mamoussa

Bonjour, Je suspecte fortement ma machine d'avoir été infectée. Plus le PC tourne longtemps plus il lag. Je tourne windows 10. Quand je lance un ctrl+alt+suppr je vois brièvement CPU 98% Memory 25% (16Go RAM / i7 4770K) puis cela retombe à 5% CPU 11% MEMORY (avec uniquement la page du forum sur chrome de lancé) cependant le lag lui, ne tombe pas ! Impossible de déplacer la souris ! Au "repos" (à peine démarré la machine) window defender prends 10% de la RAM... même si j'ai subit une màj récente de mon OS, sérieux ? Cet antivirus était super léger qu'est-ce qu'il se passe ? Du "system interrupt" à tout va dans le task manager. Clairement y a une couille qui flotte ! Quelqu'un saurait m'aider svp ?

Bonjour, Voila mon problème : mon disque dur principal (2 to) est inutilisable. Sous windows : je peux browser mes fichier (tous), mais DÈS que j'ouvre, je modifie, ou déplace un fichier ... finis ! Ça plante le disque dur ne répond plus, et je dois l’éteindre pour récupérer la main. Sous linux : il ne s'affiche même pas. Du coup impossible de le traiter par antivirus, ou même de faire une analyse avec quelque logiciel que ce soit ... Je ne sais plus quoi faire !! Sachant qu'il y a 1.5to de données dessus, j'aimerais VRAIMENT pouvoir les récupérer. Merci pour votre aide

Bonjour, Mon pc est infecté, très clairement par quelque chose qui me bouffe la ram. Hier soir tout allait bien, ce matin reboot et patatra la grosse galère.. J'ai trouvé freeramXp petit logiciel qui libère le maximum de ram possible, rapide efficace. Seulement toute les 5 mins je suis obligé de purger la ram !! Il en devient même difficile de surfer sur le net. Voila donc étant un complet newbie je post mon rapport Malwarebytes et hijackthis en espérant que quelqu'un voit d'où vient le problème Hijackthis : Malwarebytes : Merci à ceux qui pourront m'aider

Il y a peut être l'antivrus de base livré avec l'ordi (et encore chui pas sur), seulement il est payant, il n'a donc jamais été actif. Il est peut être installé mais n'est jamais utilisé, en tout cas il n'apparait pas dans la barre des taches. Après une recherche dans ma liste des programmes à part MBAM (en version gratuite) et hijackthis aucun programme ne s'apparente à un antivirus.

Bonjour Voila le rapport COMBOFIX : ComboFix 10-09-30.03 - k_roelandts 01/10/2010 5:50.5.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1022.631 [GMT 2:00] Lancé depuis: c:\documents and settings\k_roelandts\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Thumbs.db . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_UacFlt -------\Legacy_USNJSVC -------\Service_UacFlt -------\Service_usnjsvc ((((((((((((((((((((((((((((( Fichiers créés du 2010-09-01 au 2010-10-01 )))))))))))))))))))))))))))))))))))) . 2010-09-30 14:18 . 2010-09-30 14:18 -------- d-----w- C:\_OTM 2010-09-30 12:41 . 2010-09-30 12:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software 2010-09-30 12:40 . 2010-09-30 12:43 -------- d-----w- c:\program files\NCH Software 2010-09-30 12:11 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll 2010-09-30 12:11 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll 2010-09-30 12:11 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll 2010-09-30 12:11 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2010-09-30 12:11 . 2010-09-14 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll 2010-09-30 12:11 . 2010-09-30 12:12 -------- d-----w- c:\program files\K-Lite Codec Pack 2010-09-28 21:57 . 1997-11-06 10:53 27648 ----a-w- c:\windows\system32\ir50_lcs.dll 2010-09-28 21:57 . 1997-08-27 07:53 391168 ----a-w- c:\windows\system32\i263_32.drv 2010-09-28 21:55 . 2010-09-28 21:55 -------- d-----w- c:\documents and settings\k_roelandts\WINDOWS 2010-09-26 14:32 . 2010-09-26 14:32 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\Malwarebytes 2010-09-26 14:31 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-26 14:31 . 2010-09-26 14:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-26 14:31 . 2010-09-26 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-26 14:31 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-26 13:13 . 2010-09-30 14:30 -------- d-----w- c:\program files\trend micro 2010-09-26 13:13 . 2010-09-26 13:13 -------- d-----w- C:\rsit 2010-09-26 12:37 . 2010-09-26 12:42 -------- d-----w- c:\windows\BDOSCAN8 2010-09-25 15:20 . 2010-09-25 15:23 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\Dev-Cpp 2010-09-25 15:20 . 2010-09-25 15:20 -------- d-----w- C:\Dev-Cpp 2010-09-25 15:18 . 2010-09-25 15:18 -------- d-----w- c:\program files\Dev Cpp 2010-09-24 10:29 . 2010-09-24 10:29 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-09-24 10:29 . 2010-09-24 10:25 185640 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\finishPlugin.dll 2010-09-24 10:29 . 2010-09-24 10:25 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll 2010-09-24 10:29 . 2010-09-24 10:25 850200 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe 2010-09-24 10:29 . 2010-02-09 20:24 530625 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe 2010-09-24 10:29 . 2010-02-09 20:23 530625 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe 2010-09-24 10:29 . 2010-09-24 10:29 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-09-24 10:29 . 2010-09-24 10:29 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe 2010-09-24 10:29 . 2010-09-24 10:29 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe 2010-09-24 10:29 . 2010-09-24 10:29 57691 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe 2010-09-24 10:26 . 2010-09-24 10:26 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe 2010-09-24 10:26 . 2010-09-24 10:26 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe 2010-09-24 10:25 . 2010-09-24 10:25 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-09-24 10:25 . 2010-09-24 10:29 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX 2010-09-22 17:44 . 2004-08-03 21:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2010-09-22 17:44 . 2004-08-03 21:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2010-09-22 17:42 . 2010-09-23 17:36 -------- d-----w- c:\documents and settings\All Users\Lx_cats 2010-09-22 17:17 . 2008-03-05 02:55 40960 ----a-w- c:\windows\system32\lxedvs.dll 2010-09-22 17:17 . 2009-12-16 16:12 438272 ----a-w- c:\windows\system32\lxedcoin.dll 2010-09-22 17:17 . 2009-11-04 13:14 157696 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxeddrpp.dll 2010-09-22 17:16 . 2008-04-30 06:32 983121 ----a-w- c:\windows\system32\lxk_gf.dll 2010-09-22 17:11 . 2009-12-09 19:34 331776 ----a-w- c:\windows\system32\LXEDinst.dll 2010-09-22 17:10 . 2010-09-22 17:17 -------- d-----w- c:\program files\Lexmark S600 Series 2010-09-22 17:10 . 2009-04-28 07:56 24064 ----a-w- c:\windows\system32\LXEDsmr.dll 2010-09-22 17:10 . 2009-02-20 08:48 299008 ----a-w- c:\windows\system32\LXEDsm.dll 2010-09-22 10:40 . 2010-09-22 10:40 53248 ----a-r- c:\documents and settings\k_roelandts\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2010-09-22 10:40 . 2010-09-22 10:40 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\Leadertech 2010-09-22 10:38 . 2010-10-01 03:58 -------- d-----w- c:\windows\system32\logishrd 2010-09-22 10:38 . 2010-09-22 10:38 -------- d-----w- c:\program files\Fichiers communs\LWS 2010-09-22 10:37 . 2010-09-22 10:43 -------- d-----w- c:\program files\Fichiers communs\LogiShrd 2010-09-21 10:11 . 2010-09-21 10:11 -------- d-----w- c:\program files\Citrix 2010-09-21 10:11 . 2010-09-21 10:11 -------- d-----w- c:\documents and settings\k_roelandts\Local Settings\Application Data\Citrix . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-30 14:13 . 2009-06-30 09:53 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\Skype 2010-09-30 13:58 . 2009-06-30 09:57 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\skypePM 2010-09-30 13:49 . 2010-07-20 23:30 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\vlc 2010-09-30 05:53 . 2007-01-20 17:30 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\DivX 2010-09-28 23:52 . 2008-01-14 12:18 -------- d-----w- c:\program files\AVG Anti-Spyware 7.5 2010-09-28 23:11 . 2008-10-31 01:11 357 -c--a-w- c:\documents and settings\k_roelandts\.cb_layout.bin 2010-09-26 13:57 . 2006-03-21 07:55 85842 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-26 13:57 . 2006-03-21 07:55 513736 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-26 12:35 . 2009-12-07 20:57 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\Pamela 2010-09-26 12:33 . 2010-09-22 17:11 -------- d-----w- c:\program files\Lexmark Toolbar 2010-09-25 11:07 . 2008-07-23 22:41 -------- d-----w- c:\documents and settings\k_roelandts\Application Data\dvdcss 2010-09-24 10:29 . 2010-02-09 20:22 -------- d-----w- c:\program files\Fichiers communs\DivX Shared 2010-09-24 10:29 . 2007-01-20 16:19 -------- d-----w- c:\program files\DivX 2010-09-24 10:27 . 2010-09-24 10:27 84063 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe 2010-09-24 10:27 . 2010-09-24 10:27 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-09-23 17:37 . 2010-09-22 17:15 -------- d-----w- c:\program files\Abbyy FineReader 6.0 Sprint 2010-09-22 17:16 . 2010-09-22 17:11 -------- d-----w- c:\program files\Lexmark 2010-09-22 17:11 . 2010-09-22 17:11 -------- d-----w- c:\program files\Lexmark Fax Solutions 2010-09-22 17:11 . 2010-09-22 17:11 -------- d-----w- c:\program files\Lexmark Printable Web 2010-09-22 10:40 . 2010-03-02 18:10 -------- d-----w- c:\program files\Logitech 2010-09-22 10:38 . 2010-03-02 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech 2010-09-22 10:37 . 2006-03-21 09:35 -------- d-----w- c:\program files\Common Files 2010-09-21 11:05 . 2008-09-08 19:13 -------- d-----w- c:\program files\Mozilla Thunderbird 2010-09-08 20:59 . 2010-05-04 23:38 -------- d-----w- c:\program files\JDownloader 2010-08-27 09:32 . 2010-08-27 09:32 503808 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6bf653cd-n\msvcp71.dll 2010-08-27 09:32 . 2010-08-27 09:32 499712 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6bf653cd-n\jmc.dll 2010-08-27 09:32 . 2010-08-27 09:32 348160 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6bf653cd-n\msvcr71.dll 2010-08-27 09:32 . 2010-08-27 09:32 61440 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4a751ae7-n\decora-sse.dll 2010-08-27 09:32 . 2010-08-27 09:32 12800 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4a751ae7-n\decora-d3d.dll 2010-08-24 07:58 . 2009-03-14 06:59 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-08-12 04:07 . 2010-09-24 10:27 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys 2010-08-12 04:07 . 2010-09-24 10:27 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys 2010-08-12 04:07 . 2010-09-24 10:27 133616 ------w- c:\windows\system32\pxafs.dll 2010-08-12 04:07 . 2006-03-21 09:49 126448 ------w- c:\windows\system32\pxinsi64.exe 2010-08-12 04:07 . 2006-03-21 09:49 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-08-12 04:07 . 2005-03-29 01:03 45648 ------w- c:\windows\system32\drivers\pxhelp20.sys 2010-08-06 16:46 . 2010-08-06 16:46 503808 ----a-w- c:\documents and settings\k_roelandts\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-21aec2fd-n\msvcp71.dll 2010-08-06 16:46 . 2010-08-06 16:46 499712 ----a-w- c:\documents and settings\k_roelandts\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-21aec2fd-n\jmc.dll 2010-08-06 16:46 . 2010-08-06 16:46 348160 ----a-w- c:\documents and settings\k_roelandts\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-21aec2fd-n\msvcr71.dll 2010-08-06 16:45 . 2010-08-06 16:45 61440 ----a-w- c:\documents and settings\k_roelandts\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-25e9867f-n\decora-sse.dll 2010-08-06 16:45 . 2010-08-06 16:45 12800 ----a-w- c:\documents and settings\k_roelandts\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-25e9867f-n\decora-d3d.dll 2010-07-09 09:32 . 2010-07-09 09:32 503808 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-40291a67-n\msvcp71.dll 2010-07-09 09:32 . 2010-07-09 09:32 499712 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-40291a67-n\jmc.dll 2010-07-09 09:32 . 2010-07-09 09:32 348160 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-40291a67-n\msvcr71.dll 2010-07-09 09:32 . 2010-07-09 09:32 61440 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-199f1de8-n\decora-sse.dll 2010-07-09 09:32 . 2010-07-09 09:32 12800 ----a-w- c:\documents and settings\Invité\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-199f1de8-n\decora-d3d.dll 2005-09-28 09:56 . 2006-05-28 15:08 185856 -c--a-w- c:\program files\7za.exe 2008-03-08 18:27 . 2008-01-12 10:37 22878496 -csha-w- c:\windows\system32\drivers\fidbox.dat 2008-03-08 18:27 . 2008-01-12 10:37 209952 -csha-w- c:\windows\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-02-16 7557120] "nwiz"="nwiz.exe" [2006-02-16 1519616] "NDSTray.exe"="NDSTray.exe" [bU] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-01-11 600896] "ehTray"="c:\windows\ehome\ehtray.exe" [2008-01-11 59392] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208] "lxedmon.exe"="c:\program files\Lexmark S600 Series\lxedmon.exe" [2010-01-18 770728] "EzPrint"="c:\program files\Lexmark S600 Series\ezprint.exe" [2010-01-18 139944] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360] c:\documents and settings\k_roelandts\Menu D‚marrer\Programmes\D‚marrage\ Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080] Logitech . Enregistrement du produit.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-3-2 692224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Monitor.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Bluetooth Monitor.lnk backup=c:\windows\pss\Bluetooth Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WD Backup Monitor.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\WD Backup Monitor.lnk backup=c:\windows\pss\WD Backup Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^k_roelandts^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] path=c:\documents and settings\k_roelandts\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-01-03 13:54 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-09-01 06:39 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] 2005-12-29 21:21 61952 ----a-w- c:\windows\system32\CHDAudPropShortcut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-02-15 16:07 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2007-01-19 11:55 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 21:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-06-02 09:56 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] 2005-10-26 14:17 159744 -c--a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager] 2007-05-22 15:16 339968 ----a-w- c:\windows\system32\WDBtnMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SPBBCSvc"=3 (0x3) "SNDSrvc"=3 (0x3) "ccSetMgr"=2 (0x2) "ccProxy"=2 (0x2) "ccISPwdSvc"=3 (0x3) "ccEvtMgr"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\games\\Webtarot\\webtarot.exe"= "c:\\Program Files\\games\\need for speed\\nfsc.exe"= "c:\\Program Files\\games\\TrackMania Nations ESWC\\TmNationsESWC.exe"= "c:\\Program Files\\games\\dawn of war\\W40k.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\WINDOWS\\system32\\lxedcoms.exe"= "c:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "4662:TCP"= 4662:TCP:tcp mule "4672:UDP"= 4672:UDP:udp mule [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowOutboundPacketTooBig"= 1 (0x1) R2 lxed_device;lxed_device;c:\windows\system32\lxedcoms.exe -service --> c:\windows\system32\lxedcoms.exe -service [?] R3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [14/05/2010 23:58 20704] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [21/03/2006 11:35 7040] S1 hidfltr;HID Filter Driver;c:\windows\system32\drivers\MWhid.sys [03/11/2004 12:20 13332] S2 lxedCATSCustConnectService;lxedCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxedserv.exe [22/09/2010 19:17 98984] S3 fbxusb;Carte réseau virtuelle FreeBox USB;c:\windows\system32\drivers\fbxusb32.sys [26/04/2007 20:55 21344] S3 o1394bul;o1394bul;\??\c:\docume~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys --> c:\docume~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys [?] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [03/01/2008 18:30 715248] . Contenu du dossier 'Tâches planifiées' 2010-09-30 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:34] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.zebulon.fr/scan8/oscan8.cab FF - ProfilePath - c:\documents and settings\k_roelandts\Application Data\Mozilla\Firefox\Profiles\puwkhqcd.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/webhp?hl=fr&client=firefox-a&rls=org.mozilla:fr:official&hs=Tfk&btnG=Rechercher&lr=lang_fr FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll FF - plugin: c:\program files\VLC\npvlc.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHELINS SUPPRIMES - - - - MSConfigStartUp-!AVG Anti-Spyware - c:\program files\AVG Anti-Spyware 7.5\avgas.exe MSConfigStartUp-AVP - c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe MSConfigStartUp-IS CfgWiz - c:\program files\Norton Internet Security\cfgwiz.exe AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-10-01 05:58 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-3435299865-1074412838-1320528033-1005\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(5596) c:\windows\system32\logishrd\LVPrcInj01.dll c:\windows\system32\nview.dll c:\windows\system32\NVWRSFR.DLL c:\program files\Logitech\SetPoint\lgscroll.dll c:\windows\system32\nvwddi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe c:\windows\system32\lxedcoms.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\system32\wscntfy.exe c:\program files\TOSHIBA\ConfigFree\NDSTray.exe c:\windows\system32\rundll32.exe c:\windows\eHome\ehmsas.exe c:\program files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE c:\program files\Logitech\LWS\LU\LULnchr.exe c:\program files\Logitech\LWS\LU\LogitechUpdate.exe . ************************************************************************** . Heure de fin: 2010-10-01 06:06:51 - La machine a redémarré ComboFix-quarantined-files.txt 2010-10-01 04:06 Avant-CF: 40 103 473 152 octets libres Après-CF: 39 986 262 016 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect - - End Of File - - 2EFDE922411E09A71B76DCA52F0A1D2F Merci a toi, bonne journée

Salut, je n'ai pas pu faire la manip hier car trop de boulot ! Je l'ai fait aujourd'hui tout c'est passé correctement. Voici les rapports : Rapport OTM All processes killed ========== FILES ========== File/Folder C:\WINDOWS\system32\drivers\glowhfj.sys not found. File/Folder C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Invité ->Temp folder emptied: 18581 bytes ->Temporary Internet Files folder emptied: 19116393 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 348 bytes User: InvitÚ ->Temp folder emptied: 0 bytes User: k_roelandts ->Temp folder emptied: 1082473085 bytes ->Temporary Internet Files folder emptied: 248198597 bytes ->Java cache emptied: 146699692 bytes ->FireFox cache emptied: 111697105 bytes ->Apple Safari cache emptied: 588800 bytes ->Flash cache emptied: 2003288 bytes User: LocalService ->Temp folder emptied: 65716 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 5675520 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 33848068 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64743572 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 5347897072 bytes Total Files Cleaned = 6 736,00 mb OTM by OldTimer - Version 3.1.16.1 log created on 09302010_161819 Files moved on Reboot... Registry entries deleted on Reboot... Rapport MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4698 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 30/09/2010 16:42:46 mbam-log-2010-09-30 (16-42-46).txt Type d'examen: Examen rapide Elément(s) analysé(s): 162813 Temps écoulé: 7 minute(s), 56 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Rapport RSIT : Logfile of random's system information tool 1.08 (written by random/random) Run by k_roelandts at 2010-09-30 16:30:40 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 38 GB (20%) free of 191 GB Total RAM: 1022 MB (49% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:30:49, on 30/09/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\lxedcoms.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Lexmark S600 Series\lxedmon.exe C:\Program Files\Lexmark S600 Series\ezprint.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Logitech\LWS\LU\LULnchr.exe C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe C:\Documents and Settings\k_roelandts\Bureau\RSIT.exe C:\Program Files\trend micro\k_roelandts.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [lxedmon.exe] "C:\Program Files\Lexmark S600 Series\lxedmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S600 Series\ezprint.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Ereg\eReg.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxedCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe O23 - Service: lxed_device - - C:\WINDOWS\system32\lxedcoms.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10018 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}] Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-06-02 1082880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}] Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22 180224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120] "nwiz"=nwiz.exe /installquiet [] "NDSTray.exe"=NDSTray.exe [] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-01-11 600896] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2008-01-11 59392] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080] "LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208] "lxedmon.exe"=C:\Program Files\Lexmark S600 Series\lxedmon.exe [2010-01-18 770728] "EzPrint"=C:\Program Files\Lexmark S600 Series\ezprint.exe [2010-01-18 139944] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe /minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-03 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE REBOOT [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-06-02 24264488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager] C:\WINDOWS\system32\WDBtnMgr.exe [2007-05-22 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Monitor.lnk] C:\PROGRA~1\TOSHIBA\BLUETO~2\BtMon2.exe [2004-11-10 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WD Backup Monitor.lnk] C:\PROGRA~1\MYBOOK~1\WDBACK~1\UBBMON~1.EXE [2006-01-22 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^k_roelandts^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SPBBCSvc"=3 "SNDSrvc"=3 "ccSetMgr"=2 "ccProxy"=2 "ccISPwdSvc"=3 "ccEvtMgr"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Démarrage Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE Logitech . Enregistrement du produit.lnk - C:\Program Files\Logitech\Ereg\eReg.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-10 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=255 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\games\Webtarot\webtarot.exe"="C:\Program Files\games\Webtarot\webtarot.exe:*:Enabled:WebTarot" "C:\Program Files\games\need for speed\nfsc.exe"="C:\Program Files\games\need for speed\nfsc.exe:*:Disabled:nfsc" "C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\games\dawn of war\W40k.exe"="C:\Program Files\games\dawn of war\W40k.exe:*:Disabled:W40K" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMuleMorphXT" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe"="C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe:*:Enabled:Pamela for Skype" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player" "C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify" "C:\WINDOWS\system32\lxedcoms.exe"="C:\WINDOWS\system32\lxedcoms.exe:*:Enabled:Lexmark Communications System" "C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" ======List of files/folders created in the last 1 months====== 2010-09-30 16:18:19 ----D---- C:\_OTM 2010-09-30 14:41:18 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software 2010-09-30 14:40:06 ----D---- C:\Program Files\NCH Software 2010-09-30 14:11:47 ----A---- C:\WINDOWS\system32\unrar.dll 2010-09-30 14:11:46 ----A---- C:\WINDOWS\avisplitter.ini 2010-09-30 14:11:45 ----A---- C:\WINDOWS\system32\yv12vfw.dll 2010-09-30 14:11:45 ----A---- C:\WINDOWS\system32\xvidvfw.dll 2010-09-30 14:11:45 ----A---- C:\WINDOWS\system32\xvidcore.dll 2010-09-30 14:11:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest 2010-09-30 14:11:44 ----A---- C:\WINDOWS\system32\ff_vfw.dll 2010-09-30 14:11:41 ----D---- C:\Program Files\K-Lite Codec Pack 2010-09-28 23:57:54 ----A---- C:\WINDOWS\system32\ir50_lcs.dll 2010-09-26 16:32:10 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Malwarebytes 2010-09-26 16:31:52 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-09-26 16:31:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-09-26 16:31:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-09-26 16:31:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-09-26 15:52:23 ----ASH---- C:\hiberfil.sys 2010-09-26 15:13:24 ----D---- C:\Program Files\trend micro 2010-09-26 15:13:16 ----D---- C:\rsit 2010-09-26 14:37:40 ----D---- C:\WINDOWS\BDOSCAN8 2010-09-26 14:34:39 ----SHD---- C:\Config.Msi 2010-09-25 17:20:32 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Dev-Cpp 2010-09-25 17:20:00 ----D---- C:\Dev-Cpp 2010-09-25 17:18:28 ----D---- C:\Program Files\Dev Cpp 2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys 2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxsfs.dll 2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxafs.dll 2010-09-24 12:25:13 ----D---- C:\Documents and Settings\All Users\Application Data\DivX 2010-09-22 19:44:55 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys 2010-09-22 19:17:15 ----A---- C:\WINDOWS\system32\lxedvs.dll 2010-09-22 19:17:09 ----A---- C:\WINDOWS\system32\lxedcoin.dll 2010-09-22 19:16:55 ----A---- C:\WINDOWS\system32\lxk_gf.dll 2010-09-22 19:16:54 ----A---- C:\WINDOWS\system32\lxedgcfg.dll 2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcuir.dll 2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcui.dll 2010-09-22 19:16:35 ----A---- C:\WINDOWS\system32\wiafbdrv.dll 2010-09-22 19:15:14 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint 2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.exe 2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.dll 2010-09-22 19:11:59 ----D---- C:\Program Files\Lexmark Toolbar 2010-09-22 19:11:50 ----D---- C:\Program Files\Lexmark Fax Solutions 2010-09-22 19:11:48 ----D---- C:\Program Files\Lexmark Printable Web 2010-09-22 19:11:30 ----AH---- C:\WINDOWS\system32\lxedrwrd.ini 2010-09-22 19:11:30 ----A---- C:\WINDOWS\system32\NativeCall.dll 2010-09-22 19:11:29 ----D---- C:\Program Files\Lexmark 2010-09-22 19:11:17 ----A---- C:\WINDOWS\system32\LXEDinst.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedusb1.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedinpa.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxediesc.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\LXEDhcp.dll 2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedserv.dll 2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedpmui.dll 2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedlmpm.dll 2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedjswr.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsr.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsb.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedins.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedih.exe 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedhbn3.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedgrd.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcur.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcub.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcu.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcoms.exe 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomm.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomc.dll 2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\lxedcfg.exe 2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\LXEDcfg.dll 2010-09-22 19:10:18 ----D---- C:\Program Files\Lexmark S600 Series 2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsmr.dll 2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsm.dll 2010-09-22 12:40:59 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Leadertech 2010-09-22 12:38:45 ----D---- C:\WINDOWS\system32\logishrd 2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs\LWS 2010-09-22 12:37:06 ----D---- C:\Program Files\Fichiers communs\LogiShrd 2010-09-21 12:11:40 ----D---- C:\Program Files\Citrix ======List of files/folders modified in the last 1 months====== 2010-09-30 16:30:49 ----D---- C:\WINDOWS\Prefetch 2010-09-30 16:27:30 ----D---- C:\WINDOWS 2010-09-30 16:27:27 ----D---- C:\WINDOWS\TEMP 2010-09-30 16:26:35 ----D---- C:\WINDOWS\Registration 2010-09-30 16:24:32 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-30 16:23:57 ----D---- C:\WINDOWS\system32 2010-09-30 16:13:55 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Skype 2010-09-30 15:58:32 ----D---- C:\Documents and Settings\k_roelandts\Application Data\skypePM 2010-09-30 15:49:30 ----D---- C:\Documents and Settings\k_roelandts\Application Data\vlc 2010-09-30 14:40:06 ----D---- C:\Program Files 2010-09-30 07:53:56 ----D---- C:\Documents and Settings\k_roelandts\Application Data\DivX 2010-09-30 07:53:01 ----D---- C:\WINDOWS\Help 2010-09-29 01:52:54 ----D---- C:\Program Files\AVG Anti-Spyware 7.5 2010-09-29 01:51:58 ----D---- C:\WINDOWS\system32\drivers 2010-09-26 16:50:55 ----RSD---- C:\WINDOWS\Fonts 2010-09-26 15:57:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-26 15:54:01 ----RASH---- C:\boot.ini 2010-09-26 15:54:01 ----A---- C:\WINDOWS\win.ini 2010-09-26 15:54:01 ----A---- C:\WINDOWS\system.ini 2010-09-26 15:44:50 ----AC---- C:\WINDOWS\ntbtlog.txt 2010-09-26 14:37:44 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-26 14:37:40 ----HD---- C:\WINDOWS\inf 2010-09-26 14:37:38 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-26 14:35:42 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Pamela 2010-09-26 14:34:49 ----SHD---- C:\WINDOWS\Installer 2010-09-25 13:07:18 ----D---- C:\Documents and Settings\k_roelandts\Application Data\dvdcss 2010-09-24 12:29:26 ----D---- C:\Program Files\Fichiers communs\DivX Shared 2010-09-24 12:29:26 ----D---- C:\Program Files\DivX 2010-09-23 19:35:54 ----D---- C:\Program Files\Mozilla Firefox 2010-09-22 19:45:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-22 19:16:41 ----D---- C:\WINDOWS\twain_32 2010-09-22 12:40:58 ----D---- C:\Program Files\Logitech 2010-09-22 12:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs 2010-09-22 12:37:45 ----D---- C:\Program Files\Common Files 2010-09-21 13:05:05 ----D---- C:\Program Files\Mozilla Thunderbird 2010-09-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-08 22:59:45 ----D---- C:\Program Files\JDownloader ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264] R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-10 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-03 715248] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-12-25 21275] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568] R2 UacFlt;Philips Composite Class Filter Driver; C:\WINDOWS\system32\DRIVERS\uacbflt.sys [2002-06-14 21276] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504] R3 CompFilter;UVCCompositeFilter; C:\WINDOWS\system32\DRIVERS\lvbusflt.sys [2010-05-14 20704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824] R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448] R3 LVUVC;Logitech HD Webcam C510(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872] R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332] S3 anf7p337;anf7p337; C:\WINDOWS\system32\drivers\anf7p337.sys [] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200] S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] S3 o1394bul;o1394bul; \??\C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys [] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-06-30 21760] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2006-01-17 15744] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288] S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336] S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064] S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408] S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648] R2 lxed_device;lxed_device; C:\WINDOWS\system32\lxedcoms.exe [2010-01-07 598696] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-12 66872] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 lxedCATSCustConnectService;lxedCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe [2010-01-07 98984] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-27 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- J'ai surligné la ligne où il y avait "o1394" dans le rapport RSIT. On est bon ce coup-ci ? lol

Bonsoir, le rapport MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4698 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 28/09/2010 16:36:22 mbam-log-2010-09-28 (16-36-22).txt Type d'examen: Examen rapide Elément(s) analysé(s): 172945 Temps écoulé: 16 minute(s), 17 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ************************************************************************************************************************************************************************************ Le rapport RSIT : Logfile of random's system information tool 1.08 (written by random/random) Run by k_roelandts at 2010-09-28 16:37:22 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 15 GB (8%) free of 191 GB Total RAM: 1022 MB (38% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:37:28, on 28/09/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\lxedcoms.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Lexmark S600 Series\lxedmon.exe C:\Program Files\Lexmark S600 Series\ezprint.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Logitech\LWS\LU\LULnchr.exe C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\k_roelandts\Bureau\RSIT.exe C:\Program Files\trend micro\k_roelandts.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [lxedmon.exe] "C:\Program Files\Lexmark S600 Series\lxedmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S600 Series\ezprint.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Ereg\eReg.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxedCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe O23 - Service: lxed_device - - C:\WINDOWS\system32\lxedcoms.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10350 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}] Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-06-02 1082880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}] Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22 180224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120] "nwiz"=nwiz.exe /installquiet [] "NDSTray.exe"=NDSTray.exe [] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-01-11 600896] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2008-01-11 59392] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080] "LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208] "lxedmon.exe"=C:\Program Files\Lexmark S600 Series\lxedmon.exe [2010-01-18 770728] "EzPrint"=C:\Program Files\Lexmark S600 Series\ezprint.exe [2010-01-18 139944] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe /minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-03 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE REBOOT [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-06-02 24264488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager] C:\WINDOWS\system32\WDBtnMgr.exe [2007-05-22 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Monitor.lnk] C:\PROGRA~1\TOSHIBA\BLUETO~2\BtMon2.exe [2004-11-10 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WD Backup Monitor.lnk] C:\PROGRA~1\MYBOOK~1\WDBACK~1\UBBMON~1.EXE [2006-01-22 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^k_roelandts^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SPBBCSvc"=3 "SNDSrvc"=3 "ccSetMgr"=2 "ccProxy"=2 "ccISPwdSvc"=3 "ccEvtMgr"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Démarrage Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE Logitech . Enregistrement du produit.lnk - C:\Program Files\Logitech\Ereg\eReg.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-10 240128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=255 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\games\Webtarot\webtarot.exe"="C:\Program Files\games\Webtarot\webtarot.exe:*:Enabled:WebTarot" "C:\Program Files\games\need for speed\nfsc.exe"="C:\Program Files\games\need for speed\nfsc.exe:*:Disabled:nfsc" "C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\games\dawn of war\W40k.exe"="C:\Program Files\games\dawn of war\W40k.exe:*:Disabled:W40K" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMuleMorphXT" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe"="C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe:*:Enabled:Pamela for Skype" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary" "C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player" "C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify" "C:\WINDOWS\system32\lxedcoms.exe"="C:\WINDOWS\system32\lxedcoms.exe:*:Enabled:Lexmark Communications System" "C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" ======List of files/folders created in the last 1 months====== 2010-09-26 19:20:43 ----A---- C:\WINDOWS\system32\drivers\glowhfj.sys 2010-09-26 16:32:10 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Malwarebytes 2010-09-26 16:31:52 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-09-26 16:31:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-09-26 16:31:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-09-26 16:31:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-09-26 15:52:23 ----ASH---- C:\hiberfil.sys 2010-09-26 15:13:24 ----D---- C:\Program Files\trend micro 2010-09-26 15:13:16 ----D---- C:\rsit 2010-09-26 14:37:40 ----D---- C:\WINDOWS\BDOSCAN8 2010-09-26 14:34:39 ----SHD---- C:\Config.Msi 2010-09-25 17:20:32 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Dev-Cpp 2010-09-25 17:20:00 ----D---- C:\Dev-Cpp 2010-09-25 17:18:28 ----D---- C:\Program Files\Dev Cpp 2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys 2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxsfs.dll 2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxafs.dll 2010-09-24 12:25:13 ----D---- C:\Documents and Settings\All Users\Application Data\DivX 2010-09-22 19:44:55 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys 2010-09-22 19:17:15 ----A---- C:\WINDOWS\system32\lxedvs.dll 2010-09-22 19:17:09 ----A---- C:\WINDOWS\system32\lxedcoin.dll 2010-09-22 19:16:55 ----A---- C:\WINDOWS\system32\lxk_gf.dll 2010-09-22 19:16:54 ----A---- C:\WINDOWS\system32\lxedgcfg.dll 2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcuir.dll 2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcui.dll 2010-09-22 19:16:35 ----A---- C:\WINDOWS\system32\wiafbdrv.dll 2010-09-22 19:15:14 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint 2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.exe 2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.dll 2010-09-22 19:11:59 ----D---- C:\Program Files\Lexmark Toolbar 2010-09-22 19:11:50 ----D---- C:\Program Files\Lexmark Fax Solutions 2010-09-22 19:11:48 ----D---- C:\Program Files\Lexmark Printable Web 2010-09-22 19:11:30 ----AH---- C:\WINDOWS\system32\lxedrwrd.ini 2010-09-22 19:11:30 ----A---- C:\WINDOWS\system32\NativeCall.dll 2010-09-22 19:11:29 ----D---- C:\Program Files\Lexmark 2010-09-22 19:11:17 ----A---- C:\WINDOWS\system32\LXEDinst.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedusb1.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedinpa.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxediesc.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\LXEDhcp.dll 2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedserv.dll 2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedpmui.dll 2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedlmpm.dll 2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedjswr.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsr.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsb.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedins.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedih.exe 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedhbn3.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedgrd.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcur.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcub.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcu.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcoms.exe 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomm.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomc.dll 2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\lxedcfg.exe 2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\LXEDcfg.dll 2010-09-22 19:10:18 ----D---- C:\Program Files\Lexmark S600 Series 2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsmr.dll 2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsm.dll 2010-09-22 12:40:59 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Leadertech 2010-09-22 12:38:45 ----D---- C:\WINDOWS\system32\logishrd 2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs\LWS 2010-09-22 12:37:06 ----D---- C:\Program Files\Fichiers communs\LogiShrd 2010-09-21 12:11:40 ----D---- C:\Program Files\Citrix ======List of files/folders modified in the last 1 months====== 2010-09-28 16:24:18 ----D---- C:\Documents and Settings\k_roelandts\Application Data\vlc 2010-09-27 21:45:45 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Skype 2010-09-27 20:38:35 ----D---- C:\WINDOWS\Prefetch 2010-09-27 18:48:47 ----D---- C:\Documents and Settings\k_roelandts\Application Data\skypePM 2010-09-26 19:21:58 ----D---- C:\Program Files\AVG Anti-Spyware 7.5 2010-09-26 19:21:57 ----D---- C:\WINDOWS\system32\drivers 2010-09-26 16:52:25 ----D---- C:\WINDOWS\TEMP 2010-09-26 16:52:08 ----D---- C:\WINDOWS\Registration 2010-09-26 16:52:05 ----D---- C:\WINDOWS 2010-09-26 16:50:55 ----RSD---- C:\WINDOWS\Fonts 2010-09-26 16:50:12 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-26 16:31:51 ----D---- C:\Program Files 2010-09-26 15:57:17 ----D---- C:\WINDOWS\system32 2010-09-26 15:57:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-26 15:54:01 ----RASH---- C:\boot.ini 2010-09-26 15:54:01 ----A---- C:\WINDOWS\win.ini 2010-09-26 15:54:01 ----A---- C:\WINDOWS\system.ini 2010-09-26 15:44:50 ----AC---- C:\WINDOWS\ntbtlog.txt 2010-09-26 14:37:44 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-26 14:37:40 ----HD---- C:\WINDOWS\inf 2010-09-26 14:37:38 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-26 14:35:42 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Pamela 2010-09-26 14:34:49 ----SHD---- C:\WINDOWS\Installer 2010-09-24 12:29:26 ----D---- C:\Program Files\Fichiers communs\DivX Shared 2010-09-24 12:29:26 ----D---- C:\Program Files\DivX 2010-09-23 19:35:54 ----D---- C:\Program Files\Mozilla Firefox 2010-09-22 19:45:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-22 19:16:41 ----D---- C:\WINDOWS\twain_32 2010-09-22 12:40:58 ----D---- C:\Program Files\Logitech 2010-09-22 12:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs 2010-09-22 12:37:45 ----D---- C:\Program Files\Common Files 2010-09-21 13:05:05 ----D---- C:\Program Files\Mozilla Thunderbird 2010-09-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-08 22:59:45 ----D---- C:\Program Files\JDownloader ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264] R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-10 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-03 715248] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-12-25 21275] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568] R2 UacFlt;Philips Composite Class Filter Driver; C:\WINDOWS\system32\DRIVERS\uacbflt.sys [2002-06-14 21276] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504] R3 CompFilter;UVCCompositeFilter; C:\WINDOWS\system32\DRIVERS\lvbusflt.sys [2010-05-14 20704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824] R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448] R3 LVUVC;Logitech HD Webcam C510(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872] R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] R4 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\AVG Anti-Spyware 7.5\guard.sys [] R4 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [] S0 lthbbcfh;lthbbcfh; C:\WINDOWS\System32\drivers\glowhfj.sys [2010-09-26 54016] S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332] S3 a7fb188c;a7fb188c; C:\WINDOWS\system32\drivers\a7fb188c.sys [] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200] S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] S3 o1394bul;o1394bul; \??\C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys [] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-06-30 21760] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2006-01-17 15744] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288] S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336] S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064] S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408] S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648] R2 lxed_device;lxed_device; C:\WINDOWS\system32\lxedcoms.exe [2010-01-07 598696] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-12 66872] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 lxedCATSCustConnectService;lxedCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe [2010-01-07 98984] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-27 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- ************************************************************************************************************************************************************************************ Voila ! A propos de l'antivirus ? Que penses-tu de G-data ? A vrai dire je n'active pas mon pare feu, et je n'ai jamais eu d'antivirus sur cet ordi, mais en 5-6 ans je n'ai eu que 2 attaques !! (Chanceux ?) Merci a toi [edit] j'ai peut être mal joué en désinstallant AVG : j'ai aussi supprimé les fichiers en quarantaine ... Mauvais choix ? : /

Bonsoir Manip effectuée. Ca a l'air d'aller, tu as besoin d'un nouveau rapport RSIT MBAM ?

Merci de ta réponse J'ai supprimé AVG Je ne comprend pas comment installer/utiliser l'outil proposé (... je parais stupide mais je suis allé sur la page et ... rien) Quel antivirus me conseillerais-tu ? G-data semble correct, qu'en penses-tu ?

J'ai redémarré en mode sans echec Supprimé le fichier .exe situé dans local setting/app data/3256898.exe et redémarré une nouvelle fois Security tool semble avoir disparu ! J'ai de nouveau accès à tout (me semble t il) J'ai refait un diagnostic RSIT sur les fichiers modifié depuis 1 mois Voila ce que ça donne : Logfile of random's system information tool 1.08 (written by random/random) Run by k_roelandts at 2010-09-26 15:55:38 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 12 GB (6%) free of 191 GB Total RAM: 1022 MB (50% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:55:43, on 26/09/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\lxedcoms.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Lexmark S600 Series\lxedmon.exe C:\Program Files\Lexmark S600 Series\ezprint.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Logitech\LWS\LU\LULnchr.exe C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe C:\Documents and Settings\k_roelandts\Bureau\RSIT.exe C:\Program Files\trend micro\k_roelandts.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [lxedmon.exe] "C:\Program Files\Lexmark S600 Series\lxedmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark S600 Series\ezprint.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Ereg\eReg.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: lxedCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe O23 - Service: lxed_device - - C:\WINDOWS\system32\lxedcoms.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10356 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}] Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-06-02 1082880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-10-06 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}] Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-05-22 180224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Barre d'outils - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-16 7557120] "nwiz"=nwiz.exe /installquiet [] "NDSTray.exe"=NDSTray.exe [] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-01-11 600896] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2008-01-11 59392] "Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080] "LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208] "lxedmon.exe"=C:\Program Files\Lexmark S600 Series\lxedmon.exe [2010-01-18 770728] "EzPrint"=C:\Program Files\Lexmark S600 Series\ezprint.exe [2010-01-18 139944] "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-10 160768] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-03 486856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\CHDAudPropShortcut.exe [2005-12-29 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE REBOOT [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-06-02 24264488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Button Manager] C:\WINDOWS\system32\WDBtnMgr.exe [2007-05-22 339968] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Monitor.lnk] C:\PROGRA~1\TOSHIBA\BLUETO~2\BtMon2.exe [2004-11-10 65536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk] C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WD Backup Monitor.lnk] C:\PROGRA~1\MYBOOK~1\WDBACK~1\UBBMON~1.EXE [2006-01-22 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^k_roelandts^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk] C:\PROGRA~1\FICHIE~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SPBBCSvc"=3 "SNDSrvc"=3 "ccSetMgr"=2 "ccProxy"=2 "ccISPwdSvc"=3 "ccEvtMgr"=2 C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Démarrage Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE Logitech . Enregistrement du produit.lnk - C:\Program Files\Logitech\Ereg\eReg.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-11-04 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-10 240128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=0xFFFFFFFF [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=255 "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\games\Webtarot\webtarot.exe"="C:\Program Files\games\Webtarot\webtarot.exe:*:Enabled:WebTarot" "C:\Program Files\games\need for speed\nfsc.exe"="C:\Program Files\games\need for speed\nfsc.exe:*:Disabled:nfsc" "C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC" "C:\Program Files\games\dawn of war\W40k.exe"="C:\Program Files\games\dawn of war\W40k.exe:*:Disabled:W40K" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMuleMorphXT" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe"="C:\Program Files\Skype\pamela vid recorder\Pamela\Pamela.exe:*:Enabled:Pamela for Skype" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary" "C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player" "C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify" "C:\WINDOWS\system32\lxedcoms.exe"="C:\WINDOWS\system32\lxedcoms.exe:*:Enabled:Lexmark Communications System" "C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" ======List of files/folders created in the last 1 months====== 2010-09-26 15:52:23 ----ASH---- C:\hiberfil.sys 2010-09-26 15:13:24 ----D---- C:\Program Files\trend micro 2010-09-26 15:13:16 ----D---- C:\rsit 2010-09-26 14:37:40 ----D---- C:\WINDOWS\BDOSCAN8 2010-09-26 14:34:39 ----SHD---- C:\Config.Msi 2010-09-25 17:20:32 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Dev-Cpp 2010-09-25 17:20:00 ----D---- C:\Dev-Cpp 2010-09-25 17:18:28 ----D---- C:\Program Files\Dev Cpp 2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys 2010-09-24 12:27:40 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxsfs.dll 2010-09-24 12:27:39 ----N---- C:\WINDOWS\system32\pxafs.dll 2010-09-24 12:25:13 ----D---- C:\Documents and Settings\All Users\Application Data\DivX 2010-09-22 19:44:55 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys 2010-09-22 19:17:15 ----A---- C:\WINDOWS\system32\lxedvs.dll 2010-09-22 19:17:09 ----A---- C:\WINDOWS\system32\lxedcoin.dll 2010-09-22 19:16:55 ----A---- C:\WINDOWS\system32\lxk_gf.dll 2010-09-22 19:16:54 ----A---- C:\WINDOWS\system32\lxedgcfg.dll 2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcuir.dll 2010-09-22 19:16:52 ----A---- C:\WINDOWS\system32\lxedcui.dll 2010-09-22 19:16:35 ----A---- C:\WINDOWS\system32\wiafbdrv.dll 2010-09-22 19:15:14 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint 2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.exe 2010-09-22 19:14:33 ----A---- C:\WINDOWS\system32\LXEDwupd.dll 2010-09-22 19:11:59 ----D---- C:\Program Files\Lexmark Toolbar 2010-09-22 19:11:50 ----D---- C:\Program Files\Lexmark Fax Solutions 2010-09-22 19:11:48 ----D---- C:\Program Files\Lexmark Printable Web 2010-09-22 19:11:30 ----AH---- C:\WINDOWS\system32\lxedrwrd.ini 2010-09-22 19:11:30 ----A---- C:\WINDOWS\system32\NativeCall.dll 2010-09-22 19:11:29 ----D---- C:\Program Files\Lexmark 2010-09-22 19:11:17 ----A---- C:\WINDOWS\system32\LXEDinst.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedusb1.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxedinpa.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\lxediesc.dll 2010-09-22 19:11:16 ----A---- C:\WINDOWS\system32\LXEDhcp.dll 2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedserv.dll 2010-09-22 19:11:15 ----A---- C:\WINDOWS\system32\lxedpmui.dll 2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedlmpm.dll 2010-09-22 19:11:14 ----A---- C:\WINDOWS\system32\lxedjswr.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsr.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedinsb.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedins.dll 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedih.exe 2010-09-22 19:11:13 ----A---- C:\WINDOWS\system32\lxedhbn3.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedgrd.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcur.dll 2010-09-22 19:11:12 ----A---- C:\WINDOWS\system32\lxedcub.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcu.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcoms.exe 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomm.dll 2010-09-22 19:11:11 ----A---- C:\WINDOWS\system32\lxedcomc.dll 2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\lxedcfg.exe 2010-09-22 19:11:10 ----A---- C:\WINDOWS\system32\LXEDcfg.dll 2010-09-22 19:10:18 ----D---- C:\Program Files\Lexmark S600 Series 2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsmr.dll 2010-09-22 19:10:17 ----A---- C:\WINDOWS\system32\LXEDsm.dll 2010-09-22 12:40:59 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Leadertech 2010-09-22 12:38:45 ----D---- C:\WINDOWS\system32\logishrd 2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs\LWS 2010-09-22 12:37:06 ----D---- C:\Program Files\Fichiers communs\LogiShrd 2010-09-21 12:11:40 ----D---- C:\Program Files\Citrix ======List of files/folders modified in the last 1 months====== 2010-09-26 15:54:01 ----RASH---- C:\boot.ini 2010-09-26 15:54:01 ----A---- C:\WINDOWS\win.ini 2010-09-26 15:54:01 ----A---- C:\WINDOWS\system.ini 2010-09-26 15:52:57 ----D---- C:\WINDOWS\TEMP 2010-09-26 15:52:51 ----D---- C:\WINDOWS\Registration 2010-09-26 15:52:47 ----D---- C:\WINDOWS 2010-09-26 15:49:27 ----D---- C:\WINDOWS\system32 2010-09-26 15:49:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-26 15:44:50 ----AC---- C:\WINDOWS\ntbtlog.txt 2010-09-26 15:34:49 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-26 15:19:01 ----D---- C:\WINDOWS\Prefetch 2010-09-26 15:13:24 ----RD---- C:\Program Files 2010-09-26 14:37:44 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-26 14:37:40 ----HD---- C:\WINDOWS\inf 2010-09-26 14:37:38 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-26 14:35:42 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Pamela 2010-09-26 14:34:49 ----SHD---- C:\WINDOWS\Installer 2010-09-26 14:29:52 ----D---- C:\Documents and Settings\k_roelandts\Application Data\vlc 2010-09-24 12:29:26 ----D---- C:\Program Files\Fichiers communs\DivX Shared 2010-09-24 12:29:26 ----D---- C:\Program Files\DivX 2010-09-24 12:27:40 ----D---- C:\WINDOWS\system32\drivers 2010-09-23 19:35:54 ----D---- C:\Program Files\Mozilla Firefox 2010-09-23 19:19:51 ----D---- C:\Documents and Settings\k_roelandts\Application Data\Skype 2010-09-23 18:42:54 ----D---- C:\Documents and Settings\k_roelandts\Application Data\skypePM 2010-09-22 19:45:01 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-22 19:16:41 ----D---- C:\WINDOWS\twain_32 2010-09-22 12:40:58 ----D---- C:\Program Files\Logitech 2010-09-22 12:38:19 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech 2010-09-22 12:38:03 ----D---- C:\Program Files\Fichiers communs 2010-09-22 12:37:45 ----D---- C:\Program Files\Common Files 2010-09-21 13:05:05 ----D---- C:\Program Files\Mozilla Thunderbird 2010-09-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-08 22:59:45 ----D---- C:\Program Files\JDownloader ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264] R0 ohci1394;Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface); C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-10 61056] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648] R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688] R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656] R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-03 715248] R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\AVG Anti-Spyware 7.5\guard.sys [] R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-12-25 21275] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-10-06 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-10-06 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-10-06 86524] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-10-06 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-10-06 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-10-06 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-10-06 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-06 12544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568] R2 UacFlt;Philips Composite Class Filter Driver; C:\WINDOWS\system32\DRIVERS\uacbflt.sys [2002-06-14 21276] R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776] R3 BoiHwsetup;Access 32bits INT15 routine; C:\WINDOWS\system32\drivers\BoiHwSetup.sys [2005-06-11 5504] R3 CompFilter;UVCCompositeFilter; C:\WINDOWS\system32\DRIVERS\lvbusflt.sys [2010-05-14 20704] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2005-12-29 561664] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-11-09 997376] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-11-09 202240] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824] R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448] R3 LVUVC;Logitech HD Webcam C510(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-16 3642944] R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368] R3 qkbfiltr;Quanta HotKey Keyboard Filter Driver; C:\WINDOWS\system32\drivers\qkbfiltr.sys [2006-01-12 31872] R3 qmofiltr;Quanta HotKey Mouse Filter Driver; C:\WINDOWS\system32\drivers\qmofiltr.sys [2005-05-05 7936] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 191968] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-05 1428096] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-11-09 723712] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 13332] S3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] S3 axtgcgj0;axtgcgj0; C:\WINDOWS\system32\drivers\axtgcgj0.sys [] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2005-09-15 179200] S3 fbxusb;Carte réseau virtuelle FreeBox USB; C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344] S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-04 1353820] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] S3 o1394bul;o1394bul; \??\C:\DOCUME~1\K_ROEL~1\LOCALS~1\Temp\o1394bul.sys [] S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-06-30 21760] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 SMCB000;SMSC CIR HID Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\hidsmsc.sys [2006-01-17 15744] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2005-09-09 9344] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 usbvideo;Périphérique vidéo USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464] S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288] S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336] S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064] S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408] S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712] R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 LVPrcSrv;Process Monitor; C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648] R2 lxed_device;lxed_device; C:\WINDOWS\system32\lxedcoms.exe [2010-01-07 598696] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-16 143426] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-05-12 66872] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164] R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 lxedCATSCustConnectService;lxedCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxedserv.exe [2010-01-07 98984] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-09-27 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Quelqu'un pour me traduire/découiller le tout ? Merci pour votre aide [edit] : J'ai téléchargé MalwareByte puis fait une analyse rapide comme préconisé. J'ai supprimé les infections (5) puis redémarré comme demandé voici le rapport : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4698 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 26/09/2010 16:49:12 mbam-log-2010-09-26 (16-49-12).txt Type d'examen: Examen rapide Elément(s) analysé(s): 173001 Temps écoulé: 14 minute(s), 53 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\RECYCLER\S-1-5-21-3435299865-1074412838-1320528033-1005\Dc444.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\k_roelandts\Local Settings\Temporary Internet Files\Content.IE5\WD0XIB45\update[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Documents and Settings\k_roelandts\Menu Démarrer\Programmes\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.

Impossible d'ouvrir mes document texte ... Voici donc mon rapport RSIT : RapidShare: 1-CLICK Web hosting - Easy Filehosting Aidez moi svp, car les choses étant bien faites j'ai un exam de programmation cette semaine, j'aurais donc besoin de mon ordi (fonctionnel !!)

Bonjour, je viens de recevoir ce logiciel jamais téléchargé Il me bloque tout les accès (pas internet pour le moment ...ouf !) Mais impossible de le bloquer par msconfig ou autres help me ! J'ai suivi un bout de tuto mais je ne px pas lancer RSIT puisque security tool le bloque ! Je redémarre en mode sans echec et je repost

OK ! Bien merci pour tout gof, tes interventions sont très claires et très pédagogique, bonne continuation donc :P

Voilà ! Et eu oui une dernière petite chose si tu pouvais me dire quoi enlever : http://dl.free.fr/n1B9mHZhS/Sanstitre.JPG, j'ai traffiqué avec paint pour que tu vois tout ce qui est actif. [edit] : avg par ex n'est utile qu'infecté puisque j'ai kaspersky, non ?

Eh bien il me reste aussi vundofix et flash desinfector. Non mon ordi ne semble plus avoir de problème, tu as accompli un miracle ! Sans rire je te remercie du fond du coeur, j'ai cru que la seule solution aurait été de tout remettre à zéro, et ainsi perdre énormément de donnés. (Mon disque n'est pas partitionné, et je ne sais pas comment faire) Et si tu veux bien prendre le temps de me donner quelques conseils je suis preneur !