 20:58:03.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.525 [GMT -5:00]
Lancé depuis: c:\documents and settings\Stephane\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Stephane\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
.
- Mode FONCTIONNALITES REDUITES -
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-18 au 2008-11-18 ))))))))))))))))))))))))))))))))))))
.

2008-11-17 17:22 . 2008-11-17 17:22 <REP> d-------- c:\program files\EA SPORTS
2008-11-17 06:49 . 2008-11-17 06:49 <REP> d--hs---- C:\FOUND.006
2008-11-12 18:04 . 2008-11-12 18:04 118 --a------ c:\windows\system32\MRT.INI
2008-11-12 09:29 . 2008-10-24 06:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 09:21 . 2008-09-04 12:16 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-11-11 19:36 . 2008-11-11 19:36 <REP> d-------- C:\_OTMoveIt
2008-11-06 20:25 . 2008-11-06 20:25 579,584 --a------ c:\windows\system32\dllcache\user32.dll
2008-11-06 20:23 . 2008-11-06 20:23 <REP> d-------- c:\windows\ERUNT
2008-11-06 19:10 . 2008-11-06 19:10 <REP> d--hs---- C:\FOUND.005
2008-11-06 19:04 . 2008-11-06 02:03 <REP> d-------- C:\SDFix
2008-10-30 19:29 . 2008-10-30 19:29 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-10-30 19:29 . 2008-10-30 19:29 <REP> d-------- c:\documents and settings\Stephane\Application Data\Malwarebytes
2008-10-30 19:29 . 2008-10-30 19:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-30 19:29 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-30 19:29 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-10-27 17:47 . 2008-10-27 17:47 <REP> d-------- c:\program files\Trend Micro
2008-10-24 07:20 . 2008-10-15 12:35 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-10-23 13:26 . 2008-10-23 13:26 0 --a------ c:\windows\nsreg.dat
2008-10-20 10:30 . 2008-10-20 10:30 <REP> d-------- c:\documents and settings\Stephane\Application Data\Image Zone Express
2008-10-19 21:47 . 2008-10-19 21:47 <REP> d--hs---- C:\FOUND.004
2008-10-18 15:45 . 2008-10-18 15:45 <REP> d-------- c:\program files\Picasa2
2008-10-18 15:45 . 2008-10-18 15:45 <REP> d-------- c:\program files\Google
2008-10-18 15:45 . 2006-10-04 22:42 2,560 --------- c:\windows\system32\drivers\cdralw2k.sys
2008-10-18 15:45 . 2006-10-04 22:42 2,432 --------- c:\windows\system32\drivers\cdr4_xp.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-03 18:12 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
2008-10-02 01:36 --------- d-----w c:\documents and settings\Stephane\Application Data\LimeWire
2008-10-02 01:35 --------- d-----w c:\program files\LimeWire
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-29 15:49 --------- d-----w c:\documents and settings\Stephane\Application Data\Creative
2008-09-29 15:44 --------- d-----w c:\program files\Dynex
2008-09-29 15:43 --------- d-----w c:\program files\Creative
2008-09-15 16:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-15 16:26 1,846,528 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
2008-09-08 11:41 333,824 ------w c:\windows\system32\dllcache\srv.sys
2008-09-06 04:30 952,360 ------w c:\windows\system32\dllcache\WgaTray.exe
2008-09-06 04:30 267,304 ------w c:\windows\system32\dllcache\wgaLogon.dll
2008-09-04 17:16 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-02 03:48 98,304 ----a-w c:\windows\system32\CmdLineExt.dll
2008-08-27 10:11 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 09:39 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-25 09:38 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-08-23 06:56 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
2008-08-23 06:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-06_11.49.03,18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-07-09 09:26:38 11,392 ----a-w c:\windows\Driver Cache\i386\bdasup.sys
+ 2004-07-09 09:26:38 16,384 ----a-w c:\windows\Driver Cache\i386\ccdecode.sys
+ 2002-12-12 05:14:32 130,304 ----a-w c:\windows\Driver Cache\i386\ks.sys
+ 2002-12-12 05:14:32 4,096 ----a-w c:\windows\Driver Cache\i386\ksuser.dll
+ 2004-07-09 09:26:38 15,104 ----a-w c:\windows\Driver Cache\i386\mpe.sys
+ 2008-10-24 11:21:10 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2004-07-09 09:26:38 52,096 ----a-w c:\windows\Driver Cache\i386\msdv.sys
+ 2002-12-12 05:14:32 7,424 ----a-w c:\windows\Driver Cache\i386\mskssrv.sys
+ 2002-12-12 05:14:32 5,248 ----a-w c:\windows\Driver Cache\i386\mspclock.sys
+ 2001-08-23 10:00:00 4,608 ----a-w c:\windows\Driver Cache\i386\mspqm.sys
+ 2002-12-12 05:14:32 5,504 ----a-w c:\windows\Driver Cache\i386\mstee.sys
+ 2004-07-09 09:26:38 16,896 ----a-w c:\windows\Driver Cache\i386\msyuv.dll
+ 2004-07-09 09:26:38 83,968 ----a-w c:\windows\Driver Cache\i386\nabtsfec.sys
+ 2004-07-09 09:26:38 10,112 ----a-w c:\windows\Driver Cache\i386\ndisip.sys
+ 2002-08-29 08:41:00 31,744 ----a-w c:\windows\Driver Cache\i386\pid.dll
+ 2004-07-09 09:26:40 354,816 ----a-w c:\windows\Driver Cache\i386\psisdecd.dll
+ 2004-07-09 09:26:40 10,880 ----a-w c:\windows\Driver Cache\i386\slip.sys
+ 2004-07-09 09:27:28 48,512 ----a-w c:\windows\Driver Cache\i386\stream.sys
+ 2004-07-09 09:26:40 14,976 ----a-w c:\windows\Driver Cache\i386\streamip.sys
+ 2002-12-12 05:14:32 4,096 ----a-w c:\windows\Driver Cache\i386\swenum.sys
+ 2004-07-09 09:26:40 18,688 ----a-w c:\windows\Driver Cache\i386\wstcodec.sys
+ 2008-08-07 20:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX\ERDNT.EXE
+ 2008-11-07 01:24:24 3,334,144 ----a-w c:\windows\ERUNT\SDFIX\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-11-07 01:24:24 20,480 ----a-w c:\windows\ERUNT\SDFIX\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-08-07 20:27:04 163,328 ----a-w c:\windows\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-11-07 01:24:10 3,334,144 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000001\ntuser.dat
+ 2008-11-07 01:24:10 20,480 ----a-w c:\windows\ERUNT\SDFIX_First_Run\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-11-12 23:00:36 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-10-14 23:04:06 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-11-12 23:01:44 593,920 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-10-14 23:04:06 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-11-12 23:01:44 12,288 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-10-14 23:04:06 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-11-12 23:01:44 86,016 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-10-14 23:04:04 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-12 23:01:44 135,168 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-10-14 23:04:06 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-11-12 23:01:44 11,264 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-10-14 23:04:06 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-12 23:01:44 27,136 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-10-14 23:04:06 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-12 23:01:44 4,096 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-10-14 23:04:06 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-11-12 23:01:44 794,624 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-10-14 23:04:06 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-11-12 23:01:44 249,856 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-10-14 23:04:04 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-11-12 23:01:44 61,440 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-10-14 23:04:06 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-11-12 23:01:44 23,040 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-10-14 23:04:04 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-12 23:01:44 286,720 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-10-14 23:04:04 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-11-12 23:01:44 409,600 ----a-r c:\windows\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-09-11 05:00:50 57,344 ----a-r c:\windows\Installer\{91A1040C-6000-11D3-8CFE-0150048383C9}\joticon.exe
+ 2008-11-12 23:01:30 57,344 ----a-r c:\windows\Installer\{91A1040C-6000-11D3-8CFE-0150048383C9}\joticon.exe
- 2008-09-11 05:00:50 135,168 ----a-r c:\windows\Installer\{91A1040C-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-12 23:01:30 135,168 ----a-r c:\windows\Installer\{91A1040C-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-09-11 05:00:50 4,096 ----a-r c:\windows\Installer\{91A1040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-12 23:01:30 4,096 ----a-r c:\windows\Installer\{91A1040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2002-12-12 05:14:32 64,512 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\amstream.dll
+ 2004-07-09 09:27:28 1,201,152 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
+ 2002-12-12 05:14:32 8,192 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll
+ 2003-05-30 14:00:02 797,184 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
+ 2004-07-09 09:27:28 292,864 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
+ 2002-12-12 05:14:32 24,064 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddrawex.dll
+ 2003-05-30 14:00:02 132,608 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
+ 2002-12-12 05:14:32 27,136 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmband.dll
+ 2002-12-12 05:14:32 58,368 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmcompos.dll
+ 2004-07-09 09:27:28 181,248 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
+ 2002-12-12 05:14:32 33,280 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
+ 2002-12-12 05:14:32 76,800 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmscript.dll
+ 2002-12-12 05:14:32 98,816 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmstyle.dll
+ 2002-12-12 05:14:32 100,864 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmsynth.dll
+ 2004-07-09 09:27:28 122,880 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
+ 2002-12-12 05:14:32 28,160 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2004-07-09 09:27:28 230,400 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
+ 2002-12-12 05:14:32 77,824 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpmodemx.dll
+ 2002-12-12 05:14:32 3,072 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnaddr.dll
+ 2002-12-12 05:14:32 723,968 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnet.dll
+ 2003-03-24 14:00:02 32,768 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
+ 2003-03-24 14:00:02 68,096 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
+ 2002-12-12 05:14:32 3,072 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnlobby.dll
+ 2002-12-12 05:14:32 16,896 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2002-12-12 05:14:32 19,968 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvacm.dll
+ 2002-12-12 05:14:32 381,952 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvoice.dll
+ 2002-12-12 05:14:32 80,896 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2002-12-12 05:14:32 112,128 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvvox.dll
+ 2004-07-09 09:27:28 79,360 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
+ 2002-12-12 05:14:32 186,880 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmo.dll
+ 2002-12-12 05:14:32 491,520 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmoprp.dll
+ 2004-07-09 09:27:28 381,952 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
+ 2002-12-12 05:14:32 1,294,336 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound3d.dll
+ 2002-12-12 05:14:32 18,432 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dswave.dll
+ 2002-12-12 05:14:32 602,624 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx7vb.dll
+ 2003-05-30 14:00:02 1,189,888 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
+ 2004-07-09 09:27:28 974,848 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2002-12-12 05:14:32 46,592 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2002-12-12 05:14:32 18,944 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\encapi.dll
+ 2002-12-12 05:14:32 130,304 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys
+ 2002-12-12 05:14:32 4,096 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
+ 2002-12-12 05:14:32 34,304 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mciqtz32.dll
+ 2002-12-12 05:14:32 13,312 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\msdmo.dll
+ 2002-12-12 05:14:32 7,424 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys
+ 2002-12-12 05:14:32 5,248 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys
+ 2001-08-23 10:00:00 4,608 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys
+ 2002-12-12 05:14:32 5,504 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mstee.sys
+ 2002-12-12 05:14:32 324,096 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mswebdvd.dll
+ 2002-12-12 05:14:32 173,056 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qasf.dll
+ 2002-12-12 05:14:32 257,024 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qcap.dll
+ 2004-07-09 09:27:28 316,928 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
+ 2004-07-09 09:27:28 470,528 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
+ 2002-12-12 05:14:32 1,798,144 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedit.dll
+ 2002-12-12 05:14:32 733,184 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedwipes.dll
+ 2003-05-30 14:00:02 1,962,496 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
+ 2004-07-09 09:27:28 48,512 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
+ 2002-12-12 05:14:32 4,096 ----a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys
+ 2004-07-09 09:26:38 11,392 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\bdasup.sys
+ 2004-07-09 09:26:38 16,384 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ccdecode.sys
+ 2004-07-09 09:26:38 15,104 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\mpe.sys
+ 2004-07-09 09:26:38 1,230,336 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msvidctl.dll
+ 2004-07-09 09:26:38 16,896 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msyuv.dll
+ 2004-07-09 09:26:38 83,968 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\nabtsfec.sys
+ 2004-07-09 09:26:38 10,112 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ndisip.sys
+ 2004-07-09 09:26:40 354,816 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\psisdecd.dll
+ 2004-07-09 09:26:40 10,880 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\slip.sys
+ 2004-07-09 09:26:40 14,976 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\streamip.sys
+ 2004-07-09 09:26:40 18,688 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstcodec.sys
+ 2004-07-09 09:26:40 47,104 ----a-w c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstdecod.dll
+ 2002-12-12 05:14:32 64,512 ----a-w c:\windows\system32\dllcache\amstream.dll
+ 2004-07-09 09:26:38 11,392 ----a-w c:\windows\system32\dllcache\bdasup.sys
+ 2004-07-09 09:27:28 1,201,152 ----a-w c:\windows\system32\dllcache\d3d8.dll
+ 2002-12-12 05:14:32 8,192 ----a-w c:\windows\system32\dllcache\d3d8thk.dll
+ 2003-05-30 14:00:02 797,184 ----a-w c:\windows\system32\dllcache\d3dim700.dll
+ 2004-07-09 09:27:28 292,864 ----a-w c:\windows\system32\dllcache\ddraw.dll
+ 2002-12-12 05:14:32 24,064 ----a-w c:\windows\system32\dllcache\ddrawex.dll
+ 2003-05-30 14:00:02 132,608 ----a-w c:\windows\system32\dllcache\devenum.dll
+ 2002-08-29 08:40:00 648,704 ----a-w c:\windows\system32\dllcache\dinput.dll
+ 2002-08-29 08:40:00 667,648 ----a-w c:\windows\system32\dllcache\dinput8.dll
+ 2002-12-12 05:14:32 27,136 ----a-w c:\windows\system32\dllcache\dmband.dll
+ 2002-12-12 05:14:32 58,368 ----a-w c:\windows\system32\dllcache\dmcompos.dll
+ 2004-07-09 09:27:28 181,248 ----a-w c:\windows\system32\dllcache\dmime.dll
+ 2002-12-12 05:14:32 33,280 ----a-w c:\windows\system32\dllcache\dmloader.dll
+ 2002-12-12 05:14:32 76,800 ----a-w c:\windows\system32\dllcache\dmscript.dll
+ 2002-12-12 05:14:32 98,816 ----a-w c:\windows\system32\dllcache\dmstyle.dll
+ 2002-12-12 05:14:32 100,864 ----a-w c:\windows\system32\dllcache\dmsynth.dll
+ 2004-07-09 09:27:28 122,880 ----a-w c:\windows\system32\dllcache\dmusic.dll
+ 2002-12-12 05:14:32 28,160 ----a-w c:\windows\system32\dllcache\dplaysvr.exe
+ 2004-07-09 09:27:28 230,400 ----a-w c:\windows\system32\dllcache\dplayx.dll
+ 2002-12-12 05:14:32 77,824 ----a-w c:\windows\system32\dllcache\dpmodemx.dll
+ 2002-12-12 05:14:32 3,072 ----a-w c:\windows\system32\dllcache\dpnaddr.dll
+ 2002-12-12 05:14:32 723,968 ----a-w c:\windows\system32\dllcache\dpnet.dll
+ 2003-03-24 14:00:02 32,768 ----a-w c:\windows\system32\dllcache\dpnhpast.dll
+ 2003-03-24 14:00:02 68,096 ----a-w c:\windows\system32\dllcache\dpnhupnp.dll
+ 2002-12-12 05:14:32 3,072 ----a-w c:\windows\system32\dllcache\dpnlobby.dll
+ 2002-12-12 05:14:32 16,896 ----a-w c:\windows\system32\dllcache\dpnsvr.exe
+ 2002-12-12 05:14:32 19,968 ----a-w c:\windows\system32\dllcache\dpvacm.dll
+ 2002-12-12 05:14:32 381,952 ----a-w c:\windows\system32\dllcache\dpvoice.dll
+ 2002-12-12 05:14:32 80,896 ----a-w c:\windows\system32\dllcache\dpvsetup.exe
+ 2002-12-12 05:14:32 112,128 ----a-w c:\windows\system32\dllcache\dpvvox.dll
+ 2004-07-09 09:27:28 79,360 ----a-w c:\windows\system32\dllcache\dpwsockx.dll
+ 2002-12-12 05:14:32 186,880 ----a-w c:\windows\system32\dllcache\dsdmo.dll
+ 2002-12-12 05:14:32 491,520 ----a-w c:\windows\system32\dllcache\dsdmoprp.dll
+ 2004-07-09 09:27:28 381,952 ----a-w c:\windows\system32\dllcache\dsound.dll
+ 2002-12-12 05:14:32 1,294,336 ----a-w c:\windows\system32\dllcache\dsound3d.dll
+ 2002-12-12 05:14:32 18,432 ----a-w c:\windows\system32\dllcache\dswave.dll
+ 2002-12-12 05:14:32 602,624 ----a-w c:\windows\system32\dllcache\dx7vb.dll
+ 2003-05-30 14:00:02 1,189,888 ----a-w c:\windows\system32\dllcache\dx8vb.dll
+ 2004-07-09 09:27:28 974,848 ----a-w c:\windows\system32\dllcache\dxdiag.exe
+ 2002-12-12 05:14:32 34,304 ----a-w c:\windows\system32\dllcache\mciqtz32.dll
+ 2004-07-09 09:26:38 15,104 ----a-w c:\windows\system32\dllcache\mpe.sys
+ 2002-12-12 05:14:32 13,312 ----a-w c:\windows\system32\dllcache\msdmo.dll
+ 2004-07-09 09:26:38 52,096 ----a-w c:\windows\system32\dllcache\msdv.sys
+ 2004-07-09 09:26:38 1,230,336 ----a-w c:\windows\system32\dllcache\msvidctl.dll
+ 2002-12-12 05:14:32 324,096 ----a-w c:\windows\system32\dllcache\mswebdvd.dll
+ 2002-08-29 08:41:00 31,744 ----a-w c:\windows\system32\dllcache\pid.dll
+ 2004-07-09 09:26:40 354,816 ----a-w c:\windows\system32\dllcache\psisdecd.dll
+ 2002-12-12 05:14:32 257,024 ----a-w c:\windows\system32\dllcache\qcap.dll
+ 2004-07-09 09:27:28 316,928 ----a-w c:\windows\system32\dllcache\qdv.dll
+ 2004-07-09 09:27:28 470,528 ----a-w c:\windows\system32\dllcache\qdvd.dll
+ 2002-12-12 05:14:32 1,798,144 ----a-w c:\windows\system32\dllcache\qedit.dll
+ 2002-12-12 05:14:32 733,184 ----a-w c:\windows\system32\dllcache\qedwipes.dll
+ 2004-07-09 09:26:40 47,104 ----a-w c:\windows\system32\dllcache\wstdecod.dll
+ 2004-07-09 09:26:38 11,392 ----a-w c:\windows\system32\drivers\bdasup.sys
+ 2004-07-09 09:26:38 15,104 ----a-w c:\windows\system32\drivers\mpe.sys
+ 2004-07-09 09:26:38 52,096 ----a-w c:\windows\system32\drivers\msdv.sys
+ 2002-12-12 05:14:32 46,592 ----a-w c:\windows\system32\dxdllreg.exe
+ 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2008-10-05 03:24:04 235,936 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-11-08 22:31:28 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-10-07 20:19:40 16,721,856 ----a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2004-07-09 09:26:40 354,816 ----a-w c:\windows\system32\psisdecd.dll
- 2007-11-30 12:19:06 18,296 ------w c:\windows\system32\spmsg.dll
+ 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll
+ 2008-09-30 21:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 21:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-15 65536]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-20 443968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-11-02 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2004-03-23 196608]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2003-09-05 184320]
"CeEKEY"="c:\program files\TOSHIBA\E-KEY\CeEKey.exe" [2005-01-21 675840]
"TPNF"="c:\program files\TOSHIBA\TouchPad\TPTray.exe" [2004-11-29 53248]
"TMESRV.EXE"="c:\program files\TOSHIBA\TME3\TMESRV31.EXE" [2004-11-22 126976]
"TMERzCtl.EXE"="c:\program files\TOSHIBA\TME3\TMERzCtl.EXE" [2004-12-17 86016]
"SmoothView"="c:\program files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2004-12-21 118784]
"HWSetup"="c:\program files\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-12-23 28672]
"TOSHIBA Accessibility"="c:\program files\TOSHIBA\Accessibility\FnKeyHook.exe" [2005-01-14 24576]
"SVPWUTIL"="c:\program files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-12-27 61440]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-03 122939]
"ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-21 58984]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2008-08-21 100056]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"V0500Mon.exe"="c:\windows\V0500Mon.exe" [2007-11-02 32768]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-28 c:\windows\agrsmmsg.exe]
"TPSMain"="TPSMain.exe" [2004-12-17 c:\windows\system32\TPSMain.exe]
"TCtryIOHook"="TCtrlIOHook.exe" [2005-01-24 c:\windows\system32\TCtrlIOHook.exe]
"TFncKy"="TFncKy.exe" [BU]
"Zooming"="ZoomingHook.exe" [2004-07-14 c:\windows\system32\ZoomingHook.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
"CFSServ.exe"="CFSServ.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2005-03-04 155648]
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-04-19 64864]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R1 TMEI3E;TMEI3E;c:\windows\system32\Drivers\TMEI3E.SYS [2004-06-16 5888]
R3 V0500Dev;Dynex 1.3MP Webcam Driver;c:\windows\system32\DRIVERS\V0500Vid.sys [2007-10-31 251264]
.
Contenu du dossier 'Tâches planifiées'

2008-08-21 c:\windows\Tasks\Rappel d'enregistrement 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-04-13 22:34]

2008-08-21 c:\windows\Tasks\Rappel d'enregistrement 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-04-13 22:34]

2008-11-08 c:\windows\Tasks\Norton AntiVirus - Analyser mon ordinateur - Stephane.job
- c:\progra~1\NORTON~1\Navw32.exe [2005-08-30 15:39]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-17 20:58:15
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-11-17 20:58:48
ComboFix-quarantined-files.txt 2008-11-18 01:58:44
ComboFix2.txt 2008-11-06 16:49:24

Avant-CF: 19 090 604 032 octets libres
Après-CF: 19,192,905,728 octets libres

356 --- E O F --- 2008-11-12 23:04:39
0
Réponse 24 / 29
jodamours Messages postés 66 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:01:09, on 2008-11-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\V0500Mon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://qc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [V0500Mon.exe] C:\WINDOWS\V0500Mon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://toshibatec.ca/
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 29
jodamours Messages postés 66 Statut Membre
 
L'ordi est beaucoup plus lente depuis que j'ai fait cela, qu'est-que je peux faire ?!?!
0
Réponse 26 / 29
totobetourne Messages postés 5677 Statut Membre 65
 
passe cela maintenant.
• Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo.
http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner

• Fermer toutes les applications
• Lancer CCLeaner
S'il n'est pas en Français cliquer sur Options, Setting, Language
et sélectionner Français
• cocher dans le menu Nettoyeur - onglet Windows :
Internet Explorer: Fichiers Internet Temporaires, Cookies
• Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
• Avancé: Vieilles données du Prefetch
• Décocher dans le menu Options - sous-menu Avancé :
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
Firefox/Mozilla: Cache Internet, Cookies
• Click sur Analyse
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur.
• Click sur Registre
• Sélectionner tout
• Click sur Chercher des erreurs (En bas)

Une fois le scan terminé sélectionner tout
• Click sur Réparer les erreurs sélectionnées
0
Réponse 27 / 29
jodamours Messages postés 66 Statut Membre
 
Je te remercies énormément !!!! le portable va beaucoup mieux ! merci !
0
Réponse 28 / 29
jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 617
 
bonjour, si vous me permettez d'intervenir il faudrait faire les mises à jour pour java et adobe reader car si les mises à jour logiciels et matériels ne sont pas faite c'est la porte ouverte au malwares de toutes sorte

mets java à jour : https://www.java.com/fr/download/manual.jsp et désinstalles l'ancienne version
ou
désinstalles ta version actuel et installes cette version http://www.commentcamarche.net/telecharger/telecharger 34055318 java runtime environment


désinstalles adobe reader car pas à jour et telecharges et installes cette version :
http://www.commentcamarche.net/telecharger/telechargement 27 acrobat reader

fais une analyse de vulnérabilité pour voir si tu n'aurais pas d'autre mises à jour à faire que nous n'avons pas vu sur hijackthis : https://www.malekal.com/tester-la-vulnerabilite-de-son-systeme-2/


0
Réponse 29 / 29
jodamours Messages postés 66 Statut Membre
 
autre que ce que tu m'as dit, y me restait juste firefox à upgrader

merci beaucoup !
0

Discussions similaires

Annuaire portable gratuit à partir d'un nom
dani26 -
Authority -

9 réponses
je voudrais localiser un portable
yoo123 -
RoiXenox -

5 réponses
Localiser un numéro de téléphone sans frais bancaire
Aurelien -
chenzi -

5 réponses
Localiser un portable gratuitement sans autorisation
zazamfg -
georges97 -

8 réponses