atbmag

MBAM semble avoir résolu le problème. Merci pour votre compétence et votre disponibilité !

Et le rapport MBAM que j'ai finalement réussi à ouvrir : Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3449 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 29/12/2009 14:37:18 mbam-log-2009-12-29 (14-37-18).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 209304 Temps écoulé: 55 minute(s), 8 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 17 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\malware defense (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Trojan.FakeAlert) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\llllllllll\Menu Démarrer\Programmes\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\Malware Defense\mdefense.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\Malware Defense\mdext.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\Malware Defense\uninstall.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTdcxumvnbue.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTurawfmkjii.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTyblygluqup.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\H8SRTnfhamiehik.sys.vir (Malware.Packer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP0\A0000003.sys (Malware.Packer) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP0\A0000004.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP0\A0000005.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{D44870F8-BB07-46F8-A47D-4CAF911022A6}\RP0\A0000006.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\help.ico (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\md.db (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\llllllllll\Menu Démarrer\Programmes\malware Defense\Malware Defense Support.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\llllllllll\Menu Démarrer\Programmes\malware Defense\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\llllllllll\Menu Démarrer\Programmes\malware Defense\Uninstall Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Documents and Settings\llllllllll\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.

Rapport ComboFix : ComboFix 09-12-28.05 - llllllllll 29/12/2009 12:52:22.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2038.1334 [GMT 1:00] Lancé depuis: c:\documents and settings\llllllllll\Bureau\atbmag.exe AV: Norton AntiVirus 2005 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . ((((((((((((((((((((((((((((( Fichiers créés du 2009-11-28 au 2009-12-29 )))))))))))))))))))))))))))))))))))) . 2009-12-29 11:33 . 2009-12-29 11:33 -------- d-----w- c:\documents and settings\llllllllll\Application Data\Malwarebytes 2009-12-29 10:33 . 2009-12-29 10:33 388096 ----a-r- c:\documents and settings\llllllllll\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2009-12-29 10:33 . 2009-12-29 10:33 -------- d-----w- c:\program files\HJ 2009-12-29 10:11 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-29 10:11 . 2009-12-29 10:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-29 10:11 . 2009-12-29 10:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-29 10:11 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-29 08:43 . 2009-12-29 08:44 -------- d-----w- c:\program files\Malware Defense 2009-12-29 08:13 . 2009-12-29 08:13 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-12-13 08:48 . 2009-12-13 08:48 79488 ------w- c:\documents and settings\llllllllll\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-03 08:01 . 2008-01-09 11:28 27632 ------w- c:\windows\system32\drivers\seehcri.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-29 11:50 . 2008-12-02 20:12 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared 2009-12-29 10:04 . 2009-01-08 14:10 -------- d-----w- c:\program files\Goto software 2009-12-28 21:35 . 2009-03-04 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-12-23 09:23 . 2008-12-02 20:05 -------- d-----w- c:\program files\Google 2009-12-13 08:50 . 2008-12-02 19:53 -------- d-----w- c:\program files\Java 2009-12-13 08:48 . 2009-11-03 20:33 152576 ------w- c:\documents and settings\llllllllll\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-08 12:03 . 2008-12-29 18:23 -------- d-----w- c:\documents and settings\llllllllll\Application Data\FileZilla 2009-12-04 15:22 . 2008-12-02 19:42 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-03 08:01 . 2009-05-25 19:07 -------- d-----w- c:\program files\Sony Ericsson 2009-12-03 08:00 . 2009-05-25 19:09 -------- d-----w- c:\program files\Avanquest update 2009-11-18 18:43 . 2009-09-02 12:27 -------- d-----w- c:\documents and settings\llllllllll\Application Data\HpUpdate 2009-11-13 09:11 . 2006-01-26 20:35 85842 ------w- c:\windows\system32\perfc00C.dat 2009-11-13 09:11 . 2006-01-26 20:35 513736 ------w- c:\windows\system32\perfh00C.dat 2009-11-10 13:16 . 2008-12-02 20:05 -------- d-----w- c:\program files\Picasa2 2009-11-09 22:33 . 2008-12-02 20:27 69248 ------w- c:\documents and settings\llllllllll\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-11-09 22:32 . 2009-11-09 22:32 -------- d-----w- c:\program files\Guitar Pro 5 2009-11-07 22:34 . 2009-11-07 20:05 -------- d-----w- c:\documents and settings\llllllllll\Application Data\gtk-2.0 2009-11-07 20:02 . 2009-11-07 20:02 -------- d-----w- c:\program files\GIMP-2.0 2009-11-05 16:04 . 2009-08-21 10:20 -------- d-----w- c:\documents and settings\llllllllll\Application Data\U3 2009-10-29 07:42 . 2006-01-26 20:35 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2006-01-26 20:35 75776 ------w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2006-01-26 20:34 25088 ------w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-03 23:00 265728 ------w- c:\windows\system32\drivers\http.sys 2009-10-13 10:33 . 2006-01-26 20:34 271360 ------w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2006-01-26 20:35 79872 ------w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2006-01-26 20:35 150528 ------w- c:\windows\system32\rastls.dll 2009-10-11 03:17 . 2008-12-10 08:15 411368 ------w- c:\windows\system32\deploytk.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2008-08-24 4067328] "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-03-26 3558648] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-09-24 434176] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-25 94208] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288] "Malware Defense"="c:\program files\Malware Defense\mdefense.exe" [2009-12-29 1756088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2007-09-05 200704] "BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2007-09-05 208896] "TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-09 58416] "TrackPointSrv"="tp4serv.exe" [2007-04-26 91184] "TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176] "TpShocks"="TpShocks.exe" [2007-09-28 181544] "EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-03-28 243248] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-07 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-07 162328] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-07 137752] "TVT Scheduler Proxy"="c:\program files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940] "ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688] "LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2007-04-26 120368] "AMSG"="c:\progra~1\THINKV~1\AMSG\amsg.exe" [2007-02-01 419376] "DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696] "ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 126976] "cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-08-03 2630968] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2005-09-25 155648] "ccApp"="c:\program files\Fichiers communs\Symantec Shared\ccApp.exe" [2008-01-31 58728] "Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2008-12-03 100056] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BTTray.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-2-27 561213] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-12-2 50688] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify] ACNotify.dll [bU] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2] 2006-09-06 07:37 34344 ------w- c:\program files\Lenovo\HOTKEY\notifyf2.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey] 2006-12-14 02:06 28672 ------w- c:\program files\Lenovo\HOTKEY\tphklock.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [28/09/2007 16:28 19504] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [08/02/2007 13:11 569344] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [03/12/2009 09:01 27632] R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [10/05/2007 17:34 22832] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22/05/2007 15:59 30336] S2 gupdate1c99cba15f6f108;Service Google Update (gupdate1c99cba15f6f108);c:\program files\Google\Update\GoogleUpdate.exe [04/03/2009 12:12 133104] S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [03/12/2009 09:01 90112] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [25/05/2009 21:27 13224] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [25/05/2009 20:08 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [25/05/2009 20:08 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [25/05/2009 20:08 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [25/05/2009 20:08 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [25/05/2009 20:08 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [25/05/2009 20:08 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [25/05/2009 20:08 117672] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.mountainboard.fr/ uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\llllllllll\Application Data\Mozilla\Firefox\Profiles\drla5k2e.default\ FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll FF - plugin: c:\program files\Picasa2\npPicasa3.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1320) c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll c:\program files\Lenovo\HOTKEY\tphklock.dll - - - - - - - > 'explorer.exe'(2340) c:\windows\system32\btmmhook.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . Heure de fin: 2009-12-29 12:57:29 ComboFix-quarantined-files.txt 2009-12-29 11:57 ComboFix2.txt 2009-12-29 11:30 Avant-CF: 63 494 909 952 octets libres Après-CF: 63 455 002 624 octets libres - - End Of File - - 56C034B143CCA3B16AFC4AA3530F5BE1

Bonjour à tous, J'ai moi aussi récupéré ce truc qui semble bien virulent... Actions effectuées : - Téléchargement et application de Rkill - Téléchargement de MBAM mais impossible à lancer - Rapport HijackThis ci-dessous... que faire maintenant... ? Merci d'avance de votre aide... Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 11:34:07, on 29/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\tp4serv.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe C:\PROGRA~1\THINKV~1\AMSG\amsg.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\DOCUME~1\LLLLLL~1\LOCALS~1\Temp\settdebugx.exe C:\Program Files\Malware Defense\mdefense.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\iPod\bin\iPodService.exe C:\DOCUME~1\LLLLLL~1\LOCALS~1\Temp\wscsvc32.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\HJ\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mountainboard.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\amsg.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [settdebugx.exe] C:\DOCUME~1\LLLLLL~1\LOCALS~1\Temp\settdebugx.exe O4 - HKCU\..\Run: [Malware Defense] "C:\Program Files\Malware Defense\mdefense.exe" -noscan O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Service Google Update (gupdate1c99cba15f6f108) (gupdate1c99cba15f6f108) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 20731 bytes